As if a global pandemic and an economic downturn weren’t enough to manage, companies also have to worry about “typosquatting.” That’s when scammers, hackers and other exploiters hijack website domain names.
Fraudsters buy variants of domain names that feature common misspellings or typographical errors in company names, such as “Gooogle” and “Verizan.” The practice is known as typosquatting. They may also buy derogatory versions of a company’s URL, such as “Verizonbites” and “ScrewVerizon.”
‘Bewear’ the Impostors
Typosquatters and scammers buy the domains to resell them or use the sites for nefarious purposes. They may redirect the domains to sites loaded with advertising or shady offers. They may also attempt to steal user information, such as passwords and credit card information.
Impostor sites may also contain malware or ransomware. Users don’t even need to click on anything. Visiting a malicious site is enough. Impostor look-alike sites may even trick people into thinking they’re visiting the real deal with logos, photos and seemingly harmless content.
It’s easy and cheap for scammers to buy domain names. For standard .com, .org and .net addresses, anyone can buy and register domains for about $10 to $15 apiece. While the fee renews annually, fraudsters sit tight and pay, hoping to cash in later.
Typosquatting can affect brands significantly. People who visit impostor sites will associate the bad experience with those brands, particularly if they’re redirected to malicious sites or – worse – get malware or ransomware on their computers. Typosquatters can also affect companies’ search engine rankings by redirecting traffic to bogus sites.
Businesses such as Lego and Verizon have reportedly spent jaw-dropping sums to purchase as many domain names as possible to protect their brands. It’s much easier for companies to protect themselves when registering their domain names than it is to buy variants from typosquatters.
How to Protect Your Brand
Big, well-known brands are more susceptible to typosquatting and URL hijacking than small, lesser-known companies. Don’t assume, however, that being off the radar is a safety net. Every company is vulnerable.
All businesses should take a proactive approach to protect their brands. The No. 1 precaution is to buy as many similar or related domain names as possible. Companies may not have the budgets to cover every possible variation, but selecting the most obvious domains for .com, .org. and .net addresses is a wise investment.
Name “spinners” can help companies identify possible variations. These tools recommend available domain names based on keywords. Otherwise, it’s up to human ingenuity to think of the possible combinations and register them before fraudsters do.
Businesses that don’t register multiple domains are taking a big risk. It can cost thousands of dollars per domain to try to get each one back, as well as a lengthy court battle.
The Anti-Cybersquatting Consumer Protection Act (ACPA) allows trademark owners to sue alleged typosquatters in federal court. The courts can force typosquatters to transfer domain names back to trademark owners. That costs money, however, and it’s not foolproof.
Those who don’t want to be caught buying domain names hide their identities, often making it impossible to find them. In addition, companies must already have registered trademarks for their brands and/or company names before trying to get their domain variants away from typosquatters.
One More Option
It’s possible to save money and time by waiting typosquatters out in the hopes they give up the financial ransom and move on. But they may not let go. Is it really worth taking that risk? Learn more about typosquatting here.
Now, Over to You
Have you registered multiple domain names for your company? If not, have you checked to be sure someone isn’t typosquatting your site? Let us know in the comments below.