Incident Response, TDR

Victory for enterprises in typosquatting case

Several major enterprises have sued OnlineNIC, a domain name registrar, for allowing the registration of domain names with addresses similar to their own brand names.

One of the more popular cybersquatting tactics, known as typosquatting, tricks users who mistakenly type a letter out of place when entering a URL address, so that they are guided to a similarly spelled, but altogether different web address.

“Or worse, the squatted domain could point to an online store that purports association with or sponsorship by the brand owner,” said Joshua S. Bourne, president of The Coalition Against Domain Name Abuse (CADNA), a nonprofit organization based in Washington D.C., in an email to “Also, they could point to a phishing site that goes unnoticed by the user who enters their username and password. All of this leads to less confidence in the internet and online commerce.”

The company also uses a tactic known as combosquatting, which refers to the practice of combining a particular brand and a generic keyword to create a cybersquatted domain name, according to a report from FairWinds Partners.

Last week, Verizon Communications won a $31.15 million judgment against internet registrar OnlineNIC. Microsoft and Yahoo are also pursuing cases against the company.

"Traditionally, cybersquatting has involved the registration of domain names that contain the trademarks of others," said Eric Sinrod, a partner in the San Francisco law office of Duane Morris, in an email Monday to "Of course, there can be many variations in domain names that can be registered, and there is money to be made on the internet. Thus, it is not entirely surprising that typosquatting has come to the [forefront]."

In Verizon's case, the company brought suit charging that OnlineNIC registered approximately 663 domain names either matching or similar to Verizon trademarks – including Verizon-cellular[dot]com and Buyverizon[dot]net.

In court papers, Verizon claimed that OnlineNIC registered more than 900,000 domain names that were close to some of the globe's largest companies, including Google, Adidas, MySpace, Wal-Mart and Yahoo. OnlineNIC used an automated process to enable cybersquatters to register the URLs using “numerous means to conceal its true identity,” Verizon's suit claimed.

According to the default judgment issued Dec. 19 by Judge Jeremy Fogel in the U.S. District Court for the Northern District of California in San Jose, OnlineNIC must now pay Verizon $31.15 million. The company also was ordered to transfer the domain names under dispute to Verizon, and may no longer register domain names containing Verizon trademarks.

In most cybersquatting cases, the web address can be similar in appearance to the actual corporate site, but will instead contain pay-per-click advertisements, according to a 2007 McAfee report, which studied 1.9 million typographical variations of 2,771 of the most trafficked websites.

Most of these sites do not contain malicious content, such as malware, although 2.4 percent lead to pornographic sites, according to the McAfee study.

The registrants of these sites typically profit through ad networks, notably Google AdSense, which offers text-based ads relevant to site content pages. Typosquatters earn about a quarter each time a user clicks on one of the ads, which are usually similar in nature to the product or service the user seeks.

But CADNA's Bourne said this figure could be more, or less. “They earn a fee that is a function of the price of the ad,” he said. “Some ads generate fees greater than $10 and the squatter gets a piece of that. So, it's not always a quarter. It could be much more, it could be less.”
“The latest cybersquatting case reflects the ‘sleight-of-hand' nature of today's Internet," said Thom VanHorn, vice president - global marketing, Application Security, in an email to "Although many of these fake websites are relatively benign because they are primarily schemes to generate ad revenue, there is broader potential for these sites to serve as phishing schemes that gather credit card numbers or other information from unsuspecting consumers. This is just another illustration of the types of threats that exist to multiple types of data, and how many organizations are still not deploying the proper security safeguards or complying with government and industry mandates that were established to thwart malicious cyber activities. Online vigilance remains a key watchword for consumers and corporations as we head into 2009.”

In its suit filed with the same court on Oct. 7, Microsoft accused OnlineNIC of registering nearly 100 domain names that matched or were similar to Microsoft trademarks, including Windows, Encarta and Halo. Microsoft asked for an entry of a default judgment against OnlineNIC on Dec. 16.

And, on Dec. 19, Yahoo filed a suit accusing OnlineNIC of cybersquatting and trademark infringement. The company accused OnlineNIC of registering more than 500 domain names that match or are similar to its brands, including Yahoozone[dot]com and Yahooyahooligan[dot]com.

"When companies believe that typosquatting might cause confusion and might allow others to profit by improper piggy-backing, legal action will follow," said the attorney, Sinrod.

“This case should send a clear message and serve to deter cybersquatters who continue to run businesses for the primary purpose of misleading consumers,” Sarah Deutsch, an associate general counsel at Verizon, said last Wednesday in a statement.

"Cybersquatting is a deceptive and often illegal practice that has caused material harm to not only to consumers and the brands and trademarks which have been targeted, but also to the overall trust of the internet. We applaud all efforts to curtail this practice and to  and increase accountability for those responsible," Craig Spiezle, director, security & privacy product management, Internet Explorer, Microsoft, wrote in an email to on Tuesday.

“OnlineNIC is an unusual example of a huge-scale cybersquatter,” said CADNA's Bourne. “Cybersquatting is really about death by a thousand cuts.”

The majority of infringements are held by ‘small time' cybersquatters, many of whom aren't afraid of detection or enforcement, said Bourne. “We've recently concluded that most brand owners find only 1.5 domains per infringer across hundreds or even thousands of infringing domains per brand. There is no efficiency in trying to combat that.”

A solution to the problem would be to increase penalties in order to create a deterrent, so small-time, as well as the bigger operators abandon the practice, said Bourne.

Responding to a request for comment, an OnlineNIC spokesperson said, "Our company will actively liaise with the court to understand the progress of the case, and firmly vindicate our company's legitimate rights and interests through appropriate channels."

UPDATED 12/30/08

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.