Typosquatting: Difference between revisions

An incorrectly entered URL could lead to a website operated by a cybersquatter.

Typosquatting, also called URL hijacking, is a form of cybersquatting which relies on mistakes such as typographical errors made by Internet users when inputting a website address into a web browser. Should a user accidentally enter an incorrect website address, they may be led to an alternative website owned by a cybersquatter.

Overview

Generally, the victim site of typosquatting will be a frequently visited website. The typosquatter's URL will usually be one of four kinds, all similar to the victim site address:

(In the following, the intended website is "example.com")

• A common misspelling, or foreign language spelling, of the intended site: exemple.com
• A misspelling based on typing errors: xample.com or examlpe.com
• A differently phrased domain name: examples.com
• A different top-level domain: example.org

Once in the typosquatter's site, the user may also be tricked into thinking that they are in fact in the real site; through the use of copied or similar logos, website layouts or content. Sometimes competitors of the victim site will do this^{[citation needed]}.

Alternatively, the user will be forwarded to a site of a completely different nature to what they intended. This tactic was infamously used by John Zuccarini, who redirected domains targeting children to pornographic websites. Sometimes, the typosquatters will use the false addresses to distribute viruses, adware, spyware or other malware. Some are also shock sites. More common are benign domain parking sites, selling advertising to firms based on keywords similar to the misspelled word in the domain.

As with cybersquatting in the past, the term typosquatting has been used by covetous parties in an effort to unseat domain registrants from brandable variants of generic domain names. The shortage of poignant and generic domain names in the coveted .com generic top-level domain has left many hopeful registrants with no alternative but to locate catchy variants of existing generic words e.g. Orbitz.com (popular travel site with "z" to replace the "s") in an effort to find "new land" on which to build their website. As in the preceding example, the line between typosquatting and registering a brandable variant of a generic domain name blurs dependent upon the circumstance of each situation.

Combatting typosquatting

A victim website will usually send a cease and desist letter to the offender at first, in an attempt to quell the activity.

It may also try to purchase the website address from the typosquatter, which could have been the typosquatter's aim all along.

Occasionally, lawsuits will be taken against the offending site or individual.

A company may try and preempt typosquatting by obtaining a number of websites with common misspellings and redirect them to the main, correctly spelled website. For example www.gooogle.com, www.goolge.com, www.gogle.com, www.gewgle.com, and others, all redirect to www.google.com.

Microsoft has released new software to help combat this issue. The software is called "Strider Typo-Patrol". This is a tool that scans and shows third-party domains that are allegedly typosquatting. It also lets parents restrict access to typo-squatting domains that show sexually oriented ads on typos of children's web sites. Caution should be exercised as to how results from this tool are interpreted. It highlights misspelt sites which use cookies and employ HTTP re-directions. Both of these are commonly used mechanisms for providing Web Services and don't necessarily mean a site is hosted by a domain squatter.

Typosquatting and the law

"Typosquatting" is a meaningless term where the law is concerned. Laws generally are not concerned about registrations of domain names that are similar to other domain names or similar to existing trademarks, unless some other important factor is involved.

Non-criminal law is primarily concerned with unfair competition between people who register domain names that are typographically similar to known trademarks. This is the "hook" for trademark infringement: not simply using the same or a similar name, but using the same or a similar name for the purpose of competition with the trademark owner. In other words, it may be perfectly acceptable to use a domain name that is confusingly similar to an existing trademark IF the web page standing behind the new domain name is not used to compete with the trademark owner, OR if the web page standing behind the new domain name is used to help consumers to locate the product identified in the trademark.

Free speech, not unfair competition

On April 17, 2006, controversial evangelical Jerry Falwell failed to get the Supreme Court to review a decision allowing Christopher Lamparello to use "www.fallwell.com". Relying on a plausible misspelling of Falwell's name, Lamparello's gripe site presents misdirected visitors with scriptural references that counter the fundamentalist preacher's scathing rebukes against homosexuality. The high court let stand a 2005 Fourth Circuit finding that "the use of a mark in a domain name for a gripe site criticizing the markholder does not constitute cybersquatting."

Mitigating in favor of Mr. Lamparello's case was that his website did not mimic Falwell's site stylistically so as to confuse site visitors into believing that Falwell endorsed Lamparello's site content.

Further, that Lamparello's site is non-commercial preempts a claim of unfair business practices. Whereas, a communicative forum for comment and criticism constitutes a "bona fide non-commercial or fair use" of a trademark interest, under the Anticybersquatting Consumer Protection Act (ACPA).

On his site, Lamparello provided a link to an Amazon.com webpage selling a book he favored. The court determined this did not diminish the communicative function of his website, saying use of a domain name to engage in criticism or commentary "even where done for profit" does not alone show a bad faith intent to profit (Lamparello did not stand to gain financially from sales of the book at Amazon.com).

This case demonstrated the importance of balancing the property interests of trademark owners with the interests of Internet users who seek to make lawful uses of others' marks, “including for purposes such as comparative advertising, comment, criticism, parody, news reporting, fair use, etc." When the alleged infringer establishes a gripe site that criticizes the markholder, the markholder must show a “bad-faith attempt” on the part of the infringer to profit from the misuse.

