DomainTools Blog

To celebrate September birthdays at DomainTools (Happy Birthday to Susan, Emily, Andrew and Kirsten!), we played some mini golf at the Seattle Interbay Golf Course the other day.  After grabbing some beverages, teams were chosen by the birthday crew. It was a perfect day to play some mini put-put out in the sun!

Prizes were given out to the top 2 teams, including gift certificates to Top Pot Donuts and Barnes and Noble. Andrew and Susan’s teams won – check out the team pictures below!

Jesse, Mike and Jason practicing right before we started the course

Kirsten after she took her shot

Andrew's team nearing the end of the course

Gustavo prepping for his shot

Susan's team near the end of the course (Susan got a hole in one!)

Here at DomainTools we’re well aware of the importance companies place on protecting their brands online, especially when it comes to using our tools to hunt down cybersquatting and typosquatting. But typosquatting is not just a problem for brand managers any more, as recent shocking research has shown.

A security company called Godai recently managed to steal 120,000 emails – a huge 20 GB of data, including passwords and trade secrets – simply by registering typo domain names of large global companies.

We’re all familiar with typosquatters registering names such as wwwgoogle.com in order to try to steal traffic from people who mistype www.google.com, and what Godai did was similar. But instead of targeting web traffic, the researchers aimed at domains used for email traffic. They called these domains “Doppelgangers”, but in reality they’re no different to a regular typo.

Some large multinational companies use three-level domains in their employees’ email addresses to show where in the world they are located. A IBM employee might have an @ca.ibm.com address if they’re based in Canada or @mx.ibm.com if they’re based in Mexico, for example.

Godai registered typos of these domains, merging the second and third levels into something like caibm.com, then set up catch-all email accounts and sat back and waited for the typo emails to come flooding in. And flood in they did – the company managed to capture hundreds of passwords, private employee documents and corporate trade secrets.

The researchers found that 30% of the Fortune 100 companies were vulnerable to such attacks, and that many appeared to have already been typosquatted in this way, often by registrants based in China.

With the internet being used increasingly for corporate espionage, it’s important to monitor for typos not only of primary brands, but also of domains used in sensitive internal communications.

DomainTools can help. Our Typo Finder not only generates possible typos that you can then defensively register, it also tells you whether the domains have already been registered and to whom, enabling you to conduct a further investigation or pursue a cybersquatting complaint.

Typo Finder can find domains that look like your own but for a single missing or transposed letter, or proximity-based typing slip-ups such as using an N instead of an M. The kind of typo you want to see in your output is completely configurable through a simple interface.

Combined with other DomainTools services such as Reverse Whois, Name Server Reports and Reverse IP, our Typo Finder is one of the most powerful and cost-effective fraud mitigation tools available. If you’re at all concerned about being at risk from email theft, you should check it out!

Last January, we posted our first DomainTools Support Inquiry blog update  and it’s time to post a Volume 2!  In case you don’t remember the background around these tickets, here’s a recap:

DomainTools Support receives a wide variety of inquiries — from appropriate account-related questions to inquiries that are not so much related to DomainTools. Please note that we are not making light of these inquiries, but we do find them entertaining and thought you may as well. We still respond to each of these comments and questions, and offer a more appropriate point of contact.

These are real Support tickets, typos and all. It’s been interesting to see what might find its way into our inbox from day to day. We receive inquiries about EVERYTHING and anything you can imagine! Here’s a sampling of some recent ones we got in (phone numbers and names blocked out for privacy):

Inquiry from April 2011:

Inquiry #1 from August 2011:

Inquiry #2 from August 2011:

Last week, I explained how simple it can be to gain insight into companies’ product plans by using DomainTools to track the domain names they register. If you’ve been using our services to do that fora long time, you’ll have no doubt noticed that every company has a different strategy, in terms of how,and more importantly when, they register domains related to new and upcoming offerings.

Let’s take a look at some of the biggest names in mobile computing, for example. Just last week news emerged that Blackberry maker Research In Motion had registered over 300 domains for its new Curve phones. The list of domains covered a broad range of extensions, as well as variations using hyphens, abbreviations and additional keywords including the scary “sucks” suffix.

These were classic cases of defensive registrations – domains registered in order to keep them out of the hands of opportunistic cybersquatters. For a brand owner particularly at risk of squatting, preemptively registering hundreds of domains at $10 each may sometimes make more economic sense than later filing a UDRP complaint, which can cost many thousands of dollars.

Other companies, such as Google, take a less comprehensive approach, preferring to register a handful of key domains before they launch a new product, and pick off egregious cases of cybersquatting later. Google obtained plus.me in November 2010, for example, even though Google+ did not launch until June 28 this year. It had owned googleplus.com since winning it with a UDRP complaint in 2002, and won googleplusone.com in early June 2011 the same way.

But within 24 hours of Google+ launching, dozens of domains had been registered by people hoping to ride the wave of the service’s expected popularity. Registrations included straightforward cases such as googleplus.biz, keyword domains such as googleplusgames.com, typos such as googlepuls.com, and domain hacks such as google-pl.us. These kinds of domains are extremely vulnerable to cybersquatting claims and have virtually zero resale value to experienced investors.

If Blackberry is at one end of the spectrum, and Google occupies the middle ground, then Apple is an example of a company that often virtually ignores domain names when it launches products. When Apple launched the iPhone, it did not own iphone.com and later was forced to pay a seven-figure sum to the registrant, who had owned it since 1995. The company still does not own ipad.com, which was registered by somebody else in 1997. If it chooses to buy the domain now, it will probably have to pay more than it would have in 2009, before the iPad launched.

But this may actually be smart strategy for Apple. The company has always developed its new products in strict secrecy, encouraging its fan base to speculate about its next move. This created grassroots buzz for months before the moment Steve Jobs took the stage to officially unveil the company’s latest innovation. With so much brand capital relying on these staged, set-piece announcements, a premature domain registration or purchase may, for Apple, be more damaging than having to pay a couple million bucks later for an important domain.

When it comes to registering domain names, whether defensively or as part of a marketing plan, there’s no one-size-fits all strategy for the world’s biggest brands.