Cybersquatting (also called domain squatting) is a practice of registering a domain name that’s the same or similar to a trademark, service mark, or a company or personal brand. It’s a form of cybercrime made to exploit the goodwill of a trademark or brand that someone else owns.
Cybersquatting is illegal, and there are laws in place to protect businesses from it. In this article, we’ll show you exactly what cybersquatting is, what types of it exist, and how you can protect yourself from it.
|– Cybersquatting is the practice of registering domain names spelled or sounding the same or similar to an established brand or trademark.|
|– If registration was done in bad faith, cybersquatting is illegal.|
|– There are policies and laws that can help you sue cybersquatters and take over a domain name.|
Types of Cybersquatting
There are different types of cybersquatting, and they are as follows:
- Generic cybersquatting,
- Name jacking,
- Identity theft,
- Reverse cybersquatting.
1. Generic Cybersquatting
Generic cybersquatting refers to the practice of registering a domain name with generic terms, such as computer.net, and looking to sell it later on. On its own, generic cybersquatting is not a crime, and many companies buy multiple domain names to sell them for a profit – it’s called domain name flipping.
It becomes an issue only if it causes trademark infringement. For example, polkadot.com became a cybersquatting issue as the owner of the trademark proved that the domain name owner had no connection to the ordinary meaning of the word.
Typosquatting is perhaps the most common type of this cybercrime. It revolves around choosing a domain name with a similar spelling or using the same name with a different domain type. For example, if you have a shoe-selling website, SnazzySandals.com, typosquatting would be if someone registered SnazzySandals.co or SnazySandals.com.
In these cases, the cybersquatter usually mimics the company’s website or commits phishing and malware scams.
A subtype of typosquatting is an internationalized domain name homograph attack. It involves using symbols from non-Latin scripts that look the same but have a different Unicode. For example, the Latin letter a (Unicode: U+0061) looks the same as the Cyrillic letter a (Unicode: U+0430). As a user, when you see SnazzySandals.com, you can’t know whether those are Cyrillic or Latin letters.
3. Name Jacking
Registering a domain with someone else’s name (usually a celebrity) falls under name jacking. This type of cybersquatting is difficult to prove unless you trademark your name as a personal brand.
4. Identity Theft
Cybersquatters can use special software to track popular domain names and their registration statuses. If someone mistakenly forgets to renew their domain name subscription or does it too late, a cybersquatter will swoop in and re-register it.
This is considered identity theft. People do it to demand money from the previous owner, conduct phishing scams, or redirect it to another website.
5. Reverse Cybersquatting
In this type of cybercrime, scammers try to present legitimate domain name owners as cybersquatters.
For example, let’s say you have a website called SnugSocks.com, and you sell… well, snug socks. As a shady individual, I can see your success and trademark the phrase “snug socks” within the fashion industry. Then, I’d sue you for cybersquatting me, and if I prove you’re infringing on my trademark, you’d have to hand over the website. That’s reverse cybersquatting.
Is Cybersquatting Legal?
No, cybersquatting is a form of cybercrime, and it’s illegal. However, that doesn’t mean that any domain name registration is now subject to a cybersquatting claim. Essentially, cybersquatting means registering a domain name in bad faith, with the key thing being able to prove it had been done in bad faith.
According to the Internet Corporation of Assigned Names and Numbers (ICANN), for cybersquatting to be proven, the complainant needs to prove the following:
- The domain name matches or is confusingly similar to a registered trademark,
- The domain name owner has no rights to the domain name,
- The registrant uses the domain name in bad faith.
The main thing here is to prove trademark infringement. If someone uses a domain name similar to your business’s, but the purpose of the website is completely unrelated to your products or services, they are not cybersquatting. They just happened to register the name before you.
Let’s say you have a successful shoe business called Snazzy Sandals. Someone can register a domain name SnazzySandals.com and impersonate your business, leading customers to believe they’re buying your products. Or, they can simply get that domain name in hopes of making you pay over the odds to buy the name from them. In both cases, they would be cybersquatters.
Cybersquatting was far more popular 20 and 30 years ago, when companies were not yet fully aware of the need for an online presence. While cybersquatting still occurs, and you should be wary of it, it’s significantly less frequent.
Let’s go through some famous cybersquatting cases.
|Cybersquatting Case||What Happened|
|Nissan.com||The Japanese car manufacturer accused the domain name owner, Nissan Computer Corporation, of cybersquatting and tried to get ownership. However, the computer company was named after its owner, Uzi Nissan, and kept the website for itself.|
|Walmart44.com||A malicious website that spread spyware, adware, and malicious extensions. The association with the famous corporation was obvious, and the website was shut down.|
|MikeRoweSoft.com||The cybersquatting case with perhaps the most press coverage was the one from 2004, when Microsoft went against a Canadian high school student, Mike Rowe. The giant corporation initially offered Rowe $10 to take down his website MikeRoweSoft.com. When he declined, the company sued him, which eventually ended up with a settlement. The domain name now belongs to Microsoft.|
Other popular examples include:
How to Protect Your Business From Cybersquatting
There are ways to protect yourself from cybersquatting and prevent it from happening in the first place. When you start a business, try to take out a trademark as soon as you have something unique and distinguishable. This will help you protect your products even beyond cybersquatters.
If you notice that users often misspell your domain name, you can register aliases. Domain aliases aim to redirect users to the original website and not allow them to fall victim to malicious websites. For instance, Facebook has thousands of alias websites, such as:
What If Cybersquatting Already Happened?
Sometimes, someone is just unaware of your business and not a cybercriminal. Maybe they didn’t know about your trademark. The first step should always be to reach out to the owner and try to get a deal and transfer the domain name.
If that’s not the case, you have policies and laws to fall back on, such as:
- The Uniform Domain-Name Dispute Resolution Policy (UDRP): If you win the complaint, the domain name registration will be canceled or transferred to you.
- The Anticybersquatting Consumer Protection Act (ACPA): U.S. businesses can protect their trademarks using this act. ACPA lawsuits are more expensive but can result in financial remedies from the defendant.
Cybersquatting can damage your brand identity, take advantage of your business’s success, and lead customers to fall for a scam. You can prevent cybersquatting by registering domain names in advance, but you can also sue domain name owners that infringe on your trademark with their domains.
However, you need to prove there was malintent in their registration if you want to get the domain name via a cybersquatting claim. Your first course of action should be to settle with the registrant, which may save you both time and money.
If you are a brand and need help creating a unique name of your own, use our domain name generator tool to come up with thousands of domain name ideas.