Examples of typosquatting

• Wikipedia is a victim of typosquatting: en.wiipedia.org, en.wikpedia.org, www.eikipedia.org, www.wilipedia.org, en.wikipedi.org, en.wikipediia.org, www.wikipedi.com and www.wikipaedia.org as of 2007, are all websites which contain pop-up ads, spyware/adware downloads, and ad-generating search engines.
• A related gambit is obtaining "800" numbers that correspond to misspellings; a good illustration is AT&T's sudden abandonment of "1-800-OPERATOR" and replacing it with "1-800-CALL-ATT". Many callers would misspell operator, thus MCI Communications was raking in a lot of business with "1-800-OPERATER", reaping the benefits of AT&T's advertising. (In both numbers, the final "R" is superfluous.)
• The National Austrian Public Service Broadcaster "ORF" was typosquatted by 0rf.at a net art site.
• Google's anti-typosquatting defense is incomplete; as of April 2006, "http://www.goggle.com" redirects to a rogue software vendor rather than to Google. The site attempts to spam users with a popup and foist an executable download upon them without any further user action. Also www.googl.com is another similarly named website with a search engine.
• Apparently people at gni.org are "typosquatting" Savannah, since there is an SSH server running at savannah.gni.org.^[1]
• Domino's Pizza's UK website, www.dominos.co.uk, will redirect you to British Sky Broadcasting's package ordering site if it is misspelled as www.dominoes.co.uk.
• The .cm registry in Cameroon has been accused of redirecting misspelled .com addresses to an ad-based search page. Internet authorities in Cameroon, the West African nation that owns the ".cm" top level domain (TLD), have been accused of authorising a DNS wildcard that has the effect of redirecting all accidental .cm traffic instead of returning an error.
• The New Zealand auction site TradeMe is parodied at tardme.co.nz.

"Catchall" typosquatting

In addition to purchases of individual domain name, several attempts have been made by larger corporations to profit from users' typos by redirecting them without their knowledge.

• Microsoft's Internet Explorer automatically redirects users' mistyped URL queries to their MSN Search page. Though a user can reconfigure their browser to use a different search tool, Google, one of MSN's biggest rivals, is not in the list. However, on their web site, Google has explained how to make their search engine the IE default for mistyped urls.
• In 2003, top-level domain registry operator VeriSign's Site Finder automatically redirected traffic sent to unregistered domains. This caused a fair amount of outrage from the Internet standards community, and an emergency patch to BIND was issued to circumvent VeriSign's actions. VeriSign disabled the service after only three weeks.
• Paxfire, a startup company, sells partner Internet service providers a tool that redirects mistyped queries to a Paxfire-generated page with sponsored advertiser content related to the mistyped "hotword". Revenue generated from user clicks is split between Paxfire and the Internet service provider.
• Certain types of malware pose as browser plugins and redirect a user's web requests or search queries without their knowledge or consent, even if the URLs themselves are properly typed.
• In August 2006, the operators of the ccTLD for the nation of Cameroon added a wildcard DNS record for the entirety of the .cm TLD. Since .cm is a common possible typo for .com, some have argued that this action constitutes a form of typosquatting. ICANN does not have any direct control over what national registrars do with their ccTLDs (as it did for VeriSign).
• In 2007, Verizon launched a service quite similar to the Paxfire catchall redirection that redirects subdomain traffic and nonexistent domains for all of their internet customers.

See also

• Phishing
• DNS
• Top-level domain
• UDRP
• URL
• Anticybersquatting Consumer Protection Act

Notes

1. Maintenance Docs FaQ

Further reading

• "The Internet Commerce Association Code of Conduct". InternetCommerce.org. Retrieved 2007-09-13. The Internet Commerce Association's (ICA) Member Code of Conduct expresses the ICA's recognition of the responsibilities of its members to the intellectual property, domain name, and at large Internet communities and will guide members in conducting their domain name investment and development activities with professionalism, respect and integrity.
• "The Coalition Against Domain Name Abuse to Combat Cybersquatting". ComplianceAndPrivacy.com. Retrieved 2007-09-20. With growing ease and profitability, sophisticated cybersquatters are exploiting a flaw in the domain name registration process whereby domain names are registered and subsequently dropped, risk free, within an accepted 5-day grace period.

External links

• The man who owns the Internet - (CNNMONEY.com, May 22 2007) This article is about Kevin Ham the man responsible for the Cameroon .cm wild-card redirect ploy.
• The Typo Millionaires (Slate, 11 February, 2005) - This article's author identifies new forms of typosquatting, including VeriSign's Site Finder and Paxfire.
• Slashdot discussion, Google Wins Typosquatting Dispute.
• "Typosquatting A Growth Industry"
• "Typical typo-generator"
• Strider URL Tracer with Typo-Patrol at Microsoft Research
• Strider Typo-Patrol Project at Microsoft Research
• Typosquatting and the .eu Top-Level Domain'
• Youtube: Goggle.com'

(Droit-technologie.org, June 26, 2007)

• "Extent of Typo-Squatting in 2007-2008"
• "State of Typo-Squatting in 2007"