What do you need to know about Typosquatting?
Misspelled domain names and typing errors are causing advertisers to lose millions every year.
A few seconds are enough to earn or lose your customer online. You might rely on affiliates for advertising to enhance trust, brand awareness and improve your user base, but at what cost?
A study of 99 Firms confirmed, 15% of digital media advertising revenue can be attributed to affiliate marketing. 2% of all affiliate marketing revenue is attributed to affiliate fraud.
Typosquatting is one of the most popular types of fraud among affiliates with malicious intentions. This article will cover typosquatting, its type, and its impact.
What is Typosquatting?
Typosquatting or URL Hijacking is a popular form of cybersquatting. Fraudsters intentionally buy misspelled domain names similar to the original brand names, targeting their customers.
The typosquatters guess or track the mistakes people are likely to make while searching the legitimate website and reserve the domain to diversify the traffic. For example, people often mistake Nikee for Nike and buy fake URLs to attract users who mistakenly type the wrong spelling of the brand name. In its recent study, Spamhaus published the top most abused domain registrars.
Types of Typosquatting Practices:
Users are likely to make errors while typing a website or domain name. A few of the common types of errors are mentioned below. The fraudulent affiliates tend to buy domains similar to popular brands based on such errors.
1. Typos: Mistyping the web address of the famous brands while searching for them directly in the address bar. For example, a user misses a 't' while searching for a well-known social media site, 'twitter.com.' He types it as 'twiter.com.'
2. Wrong extensions: Multiple top-level domains (TLDs) increase users' confusion and the threat actor's likelihood of booking sites like a user typing mistaking.org instead of mistaking.com.
3. Misspellings: There are possibilities of users being unaware of the correct spelling of a brand name. For this reason, affiliates register misspelled variants of famous brand names. Say, for example, a user confusing Flipcart.com for Flipkart.com.
4. Combo Squatting: Fraudsters deliberately book hyphenated domains. It might be the case of removing or adding the hyphen from the domain name to drive illegitimate traffic. Say, for example, face-book.com for facebook.com.
5. Faking the prefix: Threat actors can accomplish their nefarious goals, even if the user misses to type a single dot. They can book wwwcostco.com for legitimate www.costco.com.
6. Country Code Top Level Domains: Many domains use a top-level domain. For example, the United Kingdom uses ".uk," and the United States uses ".us," which means changing the last letter can create a typosquat site.
7. Adding Supplements Against Popular Brand Names: Buyers can often confuse add-ons with brand names to be a part of the brand itself. For example, amazonshop.com instead of amazon.com.
The Impact of Typosquatting:
Forrester found that 69% of brands spending $1 million per month reported that at least 20% of their budgets were being lost to digital ad fraud. Affiliate traps threaten any brand's marketing budget, but these also have a more severe impact on brand reputation and buyer's experience. A few are listed here below:
- Customer Experience: Advertisers or brands put ongoing efforts into improving customer experience. They make excellent websites, minimize purchase time, offer instant support, and more. Typo Squats may copy the site design and product page for malicious websites, but not site efficiency. Also, they introduce multiple redirections by customer journey hijacking, resulting in wasting buyers' time and poor customer experience.
- Advertiser's Revenue: Affiliates buy domain names similar to the brands and join their affiliate network. They try to steal the advertiser's existing customers with typosquatting and redirect them to their website with an affiliate link. They earn a commission without getting legitimate traffic.
- Brand Reputation: Attackers can significantly hamper the brand reputation by ruining their customer experience, posting inappropriate content on typosquatting sites, redirecting the users to the competitor's site, infecting the user's system with malicious cookies, and more.
How to defend from malicious affiliates traps?
Virus Positive Technologies is pioneering the Affiliate Fraud Management & Brand Protection market. VPT's disruptive methodology identifies non-compliant behaviors and provides automated solutions to monitor and detect affiliate traps.