10 Interesting Cybersquatting Examples to Learn From
Facebook, Google, Walmart, Wells Fargo, Bank of America, TikTok, PayPal, and Apple – these are some of the big brands that have become victims of cybersquatting! Here are some other cybersquatting examples you can learn lessons from…
In our previous article, we answered the question “what is cybersquatting?” and went over ways you can prevent it. In this article, we’re going to show you some well-known and controversial cybersquatting examples to help you explore the concept in more detail. But before we do that, let’s take a few moments to review briefly what cybersquatting is and what it does.
Cybersquatting refers to buying a domain name that’s identical or confusingly similar to a registered trademark without having any legitimate interest in the domain. (You’re “squatting” on the digital property.) The domain registrant buys the domain in bad faith to achieve financial gains, spread malware, or to ruin the original brand’s reputation.
In the United States, the Anti-Cybersquatting Consumer Protection Act (ACPA) is applicable to cybersquatting cases. For international disputes, the World Intellectual Property Organization (WIPO) facilitates arbitration and takes into consideration the Uniform Domain-Name Dispute-Resolution Policy (UDRP).
Don't make the same mistakes
Yahoo, Equifax, Home Depot,
LinkedIn, and Ericsson did!
Get our free 15-point checklist and
avoid the same costly pitfalls.
Contact details collected on InfoSec Insights may be used to send you requested information, blog update notices, and for marketing purposes. Learn more...
So, now that we know what cybersquatting is, let’s explore some new and historical cybersquatting examples.
Cybersquatting Example 1: Amul
Alright, on to our first in the list of cybersquatting examples. Amul is India’s one of the biggest dairy companies with a sales turnover of over 38,550 crore Indian rupees (approximately US$5.28 billion, or 385,500,000,000 Indian Rupees) for the fiscal year 2019-2020. The company became the victim of cybersquatting when someone bought the following domains and made phishing sites:
- Amuldistributor.com
- Amulboard.com
- Amufran.org.in
- Amuldistributorindia.com
As part of their scam, the perpetrators:
- Made bogus bank accounts using Amul’s name,
- Sent fake forms via emails.
- Asked for payment to become an Amul distributor and franchise store.
- Ran recruitment scams on the websites, asking candidates to pay a fee to submit job applications.
The scam ran from 2018 to 2020. Finally, Amul issued a public notice to warn people about the scams and took legal steps to deal with the issue.
Cybersquatting Example 2: Popular Tech & Banking Brands
Palo Alto Networks discovered the following cybersquatting domains that were used for malicious purposes:
- Walrmart44.com: Spreads adware, spyware, and malicious browser extensions.
- Secure-wellsfargo.org: Steals users’ personally identifiable information, login credentials, and ATM pins.
- Facebookwinners2020.com: Offering fake prizes or free products to victims. To claim the prize, users need to fill out a form with their personal information such as name, email address, phone number, date of birth, income, etc.
Featured in the graph below are some other popular domains that cybersquatters abused in December 2019, according to Palo Alto Networks:
Cybersquatting Example 3: Fox News
Fox News sued the domain owner of xofnews.com and foxnews-entertainment.com on the grounds of cybersquatting. The website owner mimicked the original Fox news site by using the same logo and style for the above-mentioned sites.
When a user lands on one of these sites, they see an article talking about a miracle weight loss supplement. At the end of the article is a link to a payment page for buying the supplements. The concern is that readers would trust the claims because they are published on what appears to be the reputable media channel’s website.
Cybersquatting Example 4: TikTok
Two Australian friends, Fotios Tsiouklas and Alan Gokoglu, anticipated that the app TikTok would become a popular brand, so they bought tiktoks.com for $2,000 just after TikTok’s launch. Bytedance, TikTok’s parent company offered $145,000 to Tsiouklas and Gokoglu to buy that domain. However, the pair decided to retain the domain and start a “follower growth” business, in which they offer a “follow-for-follow” service. They also help people to increase their follower by charging a fee.
