Cybersquatting
What is Cybersquatting?
CybersquattingRegistering domain names that contain trademarks or well-known brand names without authorization, typically to extract money from the rights holder or to deceive users.
Cybersquatting is the bad-faith registration, trafficking, or use of domain names that incorporate someone else's trademarks, names, or distinctive identifiers. Motivations include reselling the domain at inflated prices, diverting traffic for ad revenue, hosting phishing or scam content, and damaging a brand's reputation. While the term overlaps with typosquatting, cybersquatting more broadly covers exact-trademark or close-variant registrations across TLDs and ccTLDs. Remedies are mostly legal and policy-based: the UDRP and URS administered by WIPO and other arbitration bodies, ICANN's Trademark Clearinghouse, and national laws like the U.S. ACPA. Security teams complement these with brand-monitoring services, defensive registrations, and rapid takedown processes for phishing infrastructure built on squatted names.
● Examples
- 01
An attacker registers "acmecorp-support.com" to demand payment from the real ACME Corp or to host phishing.
- 02
Speculators acquire newly minted gTLD domains matching well-known brands hoping to resell them.
● Frequently asked questions
What is Cybersquatting?
Registering domain names that contain trademarks or well-known brand names without authorization, typically to extract money from the rights holder or to deceive users. It belongs to the Attacks & Threats category of cybersecurity.
What does Cybersquatting mean?
Registering domain names that contain trademarks or well-known brand names without authorization, typically to extract money from the rights holder or to deceive users.
How do you defend against Cybersquatting?
Defences for Cybersquatting typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Cybersquatting?
Common alternative names include: Domain squatting.