Protect your business against ruthless cybersquatters


Also this week: Blueliv is pleased to announce a featured post on the subject of Cybersquatting from Jean-Jacques Dahan–Managing Director and Expert Consultant for Online Brand Security & Global Domain Strategy, Zeusmark.

This article continues the discussion begun with the Phishing module article. Now, the focus will be on how to defend yourself against Cybersquatting. Blueliv offers one module that handles both.


Brand Integrity and the Value of a Trademark

To understand Cybersquatting, you must first consider customer relationships.

Brand integrity is the result of trust. It is not something that happens overnight. In fact, it can take years, and even decades to develop name recognition.

Customer loyalty develops because of the consistent value that you and your company provide. Your company is represented by your trademark, which supports that bond. Think Apple. Think FedEx.

Companies that reach this level of marketplace clout have invested considerable capital and sweat equity in order to build good reputations.

And, of course, along with that name comes creatively designed visual representations that include:

  • Logos
  • Websites
  • Color palettes
  • Content

These attributes represent the work of talented artists and agencies and can be considered part of your company’s assets.


The High Cost of Branding & Trademarks

The United States Patent & Trademark Office states:

A Trademark is any word, name, symbol, device, or any combination, used, or intended to be used to distinguish the goods/services of one seller or provider from those of others and to indicate the source of the goods/services.


At a minimum, a business can expect to pay at least $3500 just to get an attorney started researching trademark ideas and filing paperwork with the appropriate agencies. With so much riding on brand reputation, it’s worth the investment to have it done right. Some of the things your attorney does:

  • Performs Trademark searches
  • Registers for exclusive rights to a Trademark
  • Registers copyrights for creative work
  • Applies for patents
  • Files for utility patents

But, the pain is worthwhile. A distinctively branded company stands out and telegraphs its unique value to buyers.

Now that we understand what’s at stake, we can investigate cybersquatting.



Cybersquatting, like Phishing, is also highly targeted. It’s aimed at businesses and organizations and takes advantage of their success to extract money.

Cybersquatting – the practice of registering names, especially well-known company or brand names, as Internet domains, in the hope of reselling them at a profit.

The term is derived from “squatting“, which is the act of occupying an abandoned or unoccupied space or building that the squatter does not own, rent, or otherwise have permission to use.

In essence, a cybersquatter takes possession of your brand at some level. This criminal relies on your professional pride, your conscientious work ethic, and desire to protect customers as a motivating force to get you to comply with their demands.

According to one Forbes contributor, the cost of a dislodging a cybersquatter can start at $100 and escalate past $10,000 in hopes that the case won’t go into litigation.


Different Varieties of the Same Attack

There are 3 major types of Cybersquatting:

  • Typosquatting
  • Identity Theft
  • Name Jacking

Typosquatting – also known as URL hijacking, targets Internet users who incorrectly type a website address into their web browser. For example:

  • or instead of
  • .cm instead of .com
  • [legitimate],, and

The counterfeit website mimics the genuine site in layout, color scheme, content, and other trademark material.

In 2013, a California court ordered a typosquatter to turn over 105 domains, like;, to Mark Zuckerberg, plus it awarded an additional $2.8Million to the social media magnate in damages.

Identity Theft – Squatters use algorithms to track expiration dates of domain names legitimate owners inadvertently fail to renew, and then purchase them with the intent of selling them back for high prices.

Name Jacking –  Squatters target celebrities. Madonna, Taylor Swift, and even comedian David Spade have been prey to this attack. These squatters can also fake social media accounts, such as Twitter accounts to tweet out slander and humiliate public figures.


One Well-Known Case of Name-Jacking

Microsoft and MikeRoweSoft

Microsoft argued that their trademark had been infringed because of the phonetic resemblance between “Microsoft” and “MikeRoweSoft.”

In August 2003, Canadian high school student named Mike Rowe registered the domain name for his computer repair business website. Rowe played on phonetic sounds to be more recognizable to clients. He thought it was funny.

Microsoft did not agree. They filed a claim of trademark infringement demanding he forfeits the domain. Rowe asked to be compensated. Microsoft offered to pay the $10 it cost to register the domain. Rowe was thinking $10K. Microsoft’s response was to send a cease and desist order.

This benign example points to other cases that involve bullying and harassment.


Legal Recourse Against Cybersquatters

A victim of cybersquatting has options. That’s thanks in part to the Anticybersquatting Consumer Protection Act (ACPA), 15 U.S.C. § 1125(d), a U.S. law of 1999.

It establishes a cause of action for registering, trafficking in, or using a domain name confusingly similar to, or dilutive of, a trademark or personal name. The law was designed to thwart cybersquatters.

There is no European counterpart to ACPA. Acts of cybersquatting are dealt with according to national law. [….] and famous trademarks are protected under European legislation in Article 5(2) of Council Directive 89/104.

The World Intellectual Property Organization (WIPO), however, which covers the U.S. and E.U., does recognize UDRP [see below].

In general, victims can:

  1. File suit against perpetrators in U.S. Federal Court under ACPA
  2. Pursue under iCANN’s Uniform Domain Name Dispute Resolution Policy (UDRP)

The better question is: What can a business do to prevent problems in the first place?


An Ounce of Prevention

It’s important to think preemptively. The further a problem is left unchecked, the more costly it can become.

  1. Make sure your trademark is properly registered
  2. Make sure your domain is properly registered to a company and not an employee
  3. Buy up and keep up all variations of your domain name
  4. Include obvious misspellings and extensions [.com, .co, .org, .net, and .biz, etc.]
  5. Add “sucks” before the [dot] to prevent saboteurs–for example, JonesCompanySucks[dot]com
  6. Take action, including pressing charges, when problems arise


Final Thoughts

Cybersquatting is one of the basic forms of cybercrime. It’s inauthentic. It’s lazy. And it’s out-and-out theft.

Don’t get caught short. We recommend our Phishing and Cybersquatting module–and all of the resources available with our Threat Intelligence Platform.

Knowledge is power.

The Blueliv Cybersquatting module searches automatically to detect domains registered with names similar to those registered by your company with the use of powerful algorithms to detect keyword variations. It also continues to monitor automatically.

To find out more, contact our security analysts today.


Dark Commerce

Exploring the cybercrime industry and its business models: part 1

Read free report
Demo Free Trial MSSP