Jump to content

Typosquatting: Difference between revisions

From Wikipedia, the free encyclopedia
Content deleted Content added
Cydebot (talk | contribs)
m Robot - Moving category Uniform Resource Locator to Category:URL per CFD at Wikipedia:Categories for discussion/Log/2018 November 12.
m Filled in 1 bare reference(s) with reFill ()
Line 29: Line 29:
Celebrities have also frequently pursued their domain names, from singers to star athletes. Prominent examples include basketball player Dirk Nowitzki's UDRP of DirkSwish.com<ref>{{cite news| url=http://domainnamewire.com/2011/09/12/dallas-mavericks-dirk-nowitzki-domain/ | work=Domain Name Wire | title=Internet | date=12 Sep 2011}}</ref> and actress Eva Longoria's UDRP of EvaLongoria.org.<ref>{{cite news| url=http://domainnamewire.com/2011/05/05/eva-longoria-adds-org-to-her-collection/ | work=Domain Name Wire | title=Internet | date=5 May 2011}}</ref>
Celebrities have also frequently pursued their domain names, from singers to star athletes. Prominent examples include basketball player Dirk Nowitzki's UDRP of DirkSwish.com<ref>{{cite news| url=http://domainnamewire.com/2011/09/12/dallas-mavericks-dirk-nowitzki-domain/ | work=Domain Name Wire | title=Internet | date=12 Sep 2011}}</ref> and actress Eva Longoria's UDRP of EvaLongoria.org.<ref>{{cite news| url=http://domainnamewire.com/2011/05/05/eva-longoria-adds-org-to-her-collection/ | work=Domain Name Wire | title=Internet | date=5 May 2011}}</ref>


Since 2006, a typosquatted variant of [[Google]] called 'Goggle.com' has existed which was considered a phishing/fraud site; later (ca. 2011–2012) the URL redirected to google.com,<ref name="Goggle">{{cite news|last1=Allemann|first1=Andrew|title=Google Wants to Take Down Goggle.com Web Site|url=http://domainnamewire.com/2011/08/23/google-wants-to-take-down-goggle-com-web-site/|accessdate=19 March 2017|work=Domain Name Wire|date=2011-08-23}}</ref> while a 2018 check revealed it to redirect users to adware pages. Another example of corporate typosquatting is ''yuube.com'', targeting [[YouTube]] users by having it programmed to [[URL redirection|redirect]] to a malicious website or page, that asks users to add a security check extension that is really malware.<ref>{{cite news| url=http://economictimes.indiatimes.com/infotech/internet/Typosquatters-roam-unchecked-in-India/articleshow/5884936.cms | work=The Times Of India | title=Internet | date=5 May 2010}}</ref> Similarly, ''www.[[Air France|airfrance]].com'' has been typosquatted by ''www.arifrance.com'', diverting users to a website peddling discount travel.<ref name=slavitt>Kelly M. Slavitt: [http://library.findlaw.com/2004/May/11/133410.html Protecting Your Intellectual Property from Domain Name Typosquatters] (2004)</ref> Other examples are ''Equifacks.com'' ([[Equifax]].com), ''Experianne.com'' ([[Experian]].com), and ''TramsOnion.com'' ([[TransUnion]].com); these three typosquatted sites were registered by comedian [[John Oliver (comedian)|John Oliver]] for his show ''[[Last Week Tonight with John Oliver|Last Week Tonight]]''.<ref>http://www.mediaite.com/online/john-oliver-creates-fake-web-sites-to-troll-major-three-credit-bureaus/</ref>
Since 2006, a typosquatted variant of [[Google]] called 'Goggle.com' has existed which was considered a phishing/fraud site; later (ca. 2011–2012) the URL redirected to google.com,<ref name="Goggle">{{cite news|last1=Allemann|first1=Andrew|title=Google Wants to Take Down Goggle.com Web Site|url=http://domainnamewire.com/2011/08/23/google-wants-to-take-down-goggle-com-web-site/|accessdate=19 March 2017|work=Domain Name Wire|date=2011-08-23}}</ref> while a 2018 check revealed it to redirect users to adware pages. Another example of corporate typosquatting is ''yuube.com'', targeting [[YouTube]] users by having it programmed to [[URL redirection|redirect]] to a malicious website or page, that asks users to add a security check extension that is really malware.<ref>{{cite news| url=http://economictimes.indiatimes.com/infotech/internet/Typosquatters-roam-unchecked-in-India/articleshow/5884936.cms | work=The Times Of India | title=Internet | date=5 May 2010}}</ref> Similarly, ''www.[[Air France|airfrance]].com'' has been typosquatted by ''www.arifrance.com'', diverting users to a website peddling discount travel.<ref name=slavitt>Kelly M. Slavitt: [http://library.findlaw.com/2004/May/11/133410.html Protecting Your Intellectual Property from Domain Name Typosquatters] (2004)</ref> Other examples are ''Equifacks.com'' ([[Equifax]].com), ''Experianne.com'' ([[Experian]].com), and ''TramsOnion.com'' ([[TransUnion]].com); these three typosquatted sites were registered by comedian [[John Oliver (comedian)|John Oliver]] for his show ''[[Last Week Tonight with John Oliver|Last Week Tonight]]''.<ref>{{cite web|url=https://www.mediaite.com/online/john-oliver-creates-fake-web-sites-to-troll-major-three-credit-bureaus/|title=John Oliver Creates Fake Web Sites to Troll Major Three Credit Bureaus|publisher=}}</ref>


Users trying to visit the popular internet-based game ''[[Agar.io]]'' may misspell the said URL as ''agor.io''. Visiting this site was known to produce a [[jumpscare]] or screamer of the popular [[creepypasta]] ''[[Jeff the Killer]]'', which flashed rapidly and produced a loud noise.<ref>{{Cite web|url=https://www.thetoptens.com/scariest-websites-internet/|title=Top Scariest Websites on the Internet|last=|first=|date=|website=TheTopTens|access-date=}}</ref> The original site was taken down and as of 2017, it has linked to randomly-themed [[phishing]] websites.
Users trying to visit the popular internet-based game ''[[Agar.io]]'' may misspell the said URL as ''agor.io''. Visiting this site was known to produce a [[jumpscare]] or screamer of the popular [[creepypasta]] ''[[Jeff the Killer]]'', which flashed rapidly and produced a loud noise.<ref>{{Cite web|url=https://www.thetoptens.com/scariest-websites-internet/|title=Top Scariest Websites on the Internet|last=|first=|date=|website=TheTopTens|access-date=}}</ref> The original site was taken down and as of 2017, it has linked to randomly-themed [[phishing]] websites.

Revision as of 13:05, 22 February 2019

An incorrectly entered URL could lead to a website operated by a cybersquatter.

Typosquatting, also called URL hijacking, a sting site, or a fake URL, is a form of cybersquatting, and possibly brandjacking which relies on mistakes such as typos made by Internet users when inputting a website address into a web browser. Should a user accidentally enter an incorrect website address, they may be led to any URL (including an alternative website owned by a cybersquatter).[1]

The typosquatter's URL will usually be one of five kinds, all similar to the victim site address (e.g. example.com):

  • A common misspelling, or foreign language spelling, of the intended site: exemple.com
  • A misspelling based on typos: examlpe.com
  • A differently phrased domain name: examples.com
  • A different top-level domain: example.org
  • An abuse of the Country Code Top-Level Domain (ccTLD): example.cm by using .cm, example.co by using .co, or example.om by using .om. A person leaving out a letter in .com in error could arrive at the fake URL's website.

Once in the typosquatter's site, the user may also be tricked into thinking that they are in fact in the real site, through the use of copied or similar logos, website layouts or content. Spam emails sometimes make use of typosquatting URLs to trick users into visiting malicious sites that look like a given bank's site, for instance.

Motivation

There are several different reasons for typosquatters buying a typo domain:

  • In order to try to sell the typo domain back to the brand owner
  • To monetize the domain through advertising revenues from direct navigation misspellings of the intended domain
  • To redirect the typo-traffic to a competitor
  • To redirect the typo-traffic back to the brand itself, but through an affiliate link, thus earning commissions from the brand owner's affiliate program.
  • As a phishing scheme to mimic the brand's site, while intercepting passwords which the visitor enters unsuspectingly[2]
  • To install drive-by malware or revenue generating adware onto the visitors' devices
  • To harvest misaddressed e-mail messages mistakenly sent to the typo domain
  • To block malevolent use of the typo domain by others
  • To express an opinion that is different from the intended website's opinion

