Typosquatting is a pervasive and lucrative practice, a form of cybersquatting for profit also called URL hijacking. While most large businesses like WordPress.com do act to protect their brands by registering possible misspellings of their trademarks and brands, those who own smaller businesses are often unaware such protective measures can be taken until it is too late.
“Typosquatting is the practice of registering domain names that are misspellings of website addresses and profiting from it by selling the domain, or capitalizing on the domain’s traffic through Google ads and/or selling products/services not related to the original brand. — Cybele Negris in Domain Typosquatting is Big Business
Authors Tyler Moore and Benjamin Edelman of Harvard School of Engineering and Applied Sciences describe how pervasive typosquatting is and who exactly is raking in the cash from it in Measuring the Perpetrators and Funders of Typosquatting (PDF file)
“At least 938,000 typosquatting domains target the top 3264 .COM sites, and we [the authors] crawl more than 285,000 of these domains to analyze their revenue sources. We find that 80% are supported by, often advertising the correctly spelled domain and its competitors. Another 20% include static redirection to other sites.”
“57% of typo sites include Google pay-per-click ads. Combining our observations with financial reports and others’ estimates, we conclude that Google’s revenue from typosquatting on the top 100,000 sites is $497 million per year.”
“From crawling typosquatting pages, we confirmed two main uses for traffic di-
verted to typo domains: placing pay-per-click ads and redirecting to other (often competing) domains. … We saw three practices in this vein: (i) self-registrations/defensive registrations, (ii) affilliate marketing and (iii) redirect or link to competing site. … We suspect typosquatting will continue so long as advertisers and ad networks continue to fuel and fund these practices.”
Cybersquatters may have a variety of intentions. The most common goal is to hold the domain hostage, so to speak, and name a ransom price at which the squatter hopes to sell it to the company, trademark holder, organization, or individual. Cybersquatters also simply try to garner visitors to their Web sites by exploiting a popular name, either to expand the audience for their own message or product or to boost their advertising revenue. — Cybersquatting
If you are a small business owner be aware of Typosquatting and consider taking protective measures.
“Your Contact Information is the single-most prized piece of data for hijackers searching for ways to infringe upon your domain names. At the time of registering your domain, ensure that you provide all your personal and business details through a well-secured medium. Ensure that in case of any change in the contact information, you update it immediately with your registrar.” — Defensive Domain Registration
Microsoft has done extensive research on typosquatting and cybersquatting, and has developed a tool called Strider Typo-Patrol. Using browser plug-ins, typosquatted and cybersquatted domain names can be blocked from resolving on a user’s computer (or at least from displaying ads). Strider URL Tracer also enables parents to block typo-squatting domains that serve adult ads on typos of children’s Web sites.