We answer the question “what is typosquatting” and look at how you can prevent URL hijacking from happening to your business…

Imagine you’re an ecommerce customer. You go to your favorite website and buy something nice, but then your order never comes. So, you contact your favorite website, but they say they never got an order from you. You check your browser history and realize that you typed their website as  sunglases.com instead of sunglasses.com. How did this happen? This would be a case of typosquatting (or what’s also known as URL hijacking).

Now imagine you are the website owner of sunglasses.com and you’re losing customers to a cleverly designed imposter website. This is obviously not good for your revenue or your brand reputation. And that’s one of the dangers of typosquatting for business owners.

In this article, we’ll further answer the question “what is typosquatting?” by giving you a typosquatting definition and examples before looking at some ways to prevent it.

What Is Typosquatting – A Quick Definition

For those who want a quick typosquatting definition, here you go. Typosquatting is a form of cybersquatting that targets users who misspell the URLs they type into their web address bars (hence the word “typo”). This typo would lead users to an imposter website that may have malicious intentions. These typos could be:

  • Adding or removing letters (such as “verzon.com instead of “verizon.com”),
  • Swapping numbers for letters (“1” instead of “l”), or even
  • Adding random punctuation into the URL (such as adding an extra period).

There’s really no limit to what type of website a typosquatter will target, but it’s most beneficial for them to target high-traffic websites. This could be popular brand names, major companies, or even well-known celebrities.

As for why typosquatters invest time into pulling off these scams, they do it to gain money in some form or fashion. For those who want to know more about typosquatting and may not have known what I meant when I said “cybersquatting,” then keep on reading…

What Is Cybersquatting?

According to the Anticybersquatting Consumer Protection Act, cybersquatting is:

“The registration, trafficking in, or use of a domain name that is identical to, confusingly similar to, or dilutive of a trademark or service mark of another that is distinctive at the time of registration of the domain name, without regard to the goods or services of the parties, with the bad-faith intent to profit from the goodwill of another’s mark.”

In layman’s terms (and how it most commonly occurs), cybersquatting is when someone obtains a domain knowing an established brand wants or would eventually want it. Then, the owner of the domain would attempt to sell the domain to the brand owner. If found guilty, this is a punishable offense via the act referenced above.

The person in question of cybersquatting would have to be deemed they intended in “bad faith” for them to be found of wrongdoing. The process of determining if someone acted in bad faith includes the consideration of nine factors.

Let’s Explore a Couple of Cybersquatting Examples…

An example of cybersquatting would be if a local taco restaurant started experimenting with a promotion titled “TacoMania.” The promotion ends up being a hit and they trademark the term. However, an unaffiliated individual sees the popularity of the term and foresees the domain tacomania.com as having a lot of potential value to the restaurant that they can capitalize on. So, this person buys the domain with the intention of turning around and selling the domain to the restaurant.

A real-world example of cybersquatting is the story of MikeRoweSofe vs Microsoft. Basically, a teenager by the name of Mike Rowe bought the domain mikerowesoft.com. Microsoft felt that the domain was too similar to their company name. They offered Mike $10 for the domain, which he countered asking for $10,000. After a brief 15 minutes of fame as the “little guy” fighting against “the man,” Microsoft claimed this was a case of cybersquatting. They ultimately settled out of court for an Xbox.

Yeah, I can’t make this stuff up. While this all seems silly, what Mike did was, indeed, a questionable act and could be considered an act of cybersquatting.

How Do You Know If You’re a Victim of Cybersquatting?

A sign of cybersquatting is if the owner of the domain isn’t using it for anything. This is especially the case if you type in the domain name and it leads you to a site that is simply advertising that the domain name is for sale. This doesn’t mean that the domain owner is unquestionably cybersquatting, but it should raise suspicion.

Another dubious use of a domain in question is if the domain owner is simply using the site to advertise your competitors. Going back to our TacoMania example, if the domain owner was only using the domain to advertise local Mexican restaurants other than yours, then you could color yourself very suspicious. Your options here would be to take legal action or, if you deem more affordable, just buy the domain from the person who currently owns it.

What Is Typosquatting – A Detailed Look

As mentioned earlier, typosquatting is a type of cybersquatting. It is also known as URL hijacking due to the fact that the typosquatter is basically attempting to hijack traffic that is intending to go to a different URL. Taking advantage of users who make typos when entering a URL into their browser’s URL field, typosquatting is an easy mistake to make.

Some of the types of typosquatting you may come across could include:

  • Typos or Common Misspellings — A typo could be something like gooogle.com. As far as a common misspelling, this could be like using the incorrect spelling “firey” instead of the correct spelling fiery (i.e., “fireyfoods.com” instead of “fieryfoods.com”).
  • Leaving Letters or Punctuation Out — This could look like espn.cm or wwwespn.com.
  • Adding Punctuation In — Something like “CheapSSL-Security.com” instead of “CheapSSLsecurity.com” would be an example of this.
  • Changing the Domain Extension — Microsoft.org instead of Microsoft.com.

These are some of the common ways a cybercriminal could use typosquatting to trick you. Please make sure to always double check your URL. You can also check a website’s identity through their SSL certificate details by clicking on the padlock icon besides the URL and then on “certificate.”

Typosquatting graphic: a screenshot of Microsoft.com's website security certificate
A depiction of a user clicking on the HTTPS padlock icon.
Typosquatting graphic: a screenshot of Microsoft.com's SSL/TLS certificate information
A depiction of a user clicking on “certificate” after clicking on the padlock icon to verify that this website is in fact Microsoft.

The Difference Between Typosquatting and Cybersquatting

As explained above:

  • Typosquatting is when a “typosquatter” buys a URL that looks similar to an established website but contains a stealthy typo.
  • While cybersquatting is when someone buys a domain name that is related to an established brand, so they can sell it to the brand later at a higher price.

While typosquatting is technically a type of cybersquatting, they’re generally categorized as two separate acts as detailed above. So, the biggest fundamental difference here is the end game. Both scams need users to think they’re visiting the legitimate website for a company or brand when they’re really not. So, the biggest difference between these types of scams is: 

  • Typosquatters are trying to get users to interact and engage with their mock website in some way.
  • While someone who is cybersquatting ultimately wants to sell their “hijacked” URL.

The Dangers of Typosquatting and How It Affects You

Typosquatting can be dangerous for both the user typing in the wrong domain and the website that is being impersonated. For the user, making this simple mistake can lead to something rather harmless or a malicious site.

Users could end up on a website that:

  • Redirects you to another website that sells products of the competitor to the site you were intending to go.
  • You could also end up on a website that makes fun of the site you were intending to go.

Those last two were most likely the best-case scenario. These are some of the more dangerous potential outcomes of landing on a typosquatting website:

  • The website mimics your intended website and entices you to purchase something with great deals. When you think you are buying a product, you are really giving your credit card number and contact information to a cybercriminal.
  • You experience the same scenario above and you just never receive the item. Yeah, this really sucks.
  • A similar scenario as the first, but this time, the imposter website installs malware onto your device. Yikes! And what makes matters worse is that this will happen without your knowledge. This can wind up leading you onto a website with malicious ads.
  • You’ll find yourself the victim of identity or financial fraud. When giving your personal information away to a dangerous website, this can lead to significant identity or financial theft.
  • These attacks are not limited to the common end-user, either. If you operate in the B2B world, an attack like this could be used against other businesses.

For website owners who have their website mimicked in a typosquatting attack, there are some dangers for you as well. Mainly related to loss of customers and in turn, loss of revenue.

  1. Potential customers are not making it to your website.
  2. The customers who are landing on a malicious site, most likely have a bad taste in their mouth (even if it’s not your fault). This could lead to your brand reputation being damaged if word gets around that there are fake websites that look like yours and are dangerous.

How a Website Owner Can Prevent Typosquatting

If you’re a website owner, I am sure you’re wondering if there is a way you can prevent this from happening to your business. Here are a few ways to get ahead of typosquatting:

Buy Similar Domains

You can get ahead of the issue by buying up similar domain names. They will be relatively cheap and worth it considering the headaches you can avoid. If you’re wondering what domains you should buy, you can experiment with different domain names in a tool that will tell you what traffic a domain is getting, such as SEMRUSH. For example, YouTube.com got 22 billion visits in February 2021.

what is typosquatting example: A screenshot from SEMRUSH of YouTube.com that shows its web traffic statistics
Screenshot from SEMRUSH depicting how much traffic YouTube.com received in February 2021.

The typosquatting domain yutube.com, on the other hand, got 6.9K visitors in the same period.

A what is typosquatting example of a typosquatting domain yutube.com and its web traffic statistics
Screenshot from SEMRUSH depicting how much traffic yutube.com received in February 2021.

It’s worth it for a brand like YouTube to buy up this domain and other similar typosquatting domains (if they haven’t already) because of the number of visits it gets each month. Your misspelled domain names likely won’t have jarring traffic numbers like this (unless you’re a major corporation), but it will at least give you an idea as to what are the most commonly misspelled variations of your domain name.

Buy an EV SSL Certificate and Display Site Seals

A way to make it easier for your users to be able to identify they are on the correct website is to purchase and install an EV SSL certificate. By going through a more extensive validation process, users will be able to identify who you are via your certificate details (as shown earlier). This provides more assurance than a DV or OV SSL certificate, which do not showcase your company details as clearly (or in the case of DV, at all).

Most EV SSL certificates also come with a site seal, which further cements you are a secure and trusted website. All of these visual indicators will allow your users to easily identify they are not on a typosquatting website.

Here are some examples of website security trust seals and how much trust they can help you build with site users:

site seals comparison graphic

User research conducted via Google Surveys shows that customers trust McAfee SECURE certification up to 10x more than other site seals.

Trademark Your Brand Name

Another way to help combat typosquatting attacks is to trademark your brands. This could include your brand names, tag lines, and logos. You can file your trademark with the United States Patent and Trademark Office (USPTO). This will help provide protection/recourse in the event you find yourself in the middle of a typosquatting investigation.

In terms of prevention, a savvy typosquatter may be scared off by someone who has covered their bases with trademarked brands. Rather than try to scam you, they’ll then target someone who has not taken the proper steps to protect their brand instead.

What Is Typosquatting – A Final Word

We’ve come to the end of our journey. You now know what typosquatting is, what cybersquatting is, some examples of both and can likely answer the question “what is typosquatting?” easily. To stay safe as a user when shopping on an ecommerce website, make sure to double check what website you are on and check the SSL certificate details.

For website owners, get ahead of this problem by buying commonly used misspelled versions of your domain, trademarking your brand, and buying an EV SSL certificate!

Author

Welcome to Savvy Security, a blog focused on providing practical cybersecurity advice for website owners and small businesses. Our team brings you the latest news, best practices and tips you can use to protect your business...without a multi-million dollar budget or 24/7 security teams.