What Is Cybersquatting?

Although it is not as frequent as it was in the early days of the Internet, cybersquatting is still around and allows individuals to benefit from the goodwill of someone else’s trademark or brand. Check out how to recognize cybersquatting and how to protect yourself from it.

Cybersquatting Definition

Cybersquatting (also called domain squatting) is a practice of registering a domain name that’s the same or similar to a trademark, service mark, or a company or personal brand. It’s a form of cybercrime made to exploit the goodwill of a trademark or brand that someone else owns.

Cybersquatting is illegal, and there are laws in place to protect businesses from it. In this article, we’ll show you exactly what cybersquatting is, what types of it exist, and how you can protect yourself from it.

Key Points
– Cybersquatting is the practice of registering domain names spelled or sounding the same or similar to an established brand or trademark.
– If registration was done in bad faith, cybersquatting is illegal.
– There are policies and laws that can help you sue cybersquatters and take over a domain name.

Types of Cybersquatting

There are different types of cybersquatting, and they are as follows:

  1. Generic cybersquatting,
  2. Typosquatting,
  3. Name jacking,
  4. Identity theft,
  5. Reverse cybersquatting.

1. Generic Cybersquatting

Generic cybersquatting refers to the practice of registering a domain name with generic terms, such as computer.net, and looking to sell it later on. On its own, generic cybersquatting is not a crime, and many companies buy multiple domain names to sell them for a profit – it’s called domain name flipping.

It becomes an issue only if it causes trademark infringement. For example, polkadot.com became a cybersquatting issue as the owner of the trademark proved that the domain name owner had no connection to the ordinary meaning of the word.

2. Typosquatting

Typosquatting is perhaps the most common type of this cybercrime. It revolves around choosing a domain name with a similar spelling or using the same name with a different domain type. For example, if you have a shoe-selling website, SnazzySandals.com, typosquatting would be if someone registered SnazzySandals.co or SnazySandals.com.

In these cases, the cybersquatter usually mimics the company’s website or commits phishing and malware scams.

A subtype of typosquatting is an internationalized domain name homograph attack. It involves using symbols from non-Latin scripts that look the same but have a different Unicode. For example, the Latin letter a (Unicode: U+0061) looks the same as the Cyrillic letter a (Unicode: U+0430). As a user, when you see SnazzySandals.com, you can’t know whether those are Cyrillic or Latin letters.

3. Name Jacking

Registering a domain with someone else’s name (usually a celebrity) falls under name jacking. This type of cybersquatting is difficult to prove unless you trademark your name as a personal brand.

4. Identity Theft

Cybersquatters can use special software to track popular domain names and their registration statuses. If someone mistakenly forgets to renew their domain name subscription or does it too late, a cybersquatter will swoop in and re-register it.

This is considered identity theft. People do it to demand money from the previous owner, conduct phishing scams, or redirect it to another website.

5. Reverse Cybersquatting

In this type of cybercrime, scammers try to present legitimate domain name owners as cybersquatters.

For example, let’s say you have a website called SnugSocks.com, and you sell… well, snug socks. As a shady individual, I can see your success and trademark the phrase “snug socks” within the fashion industry. Then, I’d sue you for cybersquatting me, and if I prove you’re infringing on my trademark, you’d have to hand over the website. That’s reverse cybersquatting.

Is Cybersquatting Legal?

No, cybersquatting is a form of cybercrime, and it’s illegal. However, that doesn’t mean that any domain name registration is now subject to a cybersquatting claim. Essentially, cybersquatting means registering a domain name in bad faith, with the key thing being able to prove it had been done in bad faith.

According to the Internet Corporation of Assigned Names and Numbers (ICANN), for cybersquatting to be proven, the complainant needs to prove the following:

  • The domain name matches or is confusingly similar to a registered trademark,
  • The domain name owner has no rights to the domain name,
  • The registrant uses the domain name in bad faith.

The main thing here is to prove trademark infringement. If someone uses a domain name similar to your business’s, but the purpose of the website is completely unrelated to your products or services, they are not cybersquatting. They just happened to register the name before you.

MORE: Learn how to trademark your domain name

Cybersquatting Examples

Let’s say you have a successful shoe business called Snazzy Sandals. Someone can register a domain name SnazzySandals.com and impersonate your business, leading customers to believe they’re buying your products. Or, they can simply get that domain name in hopes of making you pay over the odds to buy the name from them. In both cases, they would be cybersquatters.

