What is Cybersquatting?

Cybersquatting, typosquatting or domain squatting  (also known as domain squatting) is the abusive practice of registering and using an internet domain name that is identical or similar to trademarks, service marks, personal names or company names with the bad faith intent of hijacking traffic for financial profit, delivering malware payloads or stealing intellectual property. Cybersquatting scams are on the rise with 5,516 new cases filed in 2022 — a 10% increase from 2021.1

In the U.S. the domain “whitehouse.com” is one of the earliest and most well-known cases of cybersquatting. Since .com is a more common domain than .gov, users often mistakenly enter “whitehouse.com” instead of “whitehouse.gov,” which diverts people away from the legitimate site. Because of the explicit content on the site, “whitehouse.com” is considered one of the most egregious examples of domain name misuse.

Screenshot-2024-02-21-at-1.00.48 AM

2024 CrowdStrike Global Threat Report

The 2024 Global Threat Report unveils an alarming rise in covert activity and a cyber threat landscape dominated by stealth. Data theft, cloud breaches, and malware-free attacks are on the rise. Read about how adversaries continue to adapt despite advancements in detection technology.

Download Now

Cybersquatting vs Typosquatting and Gripe Sites

An organization’s web presence provides one of the richest customer engagement channels. However, bad actors undermine these digital investments every day by registering lookalike domains. Here are the three most common methods they use:

Cybersquatting

Cybersquatters look for companies or famous people who haven’t registered their domain yet. Knowing these people will want to create a website, cybersquatters snatch up domains on the cheap and then demand a high price for handing them over. As another approach for turning the domain into profits, cybersquatters often use the domain to generate money through advertising on the website.

Typosquatting

Making a typing error while entering a domain is a common mistake. Typosquatters bank on the likelihood of these human errors and buy lookalike domains that have a slight spelling variation from the correct brand name. Some examples include rnarriott.com, wikiepdia.org and yuube.com. The typosquatter’s intent is always malicious, using the site to unleash malware, phishing or another attack payload on any unfortunate user who makes the typo. Actors may combine typosquatting domain within a phishing email to get higher response ratios.

Gripe Sites

Gripe websites complain about a specific topic, which typically is a person, business or product. The intent of a gripe site may be to offer constructive criticism but, most often, is to express contempt for the subject. There’s even a “.gripe” domain extension for website domains that are dedicated to complaining and posting negative comments.

How to Take Action Against Cybersquatting

Cybersquatting can be a pressing problem for many companies as it can lead to customer turnover, identity theft, data loss, brand image and financial loss. As such, it is important to detect domain abuse and secondly know how to take action against cybersquatting in order to protect your company’s reputation and financial interests.

Detecting domain abuse

Detecting targeted domain abuse can be accomplished via digital risk protection tools or services. These offerings received newly domain registrations and can detect creating of look-a-like domains via specific algorithms. Newly registered domains are compared and if they match too close the user domain, alerts will be generated. It is important to detect the domain BEFORE the new site is fully operational so any brand impact, identify or data loss can be avoided.

Anti-cybersquatting legislation

If you think you have a cybersquatting problem, it’s helpful to start with a bit of investigation. You can begin by searching the WHOIS database to identify the domain owner. From there, you can contact the owner to better understand their willingness to let go of the domain or to sell it at a price you consider reasonable.

If the situation can’t be resolved that easily, you might need to fight the cybersquatting issue with legal proceedings. Consulting with an attorney can help you determine if your case is supported by today’s anti-cybersquatting legislation. Some of these include:

Anti-Cybersquatting Piracy Act (ACPA) is a U.S. law that was passed in 1999 to protect the intellectual property rights of trademark owners from cybersquatters. It allows trademark owners to take legal action against anyone who registers, sells or uses a domain name that is identical or confusingly similar to their registered trademarks. This law ensures that trademark owners have the right to protect their intellectual property from being used without their permission.

