The energy and innovation of fraudsters never seems to end – if only they would use their powers for good. Fraudsters know that people often misspell domain names and use this to their advantage.

While most people arrive at a domain through a search, a link or via their browser bookmarks, it’s not unusual for people to type the name of a web site into their browser address bar. This is called type-in traffic and it’s fine – if people type the right web site address and it’s certainly not uncommon for them not to.

Some fraudsters will register a “typo” domain name, a popular brand’s name spelled incorrectly, with view to scooping up the wayward traffic. The site may look exactly the same as the real site; making it more difficult for the user to detect something is up. From there, it’s not difficult for the fraudster to gain the person’s login details or funnel the person to a malicious site that will download malware to their computer.

A less nefarious situation is “typosquatting.” Typosquatters register misspelled domains simply to run advertising for which they are paid. Some would still view this as a form of fraud and in the USA, the 1999 Anticybersquatting Consumer Protection Act (ACPA) contains a clause designed to combat typosquatting.

For online merchants, the solution is simple, but can be very expensive – to register domain names that cover all the possible incorrect spellings. That’s fine if you have deep pockets and a short name, but for most online merchants, while registering the most common misspellings may be possible; to cover them all simply isn’t viable.

At the minimum, if you know of a certain common typo of your domain name; it’s wise to register that and just redirect the traffic accessing that domain to your web site.