What is cybersquatting? Avoid sites imitating brands

Anton P. | September 19, 2022

Cybersquatting is an unauthorized registration and use of domain names linked to protected trademarks or people. People execute domain squatting with ill or illegal intentions, mainly user deception or profit.

Scammers register the domain names of well-known brands to trick visitors into believing they landed on legitimate sites. However, it can also be a get-rich venture, ransoming services for unregistering an internet domain.

In other cases, domain name registrations could include personal names, likely celebrities or high-profile figures.

What is cybersquatting? Avoid sites imitating brands 1

What is cybersquatting?

Cybersquatting can abuse popular services by occupying domain names related to them. It does not always have malicious goals, like stealing sensitive information or money. However, it can be illegal if cybersquatting violates trademark law or intellectual property.

For instance, cybersquatting could involve speculators monitoring domain name expiration dates. During that brief window of opportunity, they purchase domain names and can offer previous owners to repurchase them.

A recent cybersquatting dispute involved a startup called Don’t Know Your Customer (DontKYC.com) and Deloitte’s accounting firm. The latter claimed that the Know your Customer programs bore a solid resemblance to DontKYC.com. However, Deloitte did not prove that the startup used the name with bad intentions.

Usually, scammers pick businesses or online shopping platforms for cybersquatting. According to Palo Alto Networks statistics, most imitated domains targeted the following companies in 2019:

  1. Paypal.com.
  2. Apple.com.
  3. Royalbank.com.
  4. Netflix.com.
  5. Linkedin.com.
  6. Amazon.com.
  7. Dropbox.com.
  8. Tripadvisor.com.
  9. Bankofamerica.com.
  10. Banorte.com.

Other common cybersquatting examples

Here is how a website had invited potential buyers of paypal-payment.com:What is cybersquatting? Avoid sites imitating brands 2

Another cybersquatting example, occupying apple-payment.com, showcased how dubious it can look:

What is cybersquatting? Avoid sites imitating brands 3

Luckily, browsers have become smarter in detecting cybersquatting websites. For instance, when trying to enter Apple.com and making a typo, the browser could show warnings:

What is cybersquatting? Avoid sites imitating brands 4

So, domain squatting can occur under different circumstances and techniques.

Reaping the benefits of mistyped URLs

Instead of Facebook.com, users could type Facebook.co or Facbook.com. In this case, the two mistyped URLs still lead to legitimate Facebook sites.

However, it is because Meta purchased these mistyped domains and redirected users. Criminals could find loopholes in such protection and host fake websites with misspelled names.

Domain owners offer to sell the domain

People can register domain names with the sole purpose of selling them. So, the mistyped name could not present copycat platforms. Instead, speculators are only after financial gain from the targeted service.

Abbreviated names of services

Instead of typing the entire domain name, users might try abbreviating it. So, instead of Facebook.com, they could try Fb.com. Meta is also the registrant of this domain name to prevent cybersquatters.

Taking advantage of popular name variations

Companies could create domain names confusingly similar to trademarks. It could be a way to boost sales and make false assumptions. In other cases, it could register domain names like Facebook-login.com or Whatsappdownload.site. In such cases, the intention might be to get users to download software or provide their personal information.

Creating websites with different TLDs

Cybersquatting can also relate to registering domain names featuring not the original top-level domains (TLDs). So, instead of the original .com, it might feature .net, .info, .biz, etc.

Registering domain names of promising people

Registering a domain name of a person before they become famous could be an investment in the future.

What can cybersquatting aim to achieve?

Cybersquatting can be an unethical way for speculators to sell domain names for an inflated price. However, criminals could exploit domain names for more malicious intentions.

  1. Stealing users’ credentials or private information

Phishing tactics could accompany cybersquatting. The registered domains then imitate well-known brands and can offer goods and services.

Trusting the site, users might make payments or provide their credentials for login. In both cases, criminals can steal these details.

Furthermore, some phishing attacks do not need to feature mistyped or related domain names. In 2017, researchers created an identical replica of Apple.com by using Unicode.

  1. Spreading malicious software

Cybersquatting can hide malicious software downloads behind notorious design elements. That can include exclusive free software deals or unrelated applications. In reality, such copycat websites can host malware.

In the Palo Alto Networks study, a website mimicking Samsung distributed Azorult malware. The latter worked as an information stealer. However, websites can spread various infections, like crypto miners, adware, Trojans, spyware, etc.

  1. Reward or lottery scams

The domains registered with ill intent can include pop-ups or messages of giveaways or prizes. For instance, e-commerce websites could be the most believable venue for criminals to gain victims’ trust. However, even unexpected services can be bait.

Here is an example of a Facebook-related lottery. Officially, Facebook never organizes lotteries or sweepstakes. Thus, all propositions making such claims are fraudulent.

What is cybersquatting? Avoid sites imitating brands 5

Another example shows a sites.google.com domain attempting to trick users with a fake association to Google:

What is cybersquatting? Avoid sites imitating brands 6

  1. Tricking users with deceptive tech support messages

Cybersquatting could pick domain names associated with antivirus or security software. Then, they set up tech support scams, which can be after multiple things:

  • Personal information like banking account details or PINs.
  • Remote access to allegedly infected devices.
  • Propositions for additional security software.
  • Recommendations to call tech support specialists.

However, do not fall for such fear-inducing messages and visual warnings. Legitimate tech support teams never require financial information, remote access, or premium plans to fix issues.

  1. Username cybersquatting

Username squatting refers to individuals using a trademark or personal name to register a social media account. Usually, such action aims to release bogus information related to official services.

For instance, giveaways are one of the most common ways, likely requiring payments upfront. Scammers will post a message, hoping users apply for the advertised good. Then, they require alleged winners to send payments in Amazon or Walmart gift cards. In other cases, Zelle or Cash App could be the preferred payment method due to the lack of buyer protections.

Is cybersquatting illegal?

Yes, cybersquatting is illegal. One of the most notable anticybersquatting legislation is the Anticybersquatting Consumer Protection Act (ACPA). It is a federal law in the US forbidding domain names associated with trademarks or personal names.

Internationally, the World Intellectual Property Organization (WIPO) deals with cybersquatting cases. Trademark owners can issue complaints hoping to prove that an entity has abused their sites.

How to protect your domain name from cybersquatting?

Brand owners should prepare for cybersquatting attempts. One of the first steps is registering your brand or personal name as a trademark. Only then will you have grounds for a case under ACPA or another law.

Another solution is buying more top-level domain names to prevent scammers from taking advantage of them. Do not forget to keep an eye out for domain name expiration dates. The most popular TLDs include .com, .org, .net, .biz or country-based ones.

How to recognize cybersquatting websites?

Visitors of cybersquatted websites should not trust just any domain resembling their known brands. Before buying or revealing information to it, follow these recommendations:

  • Look at the website address. Perform all actions for checking link safety to be sure that you landed on an official page.
  • Find whether the site uses HTTPS. A common red flag with fake websites is that they still use HTTP.
  • Take notice of suspicious visual elements. Scammers usually promote too-good-to-be-true deals, initiate redirects, or showcase too many ads and pop-ups.
  • Have an active VPN. If a website aims to steal data due to unprotected connections, a Virtual Private Network can help. It encrypts data, preventing scammers from reading it.
Get all benefits VPN can provide

Get all benefits VPN can provide

Experience the internet without limits — no geo-blocks, censorship, or tracking. Atlas VPN is your daily companion for a more open & secure internet!
Anton P.

Anton P.

Former chef and the head of Atlas VPN blog team. He's an experienced cybersecurity expert with a background of technical content writing.



© 2024 Atlas VPN. All rights reserved.