Lanham Act is a federal U.S. law that protects the trademarks of businesses and organizations. It was passed in 1946 and has been amended several times since then, including a 1999 amendment that addresses cybersquatting. The Lanham Act is an important tool for businesses to protect against cybersquatting by allowing the owner of a protected mark to file a civil action against a cybersquatter in cases where the facts show the cybersquatter demonstrates a bad faith intent to profit from the domain name.

Internet Corporation for Assigned Names and Numbers (ICANN) is an American nonprofit organization that is responsible for assigning domain names and IP addresses, as well as ensuring that domain name registrations are not abused or misused. In particular, ICANN helps resolve cybersquatting disputes by arbitrating issues about abusive domain name registrations. If the complainant wins, the domain must be transferred or canceled upon request.

Examples of cybersquatting cases that went to court

Nicole Kidman

In 2001, the movie star Nicole Kidman took legal action against a website called NicholeKidman.com — a typosquatting domain that took advantage of the alternative spelling of the actress’ first name. The domain was registered by an individual who tried to pass the website off as the real Nicole Kidman. The dispute was brought before the WIPO Arbitration and Mediation Center where it was decided that the domain was being used in bad faith and should be transferred to Nicole Kidman’s ownership.

Tom Cruise

Tom Cruise took on notorious cybersquatter, Jeff Burgar, in 2006 and won his court case. Tom Cruise’s lawyers argued that the actor had “common law trademark and service mark rights” in the term “Tom Cruise” and that Burgar was making advertising money from the domain, which would redirect traffic to Celebrity1000.com. The WIPO panel decided in favor of Tom Cruise.

Dell

The computer giant took legal action against three website registrar firms in 2007, accusing them of unlawfully registering and profiting from 1,100 domain names that were “confusingly similar” to Dell’s own trademarks. Dell’s successful lawsuit helped serve as a clear signal of the lengths that the company would take to protect the brand from being used in a way that could mislead consumers and damage its reputation.

These cases highlight how important it is for companies and people of notoriety to protect their brand, name and image in the digital age.

Steps to prevent cybersquatting or domain squatting

Trademark your domain name

Cybersquatting is a growing problem in the digital world. To protect yourself from this bad “netiquette” challenge, you should consider trademarking your website domain name. This will put you in a better position to take legal action (and win) against anyone who registers a domain that is similar to yours. Trademarking your domain name will help you stop cybersquatters in their tracks and protect your website from any malicious activities.

Register Different Variations of Your Domain

Although this doesn’t seem a cost-effective method initially, registering different variations of your domain is an effective, proactive measure to prevent cybersquatting. This will ensure that no one else can buy out variations of your domains for malicious purposes. By registering different variations, you can redirect traffic to your main domain name to prevent cybersquatting and protect your online presence.

Building Up Your Cybersecurity Posture with CrowdStrike

Cybersquatting is a growing problem in the digital world that can negatively impact businesses of all sizes. Infringing domains hurt your brand trust, customer experience and bottom line. With the increasingly complex cyber threat landscape, companies need to invest in leading cybersecurity solutions to protect their brand, data and systems.

CrowdStrike is here to help businesses build up their cybersecurity posture and prevent financial losses due to cybersquatting and other cyber risks. By leveraging CrowdStrike’s Digital Risk Protection tools like Falcon Intelligence Recon and Recon+ service organizations can stay ahead of the threats posed by cyber criminals and ensure that their data and digital investments are safe from malicious actors.  CrowdStrike Recon+  team can prepare for the customer a takedown package with exact findings, evidence and recommended actions for maximal efficiency in fighting typosquatting or brand abuse

Learn More

Take action against threats happening beyond the perimeter and strengthen protection for your organization’s brand, identities and sensitive data.

CrowdStrike Falcon® Counter Adversary Operations

Bart is Senior Product Marketing Manager of Threat Intelligence at CrowdStrike and holds +20 years of experience in threat monitoring, detection and intelligence. After starting his career as a network security operations analyst at a Belgian financial organization, Bart moved to the US East Coast to join multiple cybersecurity companies including 3Com/Tippingpoint, RSA Security, Symantec, McAfee, Venafi and FireEye-Mandiant, holding both product management, as well as product marketing roles.