Generally, the victim site of typosquatting will be a frequently visited website. The typosquatter's URL will usually be one of three kinds, all similar to the victim site address:
A common misspelling of the intended site; for example, webadress.com
A misspelling based on typing errors; for example, wwebaddress.com or wwbaddress.com
A differently phrased domain name; for example, web-address.com
(In all previous examples, the intended website is webaddress.com.)
Once in the typosquatter's site, the user may also be tricked into thinking that they are in fact in the real site; through the use of copied or similar logos, website layouts or content. Sometimes competitors of the victim site will do this.
Alternatively, the user will be forwarded to a site of a completely different nature to what they intended. This tactic is often used by pornographic websites and comedy websites.
Sometimes, the typosquatters will use the false addresses to distribute viruses, adware, spyware or other malware.
[edit]
Combatting typosquatting
A victim website will usually send a cease and desist letter to the offender at first, in attempt to quell the activity.
They may also try and purchase the website address from the typosquatter, which could have been the typosquatter's aim all along.
Occasionally, lawsuits will be taken against the offending site or individual.
A company may try and preempt typosquatting by obtaining a number of websites with common misspellings and redirect them to the main, correctly spelled website. For example
www.gooogle.com,
www.goolge.com,
www.gogle.com, and others, all redirect to
www.google.com. In another example, actor and politician Arnold Schwarzenegger is reported to control the domains with the ten most common misspellings of his surname.
[edit]
Examples of typosquatting
The domain of the Web site of the President of the United States, whitehouse.gov, has two high-profile "misspellings": whitehouse.com, which was a pornographic Web site, and whitehouse.org, a satirical site.
Wikipedia is also a victim of typosquatting:
www.wiipedia.org,
www.eikipedia.org,
www.wilipedia.org and en.wikipedi.org, [as of 2005], are all websites which contain pop-up ads, spyware/adware downloads, and ad-generating search engines.
A related gambit is obtaining "800" numbers that correspond to misspellings; a good illustration is AT&T's sudden abandonment of "1-800-OPERATOR" and replacing it with "1-800-CALL-ATT". It seems that many Americans don't know how to spell operator, enough that MCI Communications was raking in a lot of business with "1-800-OPERATER", reaping the benefits of AT&T's advertising. (In both numbers, the final "R" is superfluous.)
[edit]
"Catchall" typosquatting
Other than individual domain name purchases, several attempts have been made by larger corporations to profit off of user typos by redirecting them without their knowledge.
Microsoft's Internet Explorer automatically redirects users' mistyped URL queries to their MSN Search page. Though a user can reconfigure their browser to use a different search tool, Google, MSN's biggest rival, is not in the list and a custom engine cannot be specified by the user.
Top-level domain registry operator VeriSign's Site Finder automatically redirected traffic to URLs not registered by users. This caused a fair amount of outrage from the internet standards community, and an emergency patch to BIND was issued to circumvent VeriSign's actions.
Paxfire, a startup company, sells partner internet service providers a tool that redirects mistyped queries to a Paxfire-generated page with sponsored advertiser content related to the mistyped "hotword". Revenue generated from user clicks is split between Paxfire and the internet service provider.
Certain types of malware pose as browser plugins and redirect a user's web requests or search queries without their knowledge or consent, even if the URLs themselves are properly typed.
http://en.wikipedia.org/wiki/Typosquatting
-Allan