Typosquatting

From DNSSeal Wiki
Jump to: navigation, search
Recommendation: Avoid
Avoid.jpg
Summary: Using a common misspelling of a well-known brand to get online traffic
Outcome: User confusion, monetary losses for trademark owner
Addressed by ICANN Policy: Y
Addressed by Legislation: Y
Related to: Cybersquatting

Typosquatting involves registering a domain name similar to a well-known domain name, such as that of a large company, by using common misspellings in order to get traffic through user errors when typing in the address.[1][2] An example would be registering dnssseal.org or dnssael.org and hoping to get traffic meant for dnsseal.org. Typosquatting is a type of Cybersquatting where the goal is to get web-traffic from accidental misspellings, as opposed to reselling the domain name to the brand or company at a higher rate.[2]

Public Perception

At the very least, typosquatting sites can be considered a nuisance by the users who accidentally access them. If the typosquatting website grossly infringes on the rights of its well-known counterpart or contains malware, its actions may be ruled illegal. Typosquatting is perceived in a more acceptable light when businesses preemptively register misspellings of their own domain names and redirect the misspelled traffic to the genuine site.[2]

Outcome

Typossquatting websites can lead to unsatisfactory user experiences and monetary losses.[3]

Historical Use

Typosquatting can be used to:

  • Redirect the user to a completely different website or to a "link or ad farm" so that the domain registrant can make a profit off of the traffic meant for the more popular site.[2]
  • Create a page that resembles the popular site in addition to having a similar domain name in order to trick people into entering personal information.[2][4] See Phishing.
  • Mimic Internet security websites to lure people into downloading malware masquerading as anti-virus protection.[5]

According to a 2010 study done by Fairwinds Partners, typosquatting costs brand owners associated with the 250 most trafficked sites over 360 million dollars in "unnecessary advertising costs, lost sales, and poor user experiences."[3] The high potential cost of typosquatting sometimes leads companies to preemptively register for common typos of their own brand names.[2]

ICANN Policy

  • Uniform Domain-Name Dispute-Resolution Policy (UDRP): this international policy, approved by ICANN with recommendations from the World Intellectual Property Organization (WIPO),[6] provides a platform for resolving conflicts relating to second-level domain names, including cybersquatting and typosquatting.[7][8] UDRP applies to disputes that involve the "alleged abusive registration of a domain name"[9] and that fit the following conditions:
    • "(i) the domain name registered by the domain name registrant is identical or confusingly similar to a trademark or service mark in which the complainant (the person or entity bringing the complaint) has rights; and
    • (ii) the domain name registrant has no rights or legitimate interests in respect of the domain name in question; and
    • (iii) the domain name has been registered and is being used in bad faith"[9]
  • Seeking UDRP Administrative Proceedings does not prevent a complainant from suing the registrant in court, although UDRP proceedings are often faster and less formal than court proceedings.[9]
  • See UDRP Policy Rules for more detailed information on UDRP Administrative Proceedings.
  • Uniform Rapid Suspension (URS) Policy: this policy can be used to suspend domain names that are "clear-cut cases of infringement caused by domain name registrations."[10] This approach is often deemed less costly and more time efficient than other proceedings; however, many popular domains are exempt from URS, including .com, .net, .info, .org, or any ccTLD.[10] A valid URS complaint can result in the offending domain being locked within 24 hours.[11]
  • 2013 Registry Agreement (RA): this agreement, which all new gTLD applicants were required to sign, states that registries must require their registrars to include policies that prohibit registrants from activities like "trademark or copyright infringement."[12] Additionally, registries are required to "periodically conduct a technical analysis to assess whether domains in the TLD are being used to perpetrate security threats" and to keep security files on threats and the actions taken by the registries.[12]

Legislation

  • Anticybersquatting Consumer Protection Act of 1999 (ACPA): This law makes "the bad faith, abusive registration and use of the distinctive trademarks of others as Internet domain names, with the intent to profit from the goodwill associated with those trademarks" illegal.[13]
    • Under ACPA, a company can seek money damages and the transfer or termination of the offending domain name.[13]
    • For example, in May 2013, Facebook was awarded 2.8 million dollars in an ACPA lawsuit against typosquatters and cybersquatters in addition to gaining control of the offending domain names.[14]
  • Additionally, if a typosquatting offense contributes to misleading Internet users by directing them to sites with pornographic or explicit content, the typosquatter can be charged under the Truth in Domain Names Act of 2003.[15][16]

DNS Award

Awardees do not participate in behaviors like typosquatting that take advantage of intellectual property rights and they take proactive steps to prevent such abuses.

Additional Resources

Related Articles

References

  1. Typosquatting at Webopedia
  2. 2.0 2.1 2.2 2.3 2.4 2.5 What Is Typosquatting?, WiseGeek.com
  3. 3.0 3.1 The Cost of Typosquatting: AN EXAMINATION OF ITS IMPACT ON THE TOP 250 MOST POPULAR WEBSITES (June 23, 2010), FairWinds Partners
  4. Typosquatters exploit misspelled variations of YouTube.com domain name by Rodel Mendrez (September 8, 2011), M86 Security Labs
  5. Fake antivirus software using stolen certificates, typosquatting by Serdar Yegulalp (December 16, 2013), InfoWorld
  6. Timeline for the Formulation and Implementation of the Uniform Domain-Name Dispute-Resolution Policy, Internet Corporation for Assigned Names and Numbers (ICANN)
  7. Domain Name Dispute Resolution Service for Generic Top-Level Domains, World Intellectual Property Organization (WIPO)
  8. Uniform Domain-Name Dispute-Resolution Policy, Internet Corporation for Assigned Names and Numbers (ICANN)
  9. 9.0 9.1 9.2 WIPO Guide to the Uniform Domain Name Dispute Resolution Policy (UDRP): A. Scope of the Uniform Domain Name Dispute Resolution Policy, WIPO
  10. 10.0 10.1 About Uniform Rapid Suspension System (URS), Internet Corporation for Assigned Names and Numbers (ICAN)
  11. The Internet is Expanding: Learn how to protect your trademark, ICANN
  12. 12.0 12.1 View the Updated Registry Agreement, ICANN
  13. 13.0 13.1 The Anticybersquatting Consumer Protection Act: Key Information by Martin Samson, Internet Library of Law and Court Decisions (Originally cited in Shields v. Zuccarini, 254 F3d 476 (3d Cir. 2001)
  14. Cybersquatting; typosquatting – Facebook’s $2.8 million in damages and domain names by Christy Roth, Marianne Dunham and Jason Watson (May 10, 2013), Lexology
  15. Truth in Domain Names Act of 2003, Cybertelecom Federal Internet Law and Policy: An Educational Project
  16. 18 U.S. Code § 2252B - Misleading domain names on the Internet, Legal Information Institute, Cornell University Law School