What is cybersquatting? Avoid sites imitating brands
Cybersquatting is an unauthorized registration and use of domain names linked to protected trademarks or people. People execute domain squatting with ill or illegal intentions, mainly user deception or profit.
Scammers register the domain names of well-known brands to trick visitors into believing they landed on legitimate sites. However, it can also be a get-rich venture, ransoming services for unregistering an internet domain.
In other cases, domain name registrations could include personal names, likely celebrities or high-profile figures.
What is cybersquatting?
Cybersquatting can abuse popular services by occupying domain names related to them. It does not always have malicious goals, like stealing sensitive information or money. However, it can be illegal if cybersquatting violates trademark law or intellectual property.
For instance, cybersquatting could involve speculators monitoring domain name expiration dates. During that brief window of opportunity, they purchase domain names and can offer previous owners to repurchase them.
A recent cybersquatting dispute involved a startup called Don’t Know Your Customer (DontKYC.com) and Deloitte’s accounting firm. The latter claimed that the Know your Customer programs bore a solid resemblance to DontKYC.com. However, Deloitte did not prove that the startup used the name with bad intentions.
Usually, scammers pick businesses or online shopping platforms for cybersquatting. According to Palo Alto Networks statistics, most imitated domains targeted the following companies in 2019:
- Paypal.com.
- Apple.com.
- Royalbank.com.
- Netflix.com.
- Linkedin.com.
- Amazon.com.
- Dropbox.com.
- Tripadvisor.com.
- Bankofamerica.com.
- Banorte.com.
Other common cybersquatting examples
Here is how a website had invited potential buyers of paypal-payment.com:
Another cybersquatting example, occupying apple-payment.com, showcased how dubious it can look:
Luckily, browsers have become smarter in detecting cybersquatting websites. For instance, when trying to enter Apple.com and making a typo, the browser could show warnings:
So, domain squatting can occur under different circumstances and techniques.
Reaping the benefits of mistyped URLs
Instead of Facebook.com, users could type Facebook.co or Facbook.com. In this case, the two mistyped URLs still lead to legitimate Facebook sites.
However, it is because Meta purchased these mistyped domains and redirected users. Criminals could find loopholes in such protection and host fake websites with misspelled names.
Domain owners offer to sell the domain
People can register domain names with the sole purpose of selling them. So, the mistyped name could not present copycat platforms. Instead, speculators are only after financial gain from the targeted service.
Abbreviated names of services
Instead of typing the entire domain name, users might try abbreviating it. So, instead of Facebook.com, they could try Fb.com. Meta is also the registrant of this domain name to prevent cybersquatters.
Taking advantage of popular name variations
Companies could create domain names confusingly similar to trademarks. It could be a way to boost sales and make false assumptions. In other cases, it could register domain names like Facebook-login.com or Whatsappdownload.site. In such cases, the intention might be to get users to download software or provide their personal information.
Creating websites with different TLDs
Cybersquatting can also relate to registering domain names featuring not the original top-level domains (TLDs). So, instead of the original .com, it might feature .net, .info, .biz, etc.
Registering domain names of promising people
Registering a domain name of a person before they become famous could be an investment in the future.
What can cybersquatting aim to achieve?
Cybersquatting can be an unethical way for speculators to sell domain names for an inflated price. However, criminals could exploit domain names for more malicious intentions.
-
Stealing users’ credentials or private information
Phishing tactics could accompany cybersquatting. The registered domains then imitate well-known brands and can offer goods and services.
Trusting the site, users might make payments or provide their credentials for login. In both cases, criminals can steal these details.
Furthermore, some phishing attacks do not need to feature mistyped or related domain names. In 2017, researchers created an identical replica of Apple.com by using Unicode.
-
Spreading malicious software
Cybersquatting can hide malicious software downloads behind notorious design elements. That can include exclusive free software deals or unrelated applications. In reality, such copycat websites can host malware.
In the Palo Alto Networks study, a website mimicking Samsung distributed Azorult malware. The latter worked as an information stealer. However, websites can spread various infections, like crypto miners, adware, Trojans, spyware, etc.
-
Reward or lottery scams
The domains registered with ill intent can include pop-ups or messages of giveaways or prizes. For instance, e-commerce websites could be the most believable venue for criminals to gain victims’ trust. However, even unexpected services can be bait.
Here is an example of a Facebook-related lottery. Officially, Facebook never organizes lotteries or sweepstakes. Thus, all propositions making such claims are fraudulent.
Another example shows a sites.google.com domain attempting to trick users with a fake association to Google:
-
Tricking users with deceptive tech support messages
Cybersquatting could pick domain names associated with antivirus or security software. Then, they set up tech support scams, which can be after multiple things:
- Personal information like banking account details or PINs.
- Remote access to allegedly infected devices.
- Propositions for additional security software.
- Recommendations to call tech support specialists.
However, do not fall for such fear-inducing messages and visual warnings. Legitimate tech support teams never require financial information, remote access, or premium plans to fix issues.
-
Username cybersquatting
Username squatting refers to individuals using a trademark or personal name to register a social media account. Usually, such action aims to release bogus information related to official services.
For instance, giveaways are one of the most common ways, likely requiring payments upfront. Scammers will post a message, hoping users apply for the advertised good. Then, they require alleged winners to send payments in Amazon or Walmart gift cards. In other cases, Zelle or Cash App could be the preferred payment method due to the lack of buyer protections.
Is cybersquatting illegal?
Yes, cybersquatting is illegal. One of the most notable anticybersquatting legislation is the Anticybersquatting Consumer Protection Act (ACPA). It is a federal law in the US forbidding domain names associated with trademarks or personal names.
Internationally, the World Intellectual Property Organization (WIPO) deals with cybersquatting cases. Trademark owners can issue complaints hoping to prove that an entity has abused their sites.
How to protect your domain name from cybersquatting?
Brand owners should prepare for cybersquatting attempts. One of the first steps is registering your brand or personal name as a trademark. Only then will you have grounds for a case under ACPA or another law.
Another solution is buying more top-level domain names to prevent scammers from taking advantage of them. Do not forget to keep an eye out for domain name expiration dates. The most popular TLDs include .com, .org, .net, .biz or country-based ones.
How to recognize cybersquatting websites?
Visitors of cybersquatted websites should not trust just any domain resembling their known brands. Before buying or revealing information to it, follow these recommendations:
- Look at the website address. Perform all actions for checking link safety to be sure that you landed on an official page.
- Find whether the site uses HTTPS. A common red flag with fake websites is that they still use HTTP.
- Take notice of suspicious visual elements. Scammers usually promote too-good-to-be-true deals, initiate redirects, or showcase too many ads and pop-ups.
- Have an active VPN. If a website aims to steal data due to unprotected connections, a Virtual Private Network can help. It encrypts data, preventing scammers from reading it.