After the failed negotiation attempt for the tiktoks.com domain, Bytedance filed a cybersquatting case against TikToks.com in August 2020. The WIPO administrative panel decision report shows that in September 2020, the company filed an amended complaint to also include the following domains:
- Growtiktok.com,
- Tktokcharts.com
- Tiktokexposure.com, and
- Tiktokplant.com.
As of Jan. 13, 2021, the panel ordered the pair of friends to transfer all five domains in question to the complainant.
Cybersquatting Example 5: PETA
PETA, which stands for People for the Ethical Treatment of Animals, is an organization that strongly advocates veganism. It’s a nonprofit organization, which is why its site, peta.org, has the “.org” top-level domain (TLD). However, someone named Michael Doughney bought the domain peta.com and branded it “People Eating Tasty Animals.” He also provided links to some meat suppliers on the website.
This contradicts PETA’s mission and values and was viewed as harmful to PETA’s brand name. PETA sued him and won the case, gaining rights over the domain peta.com. Now, peta.com is owned by PETA and the site redirects website visitors to peta.org.
Cybersquatting Example 6: Mitsubishi and Microsoft
There’s another fashion of making gripe sites in which cybersquatters buy domains having the brand name they hate and add the word “sucks” to the end of it. These two are among the most famous gripe sites:
- Mitsubishisucks.com: A Mitsubishi hater made this site to share everything they think is wrong with Mitsubishi. The site owner includes charts and graphs showing Mitsubishi’s sales decline, customer complaints, workplace discrimination issues, safety concerns, and technical features that he hates.
- Microsoftsucks.org: A Microsoft critic has made this site, which was originally used as a phishing site but now is parked on HostGator and open for sale. However, if you have a robust antivirus program or the firewall, it will see the following warning page and you won’t be able to enter the website.
I’m sure that many people have dreamed of creating sites that speak out against brand, politicians, or companies they dislike or don’t agree with. However, as you can probably guess, this practice is more than frowned upon by the offended brands and individuals and may result in lawsuits.
Cybersquatting Example 7: Business Insider
Andrew Allemann from domainnamewire.com discovered a phony Business Insider website with a web address of foxworldnews.today. The cybersquatting site displays an equally-fake article claiming that Bill Gates gives credits for his brain’s advanced cognitive functions to a drug called Neuro Blast. Allemann post shows that the fake article links to NeuroBlastToday.com and the URL includes an affiliate ID for tracking purpose.
Cybersquatting Example 8: Hazelden Betty Ford Foundation
Hazelden Betty Ford Foundation sued Germany’s My Way Betty Ford Klinik for cybersquatting, trademark infringement, false advertising, and other charges in January 2020. Hazelden is one of the leading rehab centers in Minnesota. They merged with California’s Betty Ford Foundation in 2014 and operate under the brand name of “Hazelden Betty Ford Foundation.”
Apart from providing a systematic rehabilitation treatment for alcohol and drug addiction, the foundation also runs an accredited graduate school to provide academic programs to rehab professionals and an addiction research center.
Casemine.com reports that the German rehab clinic tried to approach the U.S.’s Hazelden Betty Ford Foundation to seek permission to use the Betty Ford name. Although the foundation declined that request, the German center went ahead and bought the domain mywaybettyford.de anyway and operated the business using the same brand name. They even used the fonts and color scheme the same as the hazeldenbettyford.org site.
As you can imagine, this resulted in a lot of confusion for patients regarding the relationship between the U.S. and German organizations. That’s why the Hazelden Betty Ford Foundation sued Germany’s My Way Betty Ford Klinik with the charges of cybersquatting and using their brand name without permission. As of Dec. 1, 2020, the defendant’s motion to dismiss was denied in court. This means that the plaintiff’s case against the German will continue.
Cybersquatting Example 9: Android
A Wuhan resident, Jing Ren, bought a domain Android.co.in from an Indian domain registration platform NIXI. He put the website on sale for USD $19,500. Medianama reports that Google sued him and chose the arbitration proceedings in India because the domain was registered in India. In August 2020, Google won the case. The arbitrating committee ordered Jing Ren to hand over the domain Android.co.in to Google.
