What is Typosquatting?
Typosquatting (also called URL hijacking) is the practice of registering domain names that are common misspellings, typos, or keyboard-adjacent variations of popular, legitimate domains. Typosquatters exploit users who accidentally mistype URLs, redirecting them to advertising pages, phishing sites, malware distribution, or competitor websites. This practice is often illegal when targeting trademarked brands.Common Typosquatting Techniques
Misspelling Types
| Type | Example (Target: google.com) |
|---|---|
| Missing letter | gogle.com, googl.com |
| Extra letter | googgle.com, gooogle.com |
| Adjacent key | googke.com, goofle.com |
| Transposition | googel.com, goolge.com |
| Wrong TLD | google.co, google.cm |
| Homoglyph | goog1e.com, googIe.com |
Keyboard Layout Exploitation
QWERTY keyboard adjacent keys:
G → F, H, T, Y, B, V
O → I, P, L, K
Common: foogle.com, goohle.com
Typosquatting Purposes
Malicious Uses
1. Phishing: Fake login pages stealing credentials
2. Malware: Drive-by downloads
3. Data harvesting: Capturing mistyped form submissions
4. Brand damage: Inappropriate or offensive content
Commercial Uses
1. Advertising: Display PPC ads for revenue
2. Affiliate fraud: Redirect to earn commissions
3. Competitor redirect: Send traffic to rivals
4. Domain sales: Sell to trademark holder
Scale of the Problem
For a popular brand like "facebook.com":
├── Hundreds of possible typos
├── Multiple TLD variations
├── International keyboard layouts
└── Mobile typing patterns different from desktop
Legal Status
UDRP Grounds
Typosquatting typically qualifies as:
- Bad faith registration
- No legitimate interest
- Confusingly similar to trademark
Legal Consequences
| Action | Outcome |
|---|---|
| UDRP | Domain transfer/cancellation |
| ACPA lawsuit | Up to $100,000 per domain |
| Trademark infringement | Damages + legal fees |
Protection Strategies
For Brand Owners
1. Register common typos: Defensive registrations
2. Monitor registrations: Watch for new typos
3. UDRP enforcement: Challenge bad actors
4. TMCH enrollment: Sunrise protection for new TLDs
5. Browser/search partnerships: Autocorrect integration
For Users
1. Use bookmarks: Avoid typing sensitive URLs
2. Check URL carefully: Before entering credentials
3. Use password managers: Won't autofill on wrong domains
4. Enable browser warnings: Security features on
Defensive Registration Example
For brand: example.com
Register defensively:
├── exampel.com
├── exampl.com
├── exapmle.com
├── example.co
├── example.net
├── example.org
└── examle.com
Detection Tools
- Domain monitoring services
- WHOIS alert services
- Typo generation tools
- DNS monitoring
- Brand protection services
Related Threats
| Threat | Method |
|---|---|
| Typosquatting | Misspelled domains |
| Homoglyph attack | Similar-looking characters |
| Combosquatting | Brand + word (nike-shoes.com) |
| Bitsquatting | Bit-flip variations |
| Soundsquatting | Phonetically similar |
Typosquatting represents a persistent threat to both brand owners and internet users, requiring proactive defensive registration and vigilant monitoring to protect against abuse.