We all know how easy it is to mistype a web address. Cybercriminals know this too and take advantage of it by using slightly different variations of well-known domain names to build websites. Known as typosquatting, this phenomenon is posing a growing problem for brand owners as well as consumers. Research is scarce but indicates that more than 20% of all .com domain registrations are typo domains and their number is increasing.
In this blog post, we guide you through how typosquatting works and how you can prevent typosquatting to protect your customers and your business.
Typosquatting is a practice through which a website host registers domain names similar to popular brands that contain misspellings or typographical errors like “amzon.com” instead of “amazon.com”. As web addresses are prone to typos, infringers seek to get an advantage from internet users who are unaware that they are navigating on an untrustworthy website. Typo domains usually lead to web-optimized landing pages and fake websites that generate profits for the hosts or trick users into revealing personal data.
Typosquatting domains appear in different forms. Here are the most common traps to keep in view in order to prevent typosquatting:
URL hijacking and typosquatting are risk factors referring to the web address of a business. They both potentially put a brand’s reputation, profits and overall security in danger but they use different approaches as we will outline here.
As pointed out above, typosquatting is registering a look-alike website URL similar to the genuine URL of an established brand that actually includes typos, misspelling, variations or false TLDs. Malicious intentions of typosquatters include phishing campaigns, impersonation attacks and redirecting traffic to rogue websites because of typos.
However, URL hijacking – also referred to as cybersquatting – is the practice of registering domain names of established brands or organizations with the intent of reselling them in the future, usually to the legitimate trademark holder to make a profit. Another technique is redirecting traffic to a website where other products are being offered by simply using the name of a legitimate brand. This happens sometimes when hijacked URLs don’t find a buyer.
Let’s have a closer look now at how typosquatting is actually used and how it can affect brands and consumers:
Given the endless number of typosquatting opportunities for infringers, you might ask yourself how to deal effectively with this potential threat to your brand. There are some manual actions to consider, although conquering typosquatting efficiently and systematically requires technological solutions.
As a first step, you can register different country top-level domains and a number of possible mistyped domain names of your brand and send visitors of those sites automatically to your original website.
You can check your own domain registration and mistyped variations of it. In case you find similar versions of your domain name you should check whether it’s necessary to take action against a defrauder.
Finding typosquatting websites and taking them down from the web is time-consuming and bundles resources you might better apply in other business areas of your company.
Red Points’ technology-based domain management solution streamlines the search for typosquatting websites. Detection is conducted on a broader scale and is much more time-efficient than a manual search.
The same efficiency tradeoff applies for reporting and taking down typosquatting websites. Going through the process manually is inefficient when dealing with recurring cases. Usually, a site is taken down within a few days but it can also take much longer when managing the case manually.
Red Points offers a powerful and comprehensive reporting and removal solution that covers typosquatting attacks. Bot-powered search, self-improving detection through machine learning and automatic enforcements prevent your business from being targeted by typosquatting websites.