Home / Blogs

‘Combosquatting’: New Attention for an Old Problem

A study (18-page PDF) from researchers at Georgia Tech and Stony Brook University has attracted attention to what it calls “combosquatting,” but the practice has been around since the early days of domain name disputes.

The study says combosquatting “refers to the combination of a recognizable brand name with other keywords (e.g., paypal-members[.]com and facebookfriends[.]com).” It adds that this practice differs from other types of cybersquatting “in two fundamental ways: first, combosquatting does not involve the spelling deviation from the original trademark and second, it requires the original domain to be intact within a set of other characters.”

Problems Created by Combosquatting

The researchers note that “combosquatting domains are not only used for trademark infringement but are also regularly used in a wide variety of abusive activities—including drive-by downloads, malware command-and-control, SEO, and phishing.”

Soon after Georgia Tech announced the study, bloggers and reporters from the Internet and trademark industries began writing about it:

  • The World Trademark Review reported that “[t]his potential to more effectively dupe consumers has serious consequences for both internet users and brand owners.”
  • ZDNet reported that “the number of combosquatting domains registered grew every year between 2011 and 2016, indicating attackers are very aware of the success they can have using this technique.”
  • And Domain Name Wire reported that the “study suggests that the prevalence of combosquatting can be reduced by defensive registrations and registrars preventing domains with famous trademarks from being registered without verification.”

Just Another Type of Cybersquatting

While the “combosquatting” name may be new (and the threats related to it may be growing), the practice itself is not. Indeed, it’s nothing more than a type of cybersquatting, a term that dates to at least 1998.

The word “combosquatting” does not seem to show up in any decisions under the Uniform Domain Name Dispute Resolution Policy (UDRP), but domain names containing both a trademark and another word have appeared in UDRP decisions for many years.

Even the first full year of the UDRP (2000) includes many decisions involving what today could be called combosquatting, such as those involving <christiandiorcosmetics.com>, <gatewaypccountry.com>, and <bostitchnails.com>, just to cite a few.

Although the recently updated WIPO “Overview” of UDRP decisions doesn’t refer to combosquatting by that name, it makes clear that the practice of registering a domain name that contains both a trademark plus another term is common. The other term often includes a descriptive or geographical term, another party’s trademark, or even a negative term (although the latter might not truly fall within the researchers’ definition of combosquatting).

UDRP to the Rescue

Regardless of whether combosquatting really represents anything new, the researchers’ article makes clear that it “is becoming more prevalent year over year.” Fortunately for trademark owners and their customers, the UDRP provides a very effective tool for combating this harmful practice.

By Doug Isenberg, Attorney & Founder of The GigaLaw Firm

Learn more by visiting The GigaLaw Firm website. Doug Isenberg also maintains a blog here.

Visit Page

Filed Under


Thanks for this piece Doug. Articles portraying Kevin Murphy  –  Dec 14, 2017 11:59 PM

Thanks for this piece Doug. Articles portraying brand+keyword cybersquatting as some kind of “new threat” have been really irksome recently.

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet



Domain Names

Sponsored byVerisign

New TLDs

Sponsored byRadix


Sponsored byDNIB.com

Threat Intelligence

Sponsored byWhoisXML API

Brand Protection

Sponsored byCSC

IPv4 Markets

Sponsored byIPv4.Global


Sponsored byVerisign