Definition

Typosquatting is a variant of cybersquatting that registers domain names exploiting common typos on well-known brands: goggle.com for google.com, amzon.com for amazon.com, or paypa1.com with a digit replacing a letter.

Typosquatters’ goals

• Hijack traffic and monetise via advertising or affiliate links
• Run phishing campaigns mimicking the legitimate site
• Distribute malware via fake download pages
• Capture emails sent by mistake (email typosquatting)
• Resell the domain to the legitimate brand at a premium

Common typo patterns

• Adjacent key errors: googel.com, youtub.com
• Missing letters: amzon.com, twiter.com
• Doubled letters: googgle.com, facebbook.com
• Character substitution: paypa1.com, amaz0n.com
• Wrong extension: brand.co instead of brand.com

How to protect your brand

• Defensively register the main typo variants of your brand
• Set up active trademark monitoring focused on typographic variations
• Train employees on phishing and typosquatting risks
• File a UDRP action against confirmed typosquats
• Enrol in the TMCH for priority rights on new gTLDs
• Configure DMARC, SPF and DKIM to reduce email typosquatting impact