Beware of typo-squatting domain names on Cyber Monday

More than 80 per cent of typo-squatted domain names associated with holiday shopping receive significant levels of traffic and contain phishing scams, malware, or pay-per-click advertising, according to a recent study of top internet retailers.

The study, conducted by FairWinds Partners, analyzed thousands of typo domain names related to 50 of the top brands included on Internet Retailer’s Top 500 companies list.

“Traffic measurements show that people are still visiting typo-variations of brand name Web sites in significant numbers, despite the growing popularity of mobile apps and search engines for online navigation. And many of these people are at risk of becoming victims of identity theft or having their computers damaged by malware as a result of these sites,” explained Joshua S. Bourne, domain name expert at FairWinds and author of the study.

Consumers should pay extra attention to online scams around the holidays, the Better Business Bureau recently advised, and the internet shopping frenzy officially begins on November 28, a.k.a. “Cyber Monday.”

One example associated with typo-squatted domain names is The actual Web site name is without the “S” at the end. Or you can type in

As of the date of this release, this third-party owned domain name is serving up rotating malicious content, including pages claiming to have locked users’ files and demanding payment to release them or inviting users to click to download the latest Adobe Flash Player. Instead of receiving the promised download, the visitor’s device is compromised.

People aren’t the only victims of this type of cyber-squatting. In addition to harming customers and damaging brand reputation, pay-per-click advertising represents lost business opportunities as visitors are diverted to other websites.

Bourne recommends that companies protect consumers, their brands, and their profits by taking immediate action against typo domain names with the most malicious content, such as malware and phishing scams. For domain names owned by third parties that do not contain malicious content, but undermine the brand by diverting visitors to a competitor or driving up customer acquisition cost, Bourne recommends carefully targeting a more limited and objectively quantified set of domains to acquire.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

CDN Staff
CDN Staff
For over 25 years, CDN has been the voice of the IT channel community in Canada. Today through our digital magazine, e-mail newsletter, video reports, events and social media platforms, we provide channel partners with the information they need to grow their business.

Related Tech News

Featured Tech Jobs


CDN in your inbox

CDN delivers a critical analysis of the competitive landscape detailing both the challenges and opportunities facing solution providers. CDN's email newsletter details the most important news and commentary from the channel.