Cybersecurity 101: All You Need to Know About Cybersquatting or Domain Squatting

Ever since the dawn of the digital age, websites have become a crucial part of many businesses. Consumers across the globe head to the Internet when they want to learn more about products and services. That’s why business owners use their websites to list all the information that potential customers may want to know.

The benefits of having a business website make it all the more critical to protect it from cybersquatting. Cybersquatting, also known as domain squatting, is when an entity registers or uses a domain name to profit off of another entity’s trademark.

Here, you can learn about domains, cybersquatting, and ways to handle cases of cybersquatting.

cybersquatting and domain squatting

Domain Name

When a business owner sets up their website, they need to register a domain name. This allows their business to have an online presence. Here are the most common types of domain name extensions available for Australian organisations:

  • com.au
  • net.au
  • org.au
  • asn.au

It’s essential to pick an extension that corresponds best to the type of organisation you have. For Australian businesses, com.au is the most commonly used type of domain. Information technology companies are likely to use net.au, while charities and non-commercial associations are likely to use org.au and asn.au, respectively.

Registering a Domain Name

If you’re a business owner or organisational leader who’s interested in having a domain name registered, here are the steps you can take:

1.     Check the domain name’s availability

You can use the WHOIS search tool to check if your desired domain name is available. If it’s not available, you can consider alternatives like using a variation of your desired domain name or choosing a different domain extension for your website.

2.     Check if you are eligible to register the domain name

To determine if you’re eligible to register the domain name, you must check the Australian Domain Name Administrator’s policies and stipulations to get more information on your desired domain name. There are different eligibility criteria for each type of domain extension, and it’s important to know the requirements for each one.

3.     Register your domain name

The Australian Domain Name Administrator has a list of accredited registrars that you can work with to get your domain name registered. Fees, terms and scopes of service are different for every registrar, so you’ll need to weigh your options before selecting the one you want to work with.

When registering a domain name, it’s important to note when it needs to be renewed. If you fail to renew the domain name on time and it expires, cybercriminals could see this as an opportunity. It could make your site an easy target for cyber attacks.

There may be instances where business owners run across some trouble when registering their domain name. It’s when they’ve already filled out their forms, filed their paperwork and set up social media platforms, but they discover that their desired domain name can’t be used. When this happens, one of two outcomes is likely:

  • They find a webpage that says “domain name for sale,” “cannot find server” or “under construction”
  • They find a live website whose primary purpose is running ads

If you come across either of the above scenarios, it could signify that you might be encountering a case of cybersquatting or domain squatting.

Cybersquatting or Domain Squatting

Cybersquatting involves the purchase of domain names of trademarked businesses and brands. Cybersquatters typically intend to sell the domains to those businesses at a much higher price. This is detrimental to businesses because they can be misrepresented online, and it could prevent them from gaining the online traffic that they need.

To trick users into visiting their site, cybersquatters or domain squatters may intentionally misspell the name of a popular brand or domain. For instance, a user may have the intention to visit Facebook, one of the most popular websites online. However, they may accidentally commit a typo error, which lands them on another page. They would then unwittingly contribute to the revenue that the cybersquatters make from running ads on that webpage.

Because of the trouble it creates for both businesses and customers, cybersquatting is considered a cyber attack and an illegal practice in Australia.

Cases of Cybersquatting

Most businesses, especially small and medium enterprises, are only beginning to become more tech-savvy. A decade ago, most businesses weren’t quite as in the know, which made them more prone to cybersquatting attacks.

Some of the most well-known victims of cybersquatting attacks were Hertz, Avon and Panasonic. Celebrity Madonna had to file a complaint through the World Intellectual Property Organization (WIPO) to gain control over the site madonna.com. Tech giant Microsoft also went to court against the cybersquatter “Mike Rowe” for control of the domain “MikeRoweSoft.com.” “Mike Rowe” had demanded a whopping $10,000 in exchange for the control of the domain.

Today, it’s not as easy to pull off cybersquatting because more businesses are now aware of the importance of securing their domain names and the risks they face by not doing so. However, it still prevails in cyberspace. From January to October 2020, 3,405 cases of cybersquatting were reported to WIPO.

How to Identify Cybersquatting

It can be tricky to identify cybersquatting because there are legitimate businesses that buy and sell domain names. It can be confused with the legal practice of domaining, which is when entities purchase domain names that may be of interest to a variety of buyers. The domain names tend to be more generic, and they are often sold through a domain broker or through a bidding process.

It all boils down to the intent behind purchasing the domain name. If the intent behind getting the domain is malicious, it qualifies as a cybersquatting attack. An example of this scenario would be when a domain is purchased by a cybersquatter so that they can run ads on it or resell it for profit. By registering the domain name for themselves, a cybersquatter can then:

  • Sell ad space to the business’s competitors for more profits
  • Disrupt the trademark owner’s business and block its clients from reaching the business

How to Combat Cybersquatting

Cybersquatting attacks are handled on a case-to-case basis. There are three common ways for business owners and organisational leaders to combat cybersquatting:

1.     Using the Australian Trade Marks Act of 1995

The Trade Marks Act of 1995 covers the registration of trademarks and the rights given to registrants. Under the Trade Marks Act, a business owner can trademark words, names and logos and use them as a way to distinguish their brand from others.

If you have a registered trademark and found a domain name that’s already using it, you can challenge the use of this domain name. By doing so, you can prevent the infringing party from using your trademark and then get the domain name you want. You may also be entitled to damages or get a cut from the income that the cybersquatter received from using your trademark.

2.     Taking the cybersquatter to court

Aside from using the Trade Marks Act of 1995, you may also take the cybersquatters to court for deceptive conduct or passing off the business as their own. Additionally, you could take the cybersquatters to court for breaching contracts or licensing arrangements.

3.     Using the Uniform Domain Name Dispute Resolution Policy and filing a complaint

The Uniform Domain Name Dispute Resolution Policy provides the legal framework on how to resolve domain disputes between the registrant and the cybersquatter. This method can be done online and is perhaps the most cost-effective method of the three. It also tends to be the fastest-acting because the resolution can be completed in less than three months.

If you want a resolution where the cybersquatter not only transfers or cancels the domain name but also provides you with financial compensation, going to court is the best method. If you can prove that you lost revenue due to the cybersquatter’s actions, the court may rule that the cybersquatter pay you back the amount that your business lost, plus damages.

Going to court should also be your chosen method if you have a reason to believe that the cybersquatter may threaten your rights in the future. Australian courts have the power to nip any future action in the bud.

Again, all cybersquatting cases must be looked at on a case-to-case basis. However, for more long-term coverage and action plans, court action may be the better method.

Enhancing Cybersecurity Efforts

Cybersecurity is a crucial aspect of all businesses, but it’s one that often gets overlooked. In 2020, the Cyber Security Industry Advisory Committee in Australia called on Australians to beef up their cybersecurity measures, defining the year as a “turning point” in Australian cybersecurity. According to the Australian Cyber Security Centre, an average of 164 cybercrime reports per day are made by Australians across the country.

As such, business owners and organisational leaders must take all the precautions in protecting their online presence and securing their data. This includes being well-versed with the laws that govern cyberspace and monitoring their active webpages.

Cofence
Cisco
mimecast
IBM
Logpoint
Qualys
cyberfish
ExtraHop
netskope
SentinelOne
Rapid7
zscaler
fortinet
thycotic
Crowdstrike
Securonix logo
ThreatX logo