When .zip launched for General Availability in May 2023, it raised eyebrows across cybersecurity industries as the latest key target for phishing sites. Four months on and it appears these concerns were warranted.
A domain registration has become a critical aspect for businesses looking to establish and protect their brand online. However, the rush to secure a trade mark before its corresponding domain has given rise to a contentious practice known as domain squatting. Domain squatters, also known as cyber squatters, strategically monitor trade mark databases to register domains that correspond to newly filed trade marks, creating a challenge for brand owners across the globe.
Domain squatting involves the registration of domains that are identical or confusingly similar to trade marks, brand names, or even personal names, with the intent of scamming potential customers or selling the domain back to the rightful trade mark owners at an inflated price. This practice not only exploits the value of recognised brands but also poses significant risks to consumers through potential confusion and fraud of lookalike sites with lookalike domains.
Trade mark databases are public records maintained by various Intellectual Property offices worldwide, containing detailed information on registered trade marks and pending applications. These databases are intended to provide transparency and facilitate the protection of Intellectual Property Rights. However, they have inadvertently become a tool for domain squatters searching for potential targets.
Domain squatters utilise tools and scripts to monitor these databases for new trade mark filings. Upon identifying a new trade mark, they quickly register corresponding domains if a trade mark owner has not yet done so. This pre-emptive registration often leaves brand owners in a precarious position, facing the dilemma of negotiating with squatters or engaging in costly legal battles to reclaim their digital asset.
The timing of the domain registration may pose some difficulty to trade marks owners who have not been able to establish a reputation in their trade mark. Their recovery options could be limited, making the purchase of the domain from the squatter the most practical solution.
Squatters are aware that a trade mark owner would potentially want to settle the matter without a dispute, so they usually set the domain purchase price just under the cost of filing a complaint ($1300), under the Uniform Domain-Name Dispute-Resolution Policy (UDRP).
The average cost to register a .com domain is $25 so the return of investment for the squatter is substantial, whilst the risk is low, with only 1 in 50 domains needing to be purchased to break even.
Squatters tend to focus on generic extensions like .com as well as low cost ccTLDs such as .UK (United Kingdom) and .DE (Germany). They are also aware that some country extensions such as .DE (Germany) and .AT (Austria) do not have formal arbitration proceedings for domains. In these countries, action is usually instituted through the local courts, significantly increasing costs for the trade mark owner, ultimately giving the squatter more leverage to ask for a higher price.
Trade mark owners should adopt proactive measures to guard against domain squatting. The easiest step to combat this is by securing a matching domain before a trade mark is filed. There is no need to go overboard with domain variations. Keep it simple by registering identical matching domains in .com, .net and key countries where you are filing your mark and potentially high risk jurisdictions. This approach can save legal costs and avoid unnecessary frustrations with a new brand or campaign launch.