A Guide to Understanding Domain Squatters
Table of contents
When there are fake search results for your enterprise, what do you do? What if the fake results link to malware, phishing attempts, or illicit content? Protecting brands from domain squatters is now a huge headache for CISOs. What do you do if hackers misrepresent your company name, products or services online? When someone registers in bad faith domains that are associated with your enterprise, then your brand — and your business — are at risk.
In this guide on domain squatting, we go over some of the basics, as well as cover types of cybersquatting and classic legislation like the Anticybersquatting Consumer Protection Act and processes like the Uniform Domain-Name Dispute-Resolution Policy (UDRP).
Interested in a trend report? Check out our blog, 6 Things to Know About Domain Squatting in 2024.
Let’s dive in!
What is domain squatting?
Domain squatters are modern day privateers who commandeer the Internet domains of others. Domain squatters register, traffic in, or use an internet domain with bad faith to profit from the goodwill of a trademark belonging to someone else.
Hijacked web domains are not new; and their incidence is up. According to the World Intellectual Property Organization (WIPO), cybersquatting cases have seen a significant rise in recent years. In 2023, WIPO reported a record 5,928 case filings under the Uniform Domain Name Dispute Resolution Policy (UDRP), marking a 7% increase from 2022. This is also true for cybersquatting cases which are steadily increasing.
Why WIPO data is cause for concern (and even more legal action!)
For example, this year so far, the organization has received 1,929 cybersquatting cases. The arbitration of these cases have involved over 4,000 domain names, reflecting a continued increase in domain name disputes filed in the past 12 years.
Since the creation of the UDRP the total number of domain name dispute cases have risen to over 67,000.
So what exactly is the basic squatted domain case that leads to these filings? Usually, when domain squatters register an internet domain associated with the domain name of your company, they may try to sell that domain to your company — or use the domain for nefarious activity, such as hosting malware, pornographic content, or other content that effects you the user was not expecting. When fake search results reflect negatively on your enterprise, it does damage to your reputation and business, regardless of whether it’s your site.
“Domain names involving fraud and phishing or counterfeit goods pose the most obvious threats, but all forms of cybersquatting affect consumers, trademark holders, and the Internet itself as an open, accessible, and trusted platform for information, commerce, and exchange.”
Francis Gurry, Director General of WIPO.
Europe is also experiencing a steady rise cybersquatting and trademark infringement cases, highlighting that domain owners are fighting back in droves. The Court of Justice of the European Union (CJEU) addressed significant trademark-related cases recently including the case of Audi v GQ case and the La Quadrature du Net case. The latter explored the intersection of personal data protection and IP enforcement in online copyright infringement.
A brief rundown of domain squatting forms
Beyond criminal, there are other forms of cybersquatting. Cybersquatters often take advantage of current events and trends, so it’s likely that brands related to emerging technologies, popular consumer products, or companies in the news might be desirable targets.
Let’s quickly review these cybersquatting scams.
Cybersquatting
From large global corporates to small businesses; all CISOs and SOC team members are interested in preventing the following attacks.
Typosquatting: Also known as URL hijacking, a string site, and fake URL, typosquatters take advantage of typical misspellings used in search. Typosquatters will use misspellings, different phrasing, variations of target domain, and fake websites.
Identity theft: Cybersquatters monitor when a domain owner does not renew a domain, and will swoop in and surreptitiously register that domain. Next, the hacker may try to sell the domain to the original owner or link the domain to whatever site they want, including potentially a copy of the original website.
Name jacking:This is when someone registers a domain name associated with a famous individual. Celebrities are often targeted for this kind of cybersquatting. There is no trademark protection for people who are not famous. If someone registers a domain in your name and you are not famous, it is difficult to force that person to release the domain.
Reverse cybersquatting: This is when someone tries to pressure the domain owner into transferring legitimate ownership to another person or organization that has registered a trademark that is reflected in the domain name.
Protective Domain Squatting
This is a proactive measure that enterprises take to prevent the hijack of their domains. This legal form of domain squatting is when companies register multiple versions of their domains in order to protect their brand name. The company does not intend to use these domains, but registering them prevents criminals from doing so.
Unintentional Domain Squatting
Registering a domain that is your name — and similar to a trademarked brand name — can put you in a situation where you are forced to relinquish the domain.
This situation is unintentional domain squatting: when a person registers a domain that they did not know was similar to a trademarked name. When this happens, the trademarked business may try to buy the domain from you. They can also take you to court to obtain the domain name.
How to avoid business disruption from domain squatters
At CybelAngel, we focus on hijacked domains so you don’t have to. Thanks to augmented machine learning, we can identify sensitive data leaks, including hijacked domains.
We fight these threats by combining the techniques of active and passive searching. T to protect brands from impersonation on all top-level domains and subdomains. We monitor not only active domains, but also those that are dormant, waiting to be used. This allows our clients to focus on truly bad domains and cybersquatting attempts that are actual threats rather than noise.
With the increased e-commerce presence with industries like retail, entertainment, and media & internet, it is normal to see a higher-than-average risk involving malicious websites.
Website subdomains belonging to these organizations were hijacked to redirect users to malware, porn, online gambling, and other unexpected content. For instance, a subdomain of Xerox was hijacked to host pages linking to websites advertising escorts, kitchenware, and oil paintings — all in an attempt to leverage Xerox.com‘s reputation to boost the linked sites’ search engine rankings.
Heavy handed with cybersquatters. Light on resources
With CybelAngel at work, we identify and track domain squatters and sensitive data leaks through to remediation (as requested). Whether it’s cybersquatting on a client’s products, services, brand, or Internet domains, when our platform identifies a significant risk, it’s assessed and an instant alert is sent to the client, along with a rank of risk severity.
New to CybelAngel? Watch how we take on cybercriminals with our External Attack Surface Management suite.
Protect against cybersquatting cases
The CybelAngel remediation team can successfully take down 95% of malicious domains, with no need for your input. If you are keen to find out where your data is vulnerable, get in touch with our domain protection experts.
You can read more about our analysis of domain squatting trends so far this year over on this blog. Our findings reflect disputes that have accelerated thanks to AI, and other bad faith intent trends.