Cybersquatting is likely one of the oldest digital threats out there, but somehow, it still works. The first cybersquatting case filed after the implementation of the Uniform Domain Name Dispute Resolution Policy (UDRP) involved the domain worldwrestlingfederation[.]com.

The complainant, U.S.-based World Wrestling Federation (WWF), filed the case on December 2, 1999, against California resident Michael Bosman, who registered the domain name and offered to sell it back to WWF at a significant profit.

The Administrative Panel of the World Intellectual Property Organization (WIPO) ruled in favor of the complainant, stating that the respondent’s domain name was identical or confusingly similar to its trade and service marks. As such, the respondent had no right to use the domain name and was, thus, considered to have registered it in bad faith.

Why Do Cybersquatters Register Domain Names in Bad Faith?

Cybersquatters’ motives vary. But over the years, three main reasons behind cybersquatting have been identified, and these are:

• Impersonating a legitimate business to acquire its clients’ or customers’ usernames, passwords, and other personally identifiable information (PII)
• Installing malware on victims’ computers or devices
• Directing traffic to a website under the squatters’ control for commercial gain (e.g., to sell counterfeit goods and the like)

In its most recent cybersquatting trends report, WIPO revealed that trademark owners filed 3,447 cases under the UDRP in 2018. Here’s the list of the top 10 case filers.

Looking at the complainants, we can tell that they are some of the biggest brands in their respective industries with a lot to lose should their online properties be abused. Riding on their popularity is sure to get squatters as much gain as possible.

Protecting Oneself Against Cybersquatting

Some organizations are tech-savvier than others and so know about cybercrime and its damaging effects. As such, they take time out to protect their online properties as well as they can. Andrey Ternovskiy’s Chatroulette happens to be one of them.

One effective way to keep cybersquatters at bay is to register all possible domain names that can be mistaken for one’s own. Then again, generating misspelled variants of a domain name manually is time-consuming. There is a way to do that automatically, though, and that is through a tool like Brand Monitor.

First, let’s try to identify potential cybersquatters with Brand Monitor. Open the dashboard, go to the Advanced tab, type your domain name into the search field, and toggle the Typos button to on. The tool automatically generates a list of misspelled variations of your domain name.

You can immediately see 100 of potential typosquatted sites. Add them to your tracker by hitting the Add to monitoring button. You should see changes to any of the sites, if any, after 24 hours.

After compiling a list, you can use WHOIS Search to know more about the domain registered (if any) under each variant. Going to the sites themselves may not be a good idea. They can be malware hosts designed to entrap the visitors of the sites they are spoofing.

We did that for a misspelled variant of chatroulette.com—chatroullette.com—and found that the legitimate site’s owner, Ternovskiy, also registered it. As we said, he did his due diligence and registered domains that cybersquatters can abuse.

He did the same thing for another look-alike domain—chatroulete.com.

* * *

Brand owners, especially those with hugely successful businesses, can follow Chatroulette’s example of taking brand protection to the next level. By taking a proactive stance against cybersquatters, the company is not only protecting its own interests but also those of its clients or customers. Any organization can do the same with the aid of domain research and monitoring tools like Brand Monitor and WHOIS Search.