Ren, who Medianama quotes the arbitrator as calling a “habitual cyber squatter,” faced a similar issue in the past when the arbitration committee ordered him to transfer TikTok.in to TikTok’s parent company ByteDance Ltd.
Cybersquatting Example 10: Microsoft
Microsoft sued a teenager for starting a software development business with a domain name mikerowesoft.com. The teenager, Mike Rowe, was a high school student who started a side business of software development. He didn’t intend to cause any trademark infringement. He just thought if he adds “soft” after his name, it will make a cool phonetic variation of the name “Microsoft.”
But then Microsoft sued him and offered a $10 settlement! Mike felt offended by the gesture and asked for $10,000 to sell the domain name to Microsoft. Microsoft responded with a 25-page cease-and-desist notice. Unfortunately for the tech giant, though, public favor wasn’t on their side. Microsoft received backlash from the media and the public for such aggressive behavior. Later, both the parties agreed to settle out of court.
Cybersquatting vs Domain Investing
Sometimes, people fail to see the fine line between domain investing and cybersquatting. Domain investors buy domains with random dictionary words or popular names with the hope to sell them in the future at a higher rate. They “guess” what type of domain names people are going to need in the future. They keep an eye on the latest industry trends and news to predict future business trends and buy the domains accordingly.
For example, if you notice that cryptocurrencies are becoming popular and register domains that contain words or phrases relating to them, it’s may not technically be considered cybersquatting. (Note: Although we’re going to leave this type of decision up to the courts and other legal professionals to decide — that’s not our area!) This may be the case even if your goal might be to sell such domains to future cryptocurrency business owners or to someone that wants to make a platform to collaborate with crypto miners (something like a discussion group, tips-sharing group).
However, you fall into the realm of cybersquatting if you:
- Buy a domain name that resembles a brand or person who’s already famous,
- They already have a registered trademark on their name, and
- You have a goal to defraud people or to make money in the future by coercing the original business to buy it at a premium price.
For example, if you buy a domain name like biitcoin.com, btcoin.org, bitcoin.cm, etc., to deceive people who want to visit bitcoin.org (original bitcoin mining site), it falls within the realm of cybersquatting.
Hence, if you’re a domain investor, do your research before buying a domain. Otherwise, you might face serious legal and financial consequences in the future. You also may find your site on our updated list of cybersquatting examples in the future.
Final Thoughts on These Cybersquatting Examples
There are thousands of cybersquatting examples and cases we come across every year. Recently, the World Intellectual Property Organization has registered its 50,000th cybersquatting case. It doesn’t include the cases that people registered in their local courts and try to solve through arbitration processing.
As a website visitor, be vigilant while surfing websites. If you see any unusual signs or changes to how a site you visit normally looks (changes to the site’s layout, lots of ads and redirects, phishy language or questionable content, etc.), be sure to double-check the domain name in the address bar. As your domain name with different TLDs. Domains don’t cost a lot but can save you from a long and costly legal battle in the long run.
If you think someone has acquired a domain name that resembles your brand and their intention is malicious, don’t hesitate to seek legal help. This way, you don’t join another article’s list of cybersquatting examples in the future.
2018 Top 100 Ecommerce Retailers Benchmark Study
in Web Security5 Ridiculous (But Real) Reasons IoT Security is Critical
in IoTComodo CA is now Sectigo: FAQs
in SectigoStore8 Crucial Tips To Secure Your WordPress Website
in WordPress SecurityWhat is Always on SSL (AOSSL) and Why Do All Websites Need It?
in Encryption Web SecurityHow to Install SSL Certificates on WordPress: The Ultimate Migration Guide
in Encryption Web Security WordPress SecurityThe 7 Biggest Data Breaches of All Time
in Web SecurityHashing vs Encryption — The Big Players of the Cyber Security World
in EncryptionHow to Tell If a Website is Legit in 10 Easy Steps
in Web SecurityWhat Is OWASP? What Are the OWASP Top 10 Vulnerabilities?
in Web Security