Longitudinal Typosquatting Study Finds Most Trademark Owners Do Little To Protect Their Domains

Trademark owners do little to protect their brands from typosquatters is one of the key findings of the first content-based, longitudinal studies of typosquatting undertaken by a Belgian and American university team.In the study, data about the typosquatting domains of the 500 most popular websites was collected every day for seven months. The team looked at whether previously discovered typosquatting trends still hold today, and looked for new results and insights in the typosquatting landscape.The research team at the Belgian University of Leuven and Stony Brook University in the US trawled through 900 GB of data from 3,389,137 web pages and 424,278 distinct WHOIS records gathered over a period of seven months and also found that even though 95 percent of the popular domains investigated are actively targeted by typosquatters, only a few trademark owners protect themselves against this practice by proactively registering their own typosquatting domains.The researchers also found typosquatting domains change hands from typosquatters to legitimate owners and vice versa, and that typosquatters vary their monetisation strategy by hosting different types of pages over time. Typosquatters are also on the look-out for expiring registrations of popular domain names. The researchers found that 50 percent of all typosquatting domains can be traced back to just four typosquatting page hosters and that certain TLDs are much more prone to typosquatting than others.When looking at the 500 most popular websites, they found that 477 of the domains for these sites had at least one malicious typosquatting domain. Additionally, only 156 of the authoritative domains in the list have defensive domain registrations, meaning that 344 domains (representing 68.8% of the 500 most popular websites) have no defensive registrations whatsoever.Of the top three of the top 500 with the most defensive registrations, huffingtonpost.com had the most with 57 defensive domains, americanexpress.com with 42 domains and bloomberg.com with 39 domains. The top three of authoritative domains with the most malicious typosquatting domains were adultfriendfinder.com with 132 typosquatting domains, constantcontact.com with 103 typosquatting domains and odnoklassniki.ru with 97 such domains. Alarmingly, out of the three banks in our top 500 list (bankofamerica.com, hdfcbank.com and icicibank.com), only bankofamerica.com has defensive registrations.The researchers also found, contrary to earlier research, that the longer the domain the greater likelihood of typosquatting. With a longer domain name, the number of possible typosquatting domains following the character substitution model rises very quickly. This change has come about in the last six years.To download the results of the study in full, go to: