Threat Intelligence Blog

In mid-February Harvard researchers Tyler Moore and Benjamin Edelman posted their research on the prevalence of typosquatting, the practice of registering and monetizing domains that would likely only be visited on accident when internet users misspell the web address of legitimate websites. Among several findings in their work, titled Measuring the Perpetrators and Funders of Typosquatting, they report that 80% of typo domains lead to pay per click ads, and almost two-thirds of typo domains can be traced to just five individual advertisers using Google AdSense.

Edelman was kind enough to answer a few questions about their research.

Cyveillance: Your paper is premised on the idea that typosquatting unethically diverts traffic from legitimate online destinations. You open one of your paragraphs with the line, “Most large domain registrants present themselves as ‘domain parkers’ or domainers.” Some readers may be confused about your position on domaining as an industry. Can you clarify your stance on domaining in general?

Ben Edelman: I don’t see much genuine value coming from the domaining business. Yes, some users guess domain names, and domainers can cause results to be shown to users who might otherwise receive error messages. But most web browsers already show results that are at least as useful as domainers’ placeholders – often better, with genuine organic results rather than merely advertisements.

Meanwhile, domainers cause some important harms: For one, as detailed in my article, domainers deplete advertisers’ budgets. Domainers also make it more costly for entrepreneurs to obtain the domains required to run actual substantive businesses: A domain might truly be unclaimed, in the sense that no one has ever used it for anything interesting, but a domainer would nonetheless be able to withhold that domain from a would-be user until they agree on a price. Combine these harms with the remarkably widespread ongoing problem of typosquatting, as presented in my article, and the net value-add of domainers is far from clear.

Domainers will vigorously defend their right to advance-register large numbers of domains, as if this is some kind of moral entitlement. I’m not so sure. In many areas, landowners are (and, historically, have been) required to improve their property lest they be a blight or eyesore to others. The analogy here is less direct: Which domains are “near” an unimproved domainer domain? But certainly unimproved domains harm others, by impeding what could be direct navigations, and by driving up costs to others. Indeed, limits on domain purchases have ample precedent – dating back to Jon Postel’s early restrictions on how many domains a single person or entity could request, and similar restrictions in certain ccTLDs. At least as against domainers with thousands, tens of thousands, or even hundreds of thousands of domains, these ideas do ring true to me.

Cyveillance: In your attempts to collect information about the behavior of typosquatting domains, some websites prevented your systems from gathering information about them. Can you discuss which servers attempted to prevent your analysis? Are you aware of any direct or indirect response to your investigation on their part?

Ben Edelman: Google has pointed out that it will disable typosquatting domains in response to a trademark holder’s specific request. Indeed, but what about infractions that come to Google’s attention some other way, such as in my article or in a complaint from the general public? What about infractions that are readily apparent to Google, thanks to Google’s excellent semantic analysis software? Google does as little as it can – letting Google and its partners continue to profit as widely as they can. Once Google is on actual knowledge that a domain is a variation of a trademark – either because a member of the public says so, or because Google’s own software figured it out – I’d like to see Google avoid targeting ads to that domain. And there’s a strong case that that’s exactly the behavior that the ACPA requires.

Meanwhile, trademark holders have ample grounds to be angry. And reading my article, I believe a new set of trademark holders is remembering that there’s more they could do here.

Cyveillance: Many merchants make use of affiliates to promote their products and services on the internet. You mentioned that “Few affiliate merchants affirmatively allow typosquatting, and most disallow it when it comes to their attention.” What recommendations, if any, do you have for merchants in this situation? Why do you believe most do not prohibit typosquatting among their affiliates to begin with?

Ben Edelman: An easy first step is a specific contractual prohibition on affiliates registering or using typosquatting domains. But merchants then need to follow through on this prohibition by implementing effective, robust enforcement. And merchants would do well to penalize violators, including through litigation. Recall Lands End v. Remy, wherein Lands End sued several LinkShare affiliates who had used typosquatting domains to claim affiliate commissions they had never properly earned.

Cyveillance: Your article states that there are “two main uses for traffic diverted to typo domains: placing pay-per-click ads and redirecting to other (often competing) domains.” Both situations cost brand owners money. This may seem obvious, but just to be sure: which is worse for a brand owner in your opinion?

Ben Edelman: They’re both unlawful, and they’re both unacceptable.

Cyveillance: You conclude by offering that the parties with the most ability to reduce typosquatting are the ad platforms of Google and Yahoo. Do you expect to see either company modify its practices based data like that found in your investigation?

Ben Edelman: I see the two main ways to compel ad platforms to change their practices: litigation and public outcry. Both are underway.

Cyveillance: Based on your research what advice do you have for brand owners when faced with the problem of typosquatting?

Ben Edelman: Trademark owners need not write off typosquatting as an unavoidable cost of doing business. Perpetrators are identifiable, and legal remedies are clear. In few other contexts do sophisticated companies sit back and let themselves get cheated. I don’t see why they’d want to do that here.

Many thanks to Edelman for taking the time to answer these questions.

Additional Posts

Docstoc’s DocCash Provides Incentive for Copyright Abuse and Spam

Docstoc is an online document sharing service that allows users to upload files like Microsoft ...

Blippy, a Spear Phisher’s Dream

This month, a service called Blippy was rolled out to the general public. In a CNN article this ...