Strategically Addressing Typosquatting

By Josh Bourne

I find that brand owners frequently underestimate the potency and impact of typosquatted domains relative to other infringements and overlook them, focusing their enforcement efforts elsewhere.  I believe that this is a mistake.  Typosquatting is worse today than ever before, as festering examples still linger in the hands of criminals who use them to more malicious ends than ever before.

Typosquatting is the practice by which individuals look to monetize or otherwise benefit from the traffic generated when Internet users make spelling or keystroke errors when typing a domain name directly into the address bar. These domains are also frequently used in email phishing attacks since they look so similar to the brand owner’s legitimate address.

An article I wrote for AdAge summarizes the findings of our comprehensive evaluation of typosquatting’s impact.  We conducted the study because we noticed that when we prioritized the complete list of infringing domain names for our clients and measured each domain objectively through quantification, time and again the most damaging infringements were typos of the companies’ main website(s).  We decided to measure the typo variations of the 250 most visited domains on the web and that research illuminated vast amounts of lost traffic and revenue.

We found that the companies behind 250 of the most visited websites were, in aggregate, losing over 448 million impressions and $327 million per year due to domain name typos.  To qualify for the study, each domain name permutation could have just 1 difference when compared to the correctly spelled domain.  We searched more broadly when we conducted the first iteration of the study and chose to throw out the 2, 3, etc. mistake domains because they received no traffic.  Navigators on the web make frequent mistakes when they type a domain name in the address bar, but they almost never make more than one error.

While typsoquatting is a category one should not overlook, not all typos have the same impact on a brand.  People make the same spelling errors and fat finger the same keys over and over and we find that leads to a strategic conclusion: only a small percent of typo domains should be addressed because they have overwhelmingly higher value than the rest.  In the typosquatting study, of the 28,000 third-party owned domains we identified, only 4,632 (or 16.5 percent) garner meaningful traffic. The trick is knowing how to identify what matters most and FairWinds order ranks each domain infringement so that clients can start at the top of the list and work their way down.  The “bullseye” tends to land on just the top 3 to 5 typos.

In the AdAge article, I wrote that “typically, less than 1% of typo variations are responsible for more than 50% of traffic diversion.”  When it comes to all domain infringements, it’s important for a brand owner to strictly prioritize utilization of resources based on a quantitative assessment of value and FairWinds helps its clients by routinely performing objective assessments of large datasets, such as a brand’s infringements.

In recent research FairWinds conducted of the Schwab brand (Schwab is not a client of FairWinds), we found the top 3 typo variations earned 85% of the total traffic across all 120 third-party owned, one letter variations of  Nobody likes to feel like they are playing whack-a-mole, and they often do when dealing with an unprioritized basket of infringing domains.  It’s noteworthy that because of the natural process by which certain typos receive more traffic than others due to more common misspellings and keystroke errors, once those high-traffic domains are recovered other infringements don’t fill a vacuum that was left behind because there isn’t one.  After recovering the worthiest domains, the naturally occurring traffic to them can be redirected to the correctly spelled website leading to a better customer experience when typo-prone visitors arrive at the proper website via those recovered domain names in perpetuity.

Within the last 5 years, typosquatters have taken advantage of the traffic they harness to enable a more diabolical practice.  Before then, our research showed that 84% of all typosquatted domains led to fairly benign pay-per-click sites that monetize traffic via ads.  Now, typosquatters have frequently been serving computer- and device-infecting malware content on infringing domains.  In the Schwab typosquatting analysis, 1/3 of all 120 registered typo infringements of, representing 70% of all traffic garnered by typosquatting, lead to malware sites.

Sometimes a brand owner can even be “one and done” when addressing typosquatting.  In the case of Barclays, their #1 typo-target is a domain that receives 75% of all the traffic that passes through the full array of 157 Barclays-infringing typo domains.  Barclays could declare overall victory with just 1 UDRP and ignore the other typo domains if they chose to.

Given the benefits of the terminated misuses of a brand and increased traffic to a brand owner’s legitimate site, the ROI of pursuing just the top-tier typo-targets is strategic and cannot be underestimated.  Please reach out and let us know if you have any questions and if we can be of help in protecting your brand against typosquatting abuse.

Latest Posts

Scroll to Top