Why cybersquatting won’t be a big deal in new TLDs

Cybersquatting is motivated by profit, and it will be difficult to make money cybersquatting on new TLDs.

Much of the talk and consternation over introducing new top level domain names has focused on protections for intellectual property owners. Trademark holders have been worried about having to protect their brands in hundreds of new domain name extensions.

When it comes to cybersquatting, I think it’s clear that it won’t be nearly as big of a deal as it has been made out to be.

Here’s why: cybersquatters have a profit motive. Their goal is to either monetize traffic meant for a brand or to extract a ransom from the brand owner by selling the domain to them.

This works in .com and some popular ccTLDs. But it’s not so prevalent in domains like .biz, which haven’t gotten as much traction.

There are two reasons it won’t be very prevalent in new TLDs, either.

1. The domains will get little type-in traffic. I don’t see many people typing in something like gap.clothing on the assumption there’s a site there. Unless Gap promotes Gap.clothing, it’s just not going to get much traffic. There may be a few exceptions if certain niche TLDs take off, but those can be dealt with with URS and UDRP.

As with .biz, .info, and other domains, this takes away the monetization angle. It may, however, increase some cybersquatting/brand confusion in existing domains if people are confused by something like gap.clothing and go to gapclothing.com or gap.clothing.com.

2. It costs a lot to register many of these domains. Even if the domains get traffic, the holding costs might be too high. So far it seems that many of the new TLDs coming out are going to be priced at $30+. Cybersquatters have dumped millions of domains because they can’t make a profit on monetization at $8 per domain, so it’s certainly not going to happen at $30.

Some people will no doubt still try to sell domains directly to brands under the ransom model. There are fairly inexpensive policy mechanisms to respond to this. But more importantly, trademark holders can just tell the cybersquatters to go shove it. If someone comes to me and tries to sell me domainnamewire.plumbing, would I actually pay up for that?

Sure, brands will still have to look out for things like phishing. But even in phishing, the URLs are rarely that close to the actual brand’s domain name. Most phishers will just buy a cheap .info or .com domain instead, or obscure the phishing link with HTML.

Do you think brands agree with this assessment? I do, and there are some numbers to back it up.

I think most brands have looked at the new environment and decided it will be almost impossible, if not pointless, to register as many protective domains in new TLDs as they do in .com. So they need a different strategy that doesn’t include a lot of defensive registrations.

This is showing up in a couple places.

First, the Trademark Clearinghouse for new TLDs has only 23,000 registered marks. I don’t believe this includes TM+50 registrations, but I think most people are surprised at how low this numbers.

Second, look at Donuts’ sunrise numbers. Even if you add in the registrations that aren’t in the zone file, and the perhaps hundreds (maybe 1,000?) brands that chose a Donuts-wide block, the registration numbers are clearly nowhere near previous TLD launch numbers.

This isn’t a surprise to most people who have been in the business for long. Many TLD applicants have told me that other applicants who are banking on defensive registrations are going to be very disappointed.

I think they’re right.


  1. says

    Andrew, no doubt that the brands still have to deal with bad actors and most have decided to go the traditional monitoring and enforcement route rather than spend tons of money on the TMCH and sunrise periods.

  2. Domainer Extraordinaire says

    The new registries will be the cybersquatters even though wildcarding will only generate a trickle of traffic.

  3. says

    it was already the case with existing gTLD. Cybersquatting leading to traffic theft or any other damage was, in my opinion, almost unsignificant. But it the interest of the IP lawyer mob to angry the trademark owner to make a profit. Out there in Paris (France), we kown that Donuts is just junk food for fat people ;-)

  4. Tom says

    TLDs waste of money. Although when I look for “domain name” related news, the whole “new tlds talk” is in my radar…, so, I felt like making some comment. You think I really want to invest in .WHATEVER ELSE when I have my hands full already in promoting my business that either ends with .com or .org???? no way jose.

  5. says

    I disagree on one important particular, Andrew.

    When it comes to preexisting websites of the form KeywordExtension.com, businesses will face a large amount of hitherto unseen cybersquatting, as the corresponding Keyword.extension domain is held hostage.

    This is inevitable. Even if the doppelgänger domain isn’t registered in bad faith, the extra risk and cost will still apply to business owners. One way or another, such domains will be in the hands of (1) cybersquatters, (2) competitors, or (3) profit-seeking registries.

    Some form of ransom must be paid. Is there any logical alternative except to ignore the new added risk? Or to litigate — whether through a UDRP, lawsuit, or some other mechanism?

    Honestly, I can’t see how this situation could fail to engender rampant cybersquatting.

    In saying this, by the way, I don’t wish to imply that registering a keyword.extension domain that matches a preexisting KeywordExtension.com domain (or vice versa) necessarily makes someone a cybersquatter. It doesn’t — not by itself. Intent matters.

    By the way, let’s not forget phishing schemes, which can monetize domains in ways wholly unrelated to the type-in traffic mentioned in your article. If major companies begin experimenting with new extensions to reach their customers, phishermen will emulate them. In an environment that confuses both businesses and customers — on in which a limitless number of brand identities can be easily impersonated — this phishing breed of the cybersquatting species is sure to explode.

    P.S. My public statements on the topic of these new vanity extensions remain negative overall mostly to counterbalance overly optimistic spin from the registries and registrars. I DO plan on registering some domains using the new extensions. Overall, I see the program raising the level of noise by a few decibels. But any improvements in communication between brands and audiences are welcome.

      • says

        100% agree that enforcement is the way to go. Comprehensive defensive registration would cost — what? –10 times, 100 times, 1000 times in 2016 what it did in 2012?


        “So if My site is footballers.com I’ll feel compelled to buy football.guru?”

        Where did I say or imply that? Such a compulsion would be foolish, and perhaps there are fools in this world. But I didn’t bring that up.

        “Yet that would basically be a maximum of 1 domain per existing site, right?”

        Depends on what “that” is …

        With regard to the SomeKeyword.com / Some.keyword ambiguity, yes, there will be at most one exact overlap per newly introduced domain. Many preexisting domains will be immune — for example, single-word domains and multi-word domains whose final word doesn’t match one of the generic keywords in the new gTLD pile. Case in point: DomainNameWire.com … unless there’s a .WIRE in the works that I’m unaware of.

        However, in saying that there will be “a maximum of 1 domain per existing site” at issue, let’s not dismiss the damage that 1 domain can do to 1 preexisting business. If you were a plumber named Bill Shakespeare who has been doing business for a decade at ShakespearePlumbing.com, how would you react if tomorrow you’re asked to pay protection money to the owner of Shakespeare.plumbing — whether that owner is a registry, a registrar, or a domainer? Or how would Domain Holdings react if, for some reason, Domain.holdings fell into someone else’s hands?

        The point is this: 1 domain per existing site can mean 1 disaster per existing site.

        Now, with regard to the broader cybersquatting and phishing issue, this is certainly not a question of 1 domain per existing site.

        Here’s the scenario I foresee … Take a site full of financial and personal information — the stuff coveted by phishermen. Since GoDaddy has been targeted lately under a number of different spurious domains, let’s use GoDaddy as an example. What if GoDaddy runs a marketing campaign using a new gTLD? Suppose GoDaddy.guru or GoDaddy.xyz. The general public will now vaguely remember that “GoDaddy dot something unfamiliar” equals GoDaddy. This dramatically increases the likelihood that the public will accept a fraudulent GoDaddy.bogus without due skepticism.

        Target was also recently hacked, correct? So suppose that Target begins marketing under Target.clothing. Won’t customers now be more likely to accept Target.blog as a real Target site? Perhaps, however, it is owned by a cybersquatter to siphon off traffic or used by an email phishing scheme to impersonate the company and steal personal information. A very large corporation like Target can afford to spend a small fortune buying up all the variants to protect itself. But no matter! There are plenty more companies where they came from. And not all of them will have put up bars on every window.

        That’s a case, not of 1 domain per existing site, but of thousands of domains per existing site. And it applies to every large site that trades in private information worth stealing.

  6. Kassey says

    Frederick Felman of MarkMonitor wrote a piece dated January 3, 2014 on Mediapost.com saying that brand holders may change from a defensive registration mode to a enforcement mode.

  7. james says

    You have to ask yourself…. Why were .com names being auctioned for 50,000 or less or more. This is because the names were rare. And could incercept traffic. Use your head….. In 3 years .coms will be dead and this the main stream. The internet has always been a “your forced to change” world. So these will be auctioned so get some while you can

  8. xchoolJames says

    update** I love this article, hence the reason for me clicking on the title but disagree with the WHOLE entire thing include all of your comments. The reason is because “Squatting” in general is the way the world works and how it always worked.Lets see…….. the indians….. the brits going to brazil, giving them gold……. the big companies paying poor people to move so they can build a wal-mart. Squatting in this case will actually help the value. It helps up the “Rare domains” much more. and they will be purchased, giving the domains a market, as the .coms and .nets do now.

    Lets move on to trademarks. Ok. These new domain names are funny and fun tlds. I can picture maybe 1 out of 10,000 issuing a trademark notice, or 1 out of 5,000. not many. This is because these new tlds are more phrases. For example. We have….


    So. If you clearly get my point, there are actually going to be less trademark notices then the .nets and .coms. These are more phrases. Will they be rare? Highly. Highly. Because you can only have 1. Remember boys. The shorter the name the more rare. For example Western union has already changed to http://my.wu so. The shorter the more rare.

    More about trademarks. No one is going to get sued unless they are idiots and disrespectful. When someone send you a trademark claim, They are simply asking you to 1.Make a change 2. Take it down. In this case they make even ask for the domain name and if they do then just give it to them. Holders do not process a TM claim unless you are messing with their traffic. Like if you got “Geico insurance today. Then your messing with their traffic. But if you got Insurance.today , you are most likely in the clear. If you happen to get a trrademark claim, just give them the name or take it down or sell it or whatever. If you are a complete idiot, then yeah go buy Nike.Shoes this is so stupid. don’t do this.

    recap. – most new names are going to be phrases. like http onsale.today or blackfriday.today

    trademarks are more like “meetup”. If you just did “meetup” then yah you may get a letter. This is only because the meetup.com company owns the mark. Its easy. But you can violate trademarks. People do it all the time. They do not send letters unless it is effecting big thing. Example of violating trademark and getting away with it. like http://www.callofdutywallpapers.com by doing something like wallpapers. So , Don’t be an idiot. Don’t go take someones obvious trademark like http://www.nike.shoes dont be stupid.and if you get a trade mark just take it down. I am an app developer and was getting trademark notices all the time. Most of the companies are very nice about it. They ask for weird things like 1.”Can you please put our trade mark at the end of your title and not the beginning?” You ask youself WTF lol.

    I got trademarked lastnight for Grand theft auto app in windows store. All you do is take it down. Be respectful. Give them their turf. Give them what they own. So i am pretty experienced with trademark infringement and most of the trademark holders are very nice. They just want you to take it down. So, take it down then. Them having the trademark does not mean your going to get sued. Grand theft auto is not going to call their lawyer over some 15 year old fan of the game kid who wants to make a wallpapers app and sue. You know how many fans the game has? . And your going to have to be as respectful to the trademark holder as you can and take it down. God Bless. Jesus is the boss.

  9. xchoolJames says

    But trademark holders can issue notices to whoever they want to and you just need to take it down. They should have the right to hold trade marks.

  10. xchoolJames says

    but these new tlds are not going to violate trademarks because they are more quotes like http://www.beautiful.today or http://www.custom.kitchen or nice.diamonds or cool.diamonds Trademark is a more specific issue. Thats all. if you are stupid and do nike.shoes then your an idiot. but i do not see big companies even caring this time around, unless your a idiot and infringe big time.

Leave a Reply