Typosquatting

Typosquatting involves registering a domain name similar to a well-known domain name, such as that of a large company, by using common misspellings in order to get traffic through user errors when typing in the address. An example would be registering dnssseal.org or dnssael.org and hoping to get traffic meant for dnsseal.org. Typosquatting is a type of Cybersquatting where the goal is to get web-traffic from accidental misspellings, as opposed to reselling the domain name to the brand or company at a higher rate.

Public Perception
At the very least, typosquatting sites can be considered a nuisance by the users who accidentally access them. If the typosquatting website grossly infringes on the rights of its well-known counterpart or contains malware, its actions may be ruled illegal. Typosquatting is perceived in a more acceptable light when businesses preemptively register misspellings of their own domain names and redirect the misspelled traffic to the genuine site.

Outcome
Typossquatting websites can lead to unsatisfactory user experiences and monetary losses.

Historical Use
Typosquatting can be used to: According to a 2010 study done by Fairwinds Partners, typosquatting costs brand owners associated with the 250 most trafficked sites over 360 million dollars in "unnecessary advertising costs, lost sales, and poor user experiences." The high potential cost of typosquatting sometimes leads companies to preemptively register for common typos of their own brand names.
 * Redirect the user to a completely different website or to a "link or ad farm" so that the domain registrant can make a profit off of the traffic meant for the more popular site.
 * Create a page that resembles the popular site in addition to having a similar domain name in order to trick people into entering personal information. See Phishing.
 * Mimic Internet security websites to lure people into downloading malware masquerading as anti-virus protection.

ICANN Policy

 * Uniform Domain-Name Dispute-Resolution Policy (UDRP): this international policy, approved by ICANN with recommendations from the World Intellectual Property Organization (WIPO), provides a platform for resolving conflicts relating to second-level domain names, including cybersquatting and typosquatting. UDRP applies to disputes that involve the "alleged abusive registration of a domain name" and that fit the following conditions:
 * "(i) the domain name registered by the domain name registrant is identical or confusingly similar to a trademark or service mark in which the complainant (the person or entity bringing the complaint) has rights; and
 * (ii) the domain name registrant has no rights or legitimate interests in respect of the domain name in question; and
 * (iii) the domain name has been registered and is being used in bad faith"


 * Seeking UDRP Administrative Proceedings does not prevent a complainant from suing the registrant in court, although UDRP proceedings are often faster and less formal than court proceedings.


 * See UDRP Policy Rules for more detailed information on UDRP Administrative Proceedings.


 * Uniform Rapid Suspension (URS) Policy: this policy can be used to suspend domain names that are "clear-cut cases of infringement caused by domain name registrations." This approach is often deemed less costly and more time efficient than other proceedings; however, many popular domains are exempt from URS, including .com, .net, .info, .org, or any ccTLD. A valid URS complaint can result in the offending domain being locked within 24 hours.


 * View the technical procedure and policy rules for URS


 * 2013 Registry Agreement (RA): this agreement, which all new gTLD applicants were required to sign, states that registries must require their registrars to include policies that prohibit registrants from activities like "trademark or copyright infringement." Additionally, registries are required to "periodically conduct a technical analysis to assess whether domains in the TLD are being used to perpetrate security threats" and to keep security files on threats and the actions taken by the registries.

Legislation

 * Anticybersquatting Consumer Protection Act of 1999 (ACPA): This law makes "the bad faith, abusive registration and use of the distinctive trademarks of others as Internet domain names, with the intent to profit from the goodwill associated with those trademarks" illegal.
 * Under ACPA, a company can seek money damages and the transfer or termination of the offending domain name.
 * For example, in May 2013, Facebook was awarded 2.8 million dollars in an ACPA lawsuit against typosquatters and cybersquatters in addition to gaining control of the offending domain names.


 * Additionally, if a typosquatting offense contributes to misleading Internet users by directing them to sites with pornographic or explicit content, the typosquatter can be charged under the Truth in Domain Names Act of 2003.

DNS Award
Awardees do not participate in behaviors like typosquatting that take advantage of intellectual property rights and they take proactive steps to prevent such abuses.

Additional Resources

 * Submit a UDRP complaint to one of these Approved Dispute Resolution Service Providers
 * Read the complete Fairwinds Partners' study: The Cost of Typosquatting

Related Articles

 * Cybersquatting
 * UDRP
 * URS