Cybersquatting was far more popular 20 and 30 years ago, when companies were not yet fully aware of the need for an online presence. While cybersquatting still occurs, and you should be wary of it, it’s significantly less frequent.

Let’s go through some famous cybersquatting cases.

Cybersquatting CaseWhat Happened
Nissan.comThe Japanese car manufacturer accused the domain name owner, Nissan Computer Corporation, of cybersquatting and tried to get ownership. However, the computer company was named after its owner, Uzi Nissan, and kept the website for itself.
Walmart44.comA malicious website that spread spyware, adware, and malicious extensions. The association with the famous corporation was obvious, and the website was shut down.
MikeRoweSoft.comThe cybersquatting case with perhaps the most press coverage was the one from 2004, when Microsoft went against a Canadian high school student, Mike Rowe. The giant corporation initially offered Rowe $10 to take down his website MikeRoweSoft.com. When he declined, the company sued him, which eventually ended up with a settlement. The domain name now belongs to Microsoft.

Other popular examples include:

  • xofnews.com
  • whitehouse.com
  • tiktoks.com
  • jenniferlopez.net
  • gail.com

How to Protect Your Business From Cybersquatting

There are ways to protect yourself from cybersquatting and prevent it from happening in the first place. When you start a business, try to take out a trademark as soon as you have something unique and distinguishable. This will help you protect your products even beyond cybersquatters.

If you notice that users often misspell your domain name, you can register aliases. Domain aliases aim to redirect users to the original website and not allow them to fall victim to malicious websites. For instance, Facebook has thousands of alias websites, such as:

  • Facbebook.com
  • Gacebook.com
  • Facebooc.com
  • Faceboock.com

MORE: How to secure a domain name

What If Cybersquatting Already Happened?

Sometimes, someone is just unaware of your business and not a cybercriminal. Maybe they didn’t know about your trademark. The first step should always be to reach out to the owner and try to get a deal and transfer the domain name.

If that’s not the case, you have policies and laws to fall back on, such as:

  • The Uniform Domain-Name Dispute Resolution Policy (UDRP): If you win the complaint, the domain name registration will be canceled or transferred to you.
  • The Anticybersquatting Consumer Protection Act (ACPA): U.S. businesses can protect their trademarks using this act. ACPA lawsuits are more expensive but can result in financial remedies from the defendant.

Takeaway Points

Cybersquatting can damage your brand identity, take advantage of your business’s success, and lead customers to fall for a scam. You can prevent cybersquatting by registering domain names in advance, but you can also sue domain name owners that infringe on your trademark with their domains.

However, you need to prove there was malintent in their registration if you want to get the domain name via a cybersquatting claim. Your first course of action should be to settle with the registrant, which may save you both time and money.

If you are a brand and need help creating a unique name of your own, use our domain name generator tool to come up with thousands of domain name ideas.

MORE: What is domain name hijacking?

Frequently Asked Questions (FAQ)

If you register a domain name that is the same as a brand or trademark you don’t own, that’s cybersquatting. An example would be registering lebronjames.com in an effort to get money from the NBA player.

Cybersquatting happens by registering a domain name in bad faith. Cybersquatters can use it to spread malware, impersonate a company, or simply hold the registration rights for their resale value.

Cybersquatting, in theory, is always illegal, but it’s not always possible to prove someone is doing it. The illegal practice takes place when someone registers a domain name in bad faith. Otherwise, it’s completely legal to get any domain name you want. If you take out a domain name that’s similar to someone’s brand or trademark but doesn’t infringe on their rights, you’re not cybersquatting.

The Anticybersquatting Consumer Protection Act (ACPA), adopted in 1999, protects trademark owners from people who infringe on trademark rights with their domain names. The law protects only against individuals who register the domain name in “bad faith” and without the approval of the trademark owner.

You can prevent cybersquatting by registering domain names that are similar (or the same with different extensions) to your existing one. This would lower the chances of typosquatting. If you have a product or service that’s unique, you should register a trademark and get legal protection from potential cybersquatters.


Miloš Soro

Miloš Soro

Miloš Soro is a content writer dedicated to the technical side of running a business. He is our expert on domain names, eCommerce, and product development. Soro combines his six years of writing experience with an educational background in IT and is interested in the latest technology trends to provide his readers with the latest insights.

Show all posts from

We use cookies to offer you our service. By using this site, you agree to our: See cookie policy