Misplaced Pages

Typosquatting

Article snapshot taken from Wikipedia with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.

This is an old revision of this page, as edited by FeloniousMonk (talk | contribs) at 22:24, 4 December 2005 (Examples of typosquatting: Noting Flew's first name has no 'h' and so the domain name is misspelled). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Revision as of 22:24, 4 December 2005 by FeloniousMonk (talk | contribs) (Examples of typosquatting: Noting Flew's first name has no 'h' and so the domain name is misspelled)(diff) ← Previous revision | Latest revision (diff) | Newer revision → (diff)
File:Typosquatting.jpg
An incorrectly entered URL could lead to a website operated by a cybersquatter.

Typosquatting, also called URL hijacking, is a form of cybersquatting which relies on mistakes such as typographical errors made by internet users when inputting website address into a web browser. Should a user accidentally enter an incorrect website address, they may be led to an alternative address owned by a cybersquatter.

Overview

Generally, the victim site of typosquatting will be a frequently visited website. The typosquatter's URL will usually be one of three kinds, all similar to the victim site address:

  • A common misspelling of the intended site; for example, webadress.com
  • A misspelling based on typing errors; for example, wwebaddress.com or wbaddress.com
  • A differently phrased domain name; for example, web-address.com

(In all previous examples, the intended website is webaddress.com.)

Once in the typosquatter's site, the user may also be tricked into thinking that they are in fact in the real site; through the use of copied or similar logos, website layouts or content. Sometimes competitors of the victim site will do this.

Alternatively, the user will be forwarded to a site of a completely different nature to what they intended. This tactic is often used by pornographic websites and comedy websites.

Sometimes, the typosquatters will use the false addresses to distribute viruses, adware, spyware or other malware.

Combatting typosquatting

A victim website will usually send a cease and desist letter to the offender at first, in attempt to quell the activity.

They may also try and purchase the website address from the typosquatter, which could have been the typosquatter's aim all along.

Occasionally, lawsuits will be taken against the offending site or individual.

A company may try and preempt typosquatting by obtaining a number of websites with common misspellings and redirect them to the main, correctly spelled website. For example www.gooogle.com, www.goolge.com, www.gogle.com, and others, all redirect to www.google.com. In another example, actor and politician Arnold Schwarzenegger is reported to control the domains with the ten most common misspellings of his surname.

Examples of typosquatting

  • The domain of the Web site of the President of the United States, whitehouse.gov, has two high-profile "misspellings": whitehouse.com, which was a pornographic Web site, and whitehouse.org, a satirical site.
  • Misplaced Pages is also a victim of typosquatting: www.wiipedia.org, www.eikipedia.org, www.wilipedia.org and en.wikipedi.org, , are all websites which contain pop-up ads, spyware/adware downloads, and ad-generating search engines.
  • A related gambit is obtaining "800" numbers that correspond to misspellings; a good illustration is AT&T's sudden abandonment of "1-800-OPERATOR" and replacing it with "1-800-CALL-ATT". It seems that many Americans don't know how to spell operator, enough that MCI Communications was raking in a lot of business with "1-800-OPERATER", reaping the benefits of AT&T's advertising. (In both numbers, the final "R" is superfluous.)
  • One example of a typosquatter is Jason Gastrich, the director of a Christian organization who uses the method as a means of directing surfers away from sites of which he doesn't approve and to his own site; which contains pop-ups, pop-unders, and other mechanisms of revenue and hit-count generation. Gastrich has engaged in the purchase of a number of domains, after which he sets up redirect scripts away from sites such as the Talk Origins Archive and to his own. He has also purchased domain names for Michael Newdow and Antony Flew (though misspelled as "Anthony") and uses them to take web surfers to sites that present his political and religious views as well as advertising.

"Catchall" typosquatting

Other than individual domain name purchases, several attempts have been made by larger corporations to profit off of user typos by redirecting them without their knowledge.

  • Microsoft's Internet Explorer automatically redirects users' mistyped URL queries to their MSN Search page. Though a user can reconfigure their browser to use a different search tool, Google, MSN's biggest rival, is not in the list. However, on their web site, Google has explained how to make their search engine the IE default for mistyped urls.
  • Top-level domain registry operator VeriSign's Site Finder automatically redirected traffic to URLs not registered by users. This caused a fair amount of outrage from the internet standards community, and an emergency patch to BIND was issued to circumvent VeriSign's actions.
  • Paxfire, a startup company, sells partner internet service providers a tool that redirects mistyped queries to a Paxfire-generated page with sponsored advertiser content related to the mistyped "hotword". Revenue generated from user clicks is split between Paxfire and the internet service provider.
  • Certain types of malware pose as browser plugins and redirect a user's web requests or search queries without their knowledge or consent, even if the URLs themselves are properly typed.

See also

External links

Categories: