Typosquatting

From Wikipedia, the free encyclopedia

An incorrectly entered URL could lead to a website operated by a cybersquatter.

Typosquatting, also called URL hijacking, is a form of cybersquatting which relies on mistakes such as typographical errors made by Internet users when inputting a website address into a web browser. Should a user accidentally enter an incorrect website address, they may be led to an alternative address owned by a cybersquatter.

1 Overview
2 Combatting typosquatting
3 Typosquatting and the law
- 3.1 Free speech, not unfair competition
4 Examples of typosquatting
5 "Catchall" typosquatting
6 See also
7 External links

[edit] Overview

Generally, the victim site of typosquatting will be a frequently visited website. The typosquatter's URL will usually be one of four kinds, all similar to the victim site address:

(In the following, the intended website is "example.com")

A common misspelling of the intended site: exemple.com
A misspelling based on typing errors: xample.com or exxample.com
A differently phrased domain name: examples.com
A different top-level domain: example.co.uk

Once in the typosquatter's site, the user may also be tricked into thinking that they are in fact in the real site; through the use of copied or similar logos, website layouts or content. Sometimes competitors of the victim site will do this.

Alternatively, the user will be forwarded to a site of a completely different nature to what they intended. This tactic was infamously used by John Zuccarini, who redirected domains targeting children to pornographic websites. Sometimes, the typosquatters will use the false addresses to distribute viruses, adware, spyware or other malware. Some are also shock sites. More common are benign domain parking sites, selling advertising to firms based on keywords similar to the misspelled word in the domain.

As with cybersquatting in the past, the term typosquatting has been used by covetous parties in an effort to unseat domain registrants from brandable variants of generic domain names. The shortage of poignant and generic domain names in the coveted .com generic top-level domain has left many hopeful registrants with no alternative but to locate catchy variants of existing generic words e.g. Orbitz.com (popular travel site with "z" to replace the "s") in an effort to find "new land" on which to build their website. As in the preceding example the line between typosquatting and registering a brandable variant of a generic domain name blurs dependent on the circumstance of each situation.

[edit] Combatting typosquatting

A victim website will usually send a cease and desist letter to the offender at first, in attempt to quell the activity.

They may also try to purchase the website address from the typosquatter, which could have been the typosquatter's aim all along.

Occasionally, lawsuits will be taken against the offending site or individual.

A company may try and preempt typosquatting by obtaining a number of websites with common misspellings and redirect them to the main, correctly spelled website. For example www.gooogle.com, www.goolge.com, www.gogle.com www.gewgle.com, and others, all redirect to www.google.com. In another example, actor and politician Arnold Schwarzenegger is reported to control the domains with the ten most common misspellings of his surname.

Microsoft has released new software to help combat this issue. The software is called "Strider Typo-Patrol". This is a tool that scans and shows third-party domains that are allegedly typosquatting. It also lets parents restrict access to typo-squatting domains that show sexually oriented ads on typos of children's web sites.

[edit] Typosquatting and the law

"Typosquatting" is a meaningless term where the law is concerned. Laws generally are not concerned about registrations of domain names that are similar to other domain names or similar to existing trademarks, unless some other important factor is involved.

Criminal laws are mostly silent about the registration of domain names that are typographically similar to other names. The first (perhaps only?) example of such a criminal law is a US law making it illegal to use a "misleading" domain name for the purpose of deceiving a person to access obscenity.

Non-criminal law is primarily concerned with unfair competition between people who register domain names that are typographically similar to known trademarks. This is the "hook" for trademark infringement: not simply using the same or a similar name, but using the same or a similar name for the purpose of competition with the trademark owner. In other words, it may be perfectly acceptable to use a domain name that is confusingly similar to an existing trademark IF the web page standing behind the new domain name is not used to compete with the trademark owner, OR if the web page standing behind the new domain name is used to help consumers to locate the product identified in the trademark.

[edit] Free speech, not unfair competition

On April 17, 2006, controversial evangelical Jerry Falwell, lost an appeal to the Supreme Court to stop Christopher Lamparello from using "www.fallwell.com". Relying on a plausible misspelling of Falwell's name, Lamparino's gripe site presents misdirected visitors with scriptural references that counter the fundamentalist preacher's scathing rebukes against homosexuality. The high court affirmed a 2005, Fourth Circuitfinding that "the use of a mark in a domain name for a gripe site criticizing the markholder does not constitute cybersquatting."

Mitigating in favor of Mr. Lamparino's case was that his website did not mimic Falwell's site stylistically so as to confuse site visitors into believing that Falwell endorsed Lamparello's site content. Further, that Lamparino's site is non-commercial, preempts a claim of unfair business practises. Whereas, a communicative forum for comment and criticism constitutes a "bona fide non-commercial or fair use" of a trademark interest, under the Anticybersquatting Consumer Protection Act (ACPA).

[edit] Examples of typosquatting

Wikipedia is a victim of typosquatting: www.wiipedia.org, www.eikipedia.org, www.wilipedia.org, en.wikipedi.org, en.wikipediia.org and www.wikipedi.com [as of 2006], are all websites which contain pop-up ads, spyware/adware downloads, and ad-generating search engines.
A related gambit is obtaining "800" numbers that correspond to misspellings; a good illustration is AT&T's sudden abandonment of "1-800-OPERATOR" and replacing it with "1-800-CALL-ATT". It seems that many Americans don't know how to spell operator, enough that MCI Communications was raking in a lot of business with "1-800-OPERATER", reaping the benefits of AT&T's advertising. (In both numbers, the final "R" is superfluous.)
The National Austrian Public Service Broadcaster "ORF" was typosquatted by 0rf.at a net art site.
Google's anti-typosquatting defense is incomplete; as of April 2006, "http://www.goggle.com" redirects to a rogue software vendor rather than to Google. The site attempts to spam users with a popup and foist an executable download upon them without any further user action.

[edit] "Catchall" typosquatting

In addition to purchases of individual domain name, several attempts have been made by larger corporations to profit from users' typos by redirecting them without their knowledge.

Microsoft's Internet Explorer automatically redirects users' mistyped URL queries to their MSN Search page. Though a user can reconfigure their browser to use a different search tool, Google, one of MSN's biggest rivals, is not in the list. However, on their web site, Google has explained how to make their search engine the IE default for mistyped urls.
In 2003, top-level domain registry operator VeriSign's Site Finder automatically redirected traffic sent to unregistered domains. This caused a fair amount of outrage from the Internet standards community, and an emergency patch to BIND was issued to circumvent VeriSign's actions. VeriSign disabled the service after only three weeks.
Paxfire, a startup company, sells partner Internet service providers a tool that redirects mistyped queries to a Paxfire-generated page with sponsored advertiser content related to the mistyped "hotword". Revenue generated from user clicks is split between Paxfire and the Internet service provider.
Certain types of malware pose as browser plugins and redirect a user's web requests or search queries without their knowledge or consent, even if the URLs themselves are properly typed.
In August 2006, the operators of the ccTLD for the nation of Cameroon added a wildcard DNS record for the entirety of the .cm TLD. Since .cm is a common possible typo for .com, some have argued that this action constitutes a form of typosquatting. ICANN does not have any direct control over what national registrars do with their ccTLDs (as it did for VeriSign).