DomainTools, the leader in domain name and DNS-based cyber threat intelligence, today announced the results of a survey which found that nearly a third (28%) of cyber security professionals have bought domain names to deflect business away from competitors.
Cybersquatting, like most cybercrime, is done for profit and is designed to steal legitimate internet traffic meant for corporate homepages. Over a third (37%) of respondents said that they had been a target of this, and were aware of other domain names that tried to siphon revenue, tarnish their brand and/or copy their website. When asked how much they would be willing to spend to take down a website that was using their company name, 43% said that ‘the sky’s the limit’.
Tim Helming, Director of Product Management at DomainTools said “It is somewhat ironic that over 40% of the cyber security professionals we spoke to are willing to spend over £10,000 to stop anyone else using a domain to affect their business, considering nearly a third of them are registering domains in order for the purpose of targeting their competitors. These results also show how important domains are to a company’s brand, security and bottom line.”
Helming advises that for companies who are worried about being a target to keep an eye on cyber squatters and to register as many domains as possible. “For some brands, it is not practical to register all of the possible combinations of their brands, domains, and add-on terms such as ‘store.’ It can easily run to the tens of thousands of domains, if not over a hundred thousand for a company with multiple product names. The best advice is to register as many relevant domains in the major TLDs as possible (major being com, net, org, .co.uk, biz, us, info, .de) and to keep an aggressive search out for squatting domains.”
Cybersquatting takes advantage of human error, either bad spellers or typing mistakes. Helming suggests that there are certain patterns you can look out for to be able to avoid these websites. “In general, there are certain patterns that tend to be red flags. For example, we don’t see luxury brands using domain names that begin with words such as ‘cheap’ or ‘discount.’ Similarly, they generally do not add numbers, as in ‘123(brand).com’ either. Many such domains exist, but they are being controlled by entities that have nothing to do with the brands themselves and are not likely to give the shopper a satisfying experience. It is also important to know that looks can be deceiving–many illegitimate sites look virtually identical to the real thing. This is where looking closely at the URL can be a real difference-maker for staying safe.”