From Seo Wiki - Search Engine Optimization and Programming Languages

Jump to: navigation, search
An incorrectly entered URL could lead to a website operated by a cybersquatter.

Typosquatting, also called URL hijacking, is a form of cybersquatting which relies on mistakes such as typographical errors made by Internet users when inputting a website address into a web browser.[citation needed] Should a user accidentally enter an incorrect website address, they may be led to an alternative website owned by a cybersquatter.[1]



The typosquatter's URL will usually be one of four kinds, all similar to the victim site address:

(In the following, the intended website is "example.com")

  • A common misspelling, or foreign language spelling, of the intended site: exemple.com
  • A misspelling based on typing errors: xample.com or examlpe.com
  • A differently phrased domain name: examples.com
  • A different top-level domain: example.org

Once in the typosquatter's site, the user may also be tricked into thinking that they are in fact in the real site; through the use of copied or similar logos, website layouts or content.

Alternatively, the user will be forwarded to a site of a completely different nature from what they intended. This tactic was infamously used by John Zuccarini, who redirected domains targeting children to pornographic websites. Sometimes, the typosquatters will use the false addresses to distribute viruses, adware, spyware or other malware.[citation needed]

As with cybersquatting in the past, the term typosquatting has been used by covetous parties in an effort to unseat domain registrants from brandable variants of generic domain names. The shortage of poignant and generic domain names in the coveted .com generic top-level domain has left many hopeful registrants with no alternative but to locate catchy variants of existing generic words (e.g. Orbitz.com , popular travel site with "z" to replace the "s") in an effort to find "new land" on which to build their website. As in the preceding example, the line between typosquatting and registering a brandable variant of a generic domain name blurs dependent upon the circumstance of each situation.[citation needed]

Combatting typosquatting

A victim website may send a cease and desist letter to the offender at first, in an attempt to quell the activity. Another option would be to try to purchase the website address from the typosquatter, which could have been the typosquatter's aim all along. Occasionally, lawsuits are taken against the offending site or individual.

A company may try to preempt typosquatting by obtaining a number of websites with common misspellings and redirect them to the main, correctly spelled website. For example www.gooogle.com, www.goolge.com, www.gogle.com, www.gewgle.com, and others, all redirect to www.google.com.

Defensive registrations

Many site operators have resorted to registration of long lists of seemingly-duplicate names across multiple countries and top-level domains; for instance, amazon.com is duplicated across most country code TLD's and a local version of Google exists in nearly every available inhabited region, including a nominally-localised google.pn for the Pitcairn Islands, population 56. Google's domain name is also registered (but inactive) in uninhabited Internet regions such as the French Antarctic territories.

A growing trend is the increasingly common use of "derogatory" defensive registration. These are names such as <companyname>sucks.com or <companyname>lawsuit.com which are of no commercial value but are potentially of use to builders of consumer-complaint sites. By registering the names themselves, corporations keep them out of the hands of potential critics and dissatisfied clients.

Typosquatting and the law

In the United States, the 1999 Anticybersquatting Consumer Protection Act (ACPA) contains a clause (Section 3(a), amending 15 USC 1117 to include sub-section (d)(2)(B)(ii)) aimed at combatting typosquatting.[2][3]

However, on April 17, 2006, controversial evangelist Jerry Falwell failed to get the U.S. Supreme Court to review a decision allowing Christopher Lamparello to use "www.fallwell.com". Relying on a plausible misspelling of Falwell's name, Lamparello's gripe site presents misdirected visitors with scriptural references that counter the fundamentalist preacher's scathing rebukes against homosexuality. The high court let stand a 2005 Fourth Circuit finding that "the use of a mark in a domain name for a gripe site criticizing the markholder does not constitute cybersquatting."

Militating in favor of Mr. Lamparello's case was the fact that his website did not mimic Falwell's site stylistically so as to confuse site visitors into believing that Falwell endorsed Lamparello's site content.

Further, the fact that Lamparello's site is noncommercial preempts a claim of unfair business practices. Whereas, a communicative forum for comment and criticism constitutes a "bona fide non-commercial or fair use" of a trademark interest, under the ACPA.

On his site, Lamparello provided a link to an Amazon.com webpage selling a book he favored. The court determined this did not diminish the communicative function of his website, saying use of a domain name to engage in criticism or commentary "even where done for profit" does not alone show a bad faith intent to profit (Lamparello did not stand to gain financially from sales of the book at Amazon.com).

This case demonstrated the importance of balancing the property interests of trademark owners with the interests of Internet users who seek to make lawful uses of others' marks, “including for purposes such as comparative advertising, comment, criticism, parody, news reporting, fair use, etc." When the alleged infringer establishes a gripe site that criticizes the markholder, the markholder must show a “bad-faith attempt” on the part of the infringer to profit from the misuse.

Examples of typosquatting

  • Wikipedia is a victim of typosquatting: en.wiipedia.org, en.wikpedia.org, www.eikipedia.org, www.wilipedia.org, en.wikipedi.org, en.wikipediia.org, www.wikipedi.com, en.wikipedai.org, and www.wikipaedia.org as of 2007, are all websites which contain pop-up ads, spyware/adware downloads, and ad-generating search engines.
  • Google's anti-typosquatting defense is incomplete; as of April 2006, "http://www.goggle.com" redirects to a rogue software vendor (specifically SpySheriff) rather than to Google. The site attempts to spam users with popups and also used to download Spysheriff without any further user action.[when?] Since October 2009 goolgle.com (note the additional l) is typosquatted by braba.com (seemingly another search engine).
  • The US White House site "whitehouse.gov" is parodied at whitehouse.org; whitehouse.com at one point was the site of a notorious pornographic magazine.
  • The "encyclopedia.com" site is typosquatted by "uncyclopedia.com", an advertisement. This site is not related in any way to uncyclopedia.org or uncyclopedia.info, a parody site.

"Catchall" typosquatting

In addition to purchases of individual domain name, several attempts have been made by larger corporations to profit from users' typos by redirecting them without their knowledge.

  • Microsoft's Internet Explorer automatically redirects users' mistyped URL queries to their MSN Search page. Though a user can reconfigure their browser to use a different search tool, Google, one of MSN's biggest rivals, is not in the list. However, on their web site, Google has explained how to make their search engine the IE default for mistyped urls.
  • In 2003, top-level domain registry operator VeriSign's Site Finder automatically redirected traffic sent to unregistered domains. This caused a fair amount of outrage from the Internet standards community, and an emergency patch to BIND was issued to circumvent VeriSign's actions. VeriSign disabled the service after only three weeks.
  • Paxfire, a startup company, sells partner Internet service providers a tool that redirects mistyped queries to a Paxfire-generated page with sponsored advertiser content related to the mistyped "hotword". Revenue generated from user clicks is split between Paxfire and the Internet service provider.
  • Certain types of malware pose as browser plugins and redirect a user's web requests or search queries without their knowledge or consent, even if the URLs themselves are properly typed (for example, Internet Optimizer).
  • In August 2006, the operators of the ccTLD for the nation of Cameroon added a wildcard DNS record for the entirety of the .cm TLD. Since .cm is a common possible typo for .com, some have argued that this action constitutes a form of typosquatting. ICANN does not have any direct control over what national registrars do with their ccTLDs (as it did for VeriSign). Registration for .cm domain names has since been opened.
  • In 2007, Verizon launched a service quite similar to the Paxfire catchall redirection that redirects subdomain traffic and nonexistent domains for all of their internet customers.
  • In early 2008, Charter Communications and Insight Communications joined the growing list of ISPs that use catchall redirects. Both ISPs redirect unused domains to a Yahoo-based search function.
  • In 2008 UPC Austria launched a catchall redirection that displays a full page of ads. Although it can be deactivated, it was set up without the agreement of the customer.
  • In August 2009 Virgin Media began redirecting mistyped URL queries to their advancedsearch.virginmedia.com service. For example, attempting to browse to typo.squatting would redirect to the service. As of August 23, 2009 it was powered by Yahoo search and Nominum and did not contain third-party advertising, however there are many links to Virgin Media pages.

See also


  1. Microsoft Strider project with screenshots of typosquatted domains.
  2. "Anti-CyberSquatting Protection Act." US Library of Congress, http://thomas.loc.gov/cgi-bin/query/z?c106:S.1255.IS:=, accessed 24th October 2008.
  3. "Without typosquatters, how far would Google fall?" Cade Metz, The Register, http://www.theregister.co.uk/2008/10/23/google_and_typosquatting/, accessed 24th October 2008.

Further reading


de:Typosquatting fr:Typosquatting nl:Typosquatting ja:タイポスクワッティング nn:Typosquatting pl:Porywanie URL ru:Тайпсквоттинг sv:Typosquatting

Personal tools

Served in 1.970 secs.