Examples

Many companies, including Verizon, Lufthansa, and Lego, have garnered reputations for aggressively chasing down typosquatted names. Lego, for example, has spent roughly US$500,000 on taking 309 cases through UDRP proceedings.[3]

Celebrities have also frequently pursued their domain names, from singers to star athletes. Prominent examples include basketball player Dirk Nowitzki's UDRP of DirkSwish.com[4] and actress Eva Longoria's UDRP of EvaLongoria.org.[5]

Since 2006, a typosquatted variant of Google called 'Goggle.com' has existed which was considered a phishing/fraud site; later (ca. 2011–2012) the URL redirected to google.com,[6] while a 2018 check revealed it to redirect users to adware pages. Another example of corporate typosquatting is yuube.com, targeting YouTube users by having it programmed to redirect to a malicious website or page, that asks users to add a security check extension that is really malware.[7] Similarly, www.airfrance.com has been typosquatted by www.arifrance.com, diverting users to a website peddling discount travel.[8] Other examples are Equifacks.com (Equifax.com), Experianne.com (Experian.com), and TramsOnion.com (TransUnion.com); these three typosquatted sites were registered by comedian John Oliver for his show Last Week Tonight.[9]

Users trying to visit the popular internet-based game Agar.io may misspell the said URL as agor.io. Visiting this site was known to produce a jumpscare or screamer of the popular creepypasta Jeff the Killer, which flashed rapidly and produced a loud noise.[10] The original site was taken down and as of 2017, it has linked to randomly-themed phishing websites.

In United States law

In the United States, the 1999 Anticybersquatting Consumer Protection Act (ACPA) contains a clause (Section 3(a), amending 15 USC 1117 to include sub-section (d)(2)(B)(ii)) aimed at combatting typosquatting.[11][12]

However, on April 17, 2006, controversial evangelist Jerry Falwell failed to get the U.S. Supreme Court to review a decision allowing Christopher Lamparello to use www.fallwell.com. Relying on a plausible misspelling of Falwell's name, Lamparello's gripe site presents misdirected visitors with scriptural references that are intended to counter the fundamentalist preacher's scathing rebukes against homosexuality. In Lamparello v. Falwell, the high court let stand a 2005 Fourth Circuit finding that "the use of a mark in a domain name for a gripe site criticizing the markholder does not constitute cybersquatting."

WIPO resolution procedure

Under the Uniform Domain-Name Dispute-Resolution Policy (UDRP), trademark holders can file a case at the World Intellectual Property Organization (WIPO) against typosquatters (as with cybersquatters in general).[8] The complainant has to show that the registered domain name is identical or confusingly similar to their trademark, that the registrant has no legitimate interest in the domain name, and that the domain name is being used in bad faith.[8]

See also

References

  1. ^ "Microsoft Strider project with screenshots of typosquatted domains". Research.microsoft.com. Archived from the original on 2012-03-07. Retrieved 2012-03-09. {{cite web}}: Unknown parameter |deadurl= ignored (|url-status= suggested) (help)
  2. ^ "'Typosquatting': How 1 mistyped letter could lead to ID theft". Bankrate. Retrieved 14 January 2016.
  3. ^ "Internet". Domain Name Wire. 1 November 2011.
  4. ^ "Internet". Domain Name Wire. 12 Sep 2011.
  5. ^ "Internet". Domain Name Wire. 5 May 2011.
  6. ^ Allemann, Andrew (2011-08-23). "Google Wants to Take Down Goggle.com Web Site". Domain Name Wire. Retrieved 19 March 2017.
  7. ^ "Internet". The Times Of India. 5 May 2010.
  8. ^ a b c Kelly M. Slavitt: Protecting Your Intellectual Property from Domain Name Typosquatters (2004)
  9. ^ "John Oliver Creates Fake Web Sites to Troll Major Three Credit Bureaus".
  10. ^ "Top Scariest Websites on the Internet". TheTopTens.
  11. ^ "Anti-CyberSquatting Protection Act." US Library of Congress, Thomas.loc.gov, accessed 24 October 2008.
  12. ^ "Without typosquatters, how far would Google fall?" Cade Metz, The Register, Theregister.co.uk, accessed 24 October 2008.