Typosquating is a form of domain name cybersquatting wherein an individual has cleverly registered a domain name that is based upon a typo or misspelling of an established brand name and/or domain name. There are a variety of reasons why people set up typosquatter domain names. They may set up a desirable variation on a domain name, such as a plural or singular version of a well-known domain, in order to hold it hostage speculatively with the plan of selling it to the primary domain name owner for a significant profit. Or, they may set it up in hopes of profiting off of the type-in traffic which then translates into advertising revenue or affiliate clicks and sales. Or, they may set it up with even more malicious motives in mind, intending to fool consumers into thinking it is the official website to trick them into typing-in their login passwords (this would be a type of “trojan horse” exploit), or the typo domain could be set up so vulnerable consumers would land on the site only to get infected with adware or malware viruses.
Typosquatting domains can be based on a few different forms. Some typo domains are derived from common domain name misspellings associated with each letter’s nearest keys on QUERTY keyboards — many hundreds of possible letter combinations can be derived for a single domain name in this way. Yet other typo domains are simply the most-common misspellings for a name. And, there are other, more subtle types of domain misspellings that can occur beyond these two common types.
In our experience, very few companies perform thorough policing for typosquatting of their existing domain names. Even some of the companies providing trademark monitoring services fail to check-for and detect some types of typosquatting infringement.
Companies involved with financial transactions and security services are particularly targeted by nefarious typosquatters in order to compromise the financial or physical security of their clients. Failure to rapidly detect typo misspelling domain names when they appear can be directly correlated to greater degrees of exposure for innocent consumers.
Chris Smith is an experienced expert in detecting sophisticated forms of typosquatting, and investigating the history and ownership of domain names. During his work for Verizon and in a number of subsequent legal cases, Smith has discovered previously undetected typosquatter domain names. If you are fighting issues like piracy of your company’s products, or seeking to improve security of your customers, contact the typosquatting expert who can provide thorough detection, investigation and identification of predatory domains.