Cybersquatting for politics, not profit

“We’ve seen domain names change owners for exorbitant sums of money.”

Buying and selling domains based on common words and phrases is big business. Famously, Sex.com sold for $13 million ($11.7 million) in 2010, at the time the most expensive domain sale ever. Elon Musk claims his company owes Tesla.com his $11 million and earlier this year he said NFTs.com changed owners with his $15 million ($21 million) doing.

But in addition to squatting to sell domains, companies may try to register competitors’ names and redirect traffic to their own sites. This is similar to how businesses buy Google ads based on their competitors’ searches.

In a well-known example of Australian cybersquatting, in 2011 Catch Group delayed the Australian version of American trading giant Groupon, buying local domains and trademarks and redirecting them to a similar Scoopon service.

Criminals also often acquire domains that look like (or contain popular sites misspelled) popular sites in an attempt to trap victims, Hunt said. But for One Nation, he said it looked shady but was by no means illegal.

“In the case of Pauline Hanson, the motivation seems to be to influence people searching these topics to get to her material, rather than where they think they’ll end up based on that topic.” He said.

The strict rules adopted by the AuDA, the regulatory body that administers Australian domain names, could hold the party back. The registrant must have an Australian connection to use a domain ending in .au and the domain name is closely related to the registrant’s name, trademark or business or service provided is needed. According to AuDA.

However, AuDA can reject One Nation’s .au registration, but leave other websites intact.

“Registration criteria rely on top-level domains (TLDs), so if you want to get a .com, you can get whatever you want, as long as it’s available,” says Hunt.

Meanwhile, Bruce Bilson, Australia’s small business ombudsman, said the problem of cybersquatting could get worse in the coming months as the way Australian domains are registered changes from next month. expressed concern.

In March, AuDA began registering .au top-level domains. This means companies can claim domains like example.au. Individuals and businesses who already have a .com.au domain can apply for priority access and get the same without the .com, but after September 22nd all unused domains will be made available for general purchase. Become.

“If you need a shortened .au domain, or are frustrated that someone else has it, I ask all small business owners to take a few minutes to figure it out. “We’re looking forward to it,” said Billson.

“Dear small business owners, if you want it, I recommend taking a few minutes and a few bucks to register, otherwise someone else will grab it and use it. They can digitally ambush your business and later face demanding and handing over large sums of money to you, or abuse it to impersonate you or help them get involved in cybercrime. I will.”

AuDA has set a six-month grace period for existing domain owners to register new addresses, but Billson said public awareness campaigns were ineffective.

Loading

“My engagement with small businesses is that overwhelmingly they are unaware of this change or do not understand the potential consequences,” he said.

“A domain name is your business identity and is critical to your business success. Small businesses cannot afford to sell their identity to anyone.”

Hunt said there are concerns about imitators of cyber squatters, but there’s only so much companies can do to prevent them. Not only do squatters have a myriad of top-level domains to use, they also have a wide variety of phrases and spellings.

“It’s a bit of a whack-a-mole, to be honest. You end up in a situation where you try to get all these different variations, and it’s just not possible,” he said.

“At the end of the day, if people recognize the domain name itself, minus the TLD, and it sounds like what they’re looking for, they’ll just click through.”

Hunt operates the popular website Have I Been Pwned, where users can look up their email address or phone number to find out if they have been affected by a data breach. He said he was constantly fighting imitators and squatters. For example, HaveIBeenPrawned.com is owned by Hunt and redirects to proper sites, but HaveIBeenPawned.com is full of spam.

“I got HaveIBeenPwned.ninja because someone registered it and sold it to me,” he said.

“There is an assumption that the TLD has some kind of geographical connection, but there are a huge number of people who have registered the Tuvalu TLD, the .tv domain, because it sounds cool,” he said. .

Get news and reviews on tech, gadgets and games with our weekly Technology Newsletter every Friday. Sign up here.