DOMAIN NAME LENGTH
HOW TRACKING IT CAN BE USEFUL
FOR BRAND PROTECTION AND DOMAIN MONITORING
Domain names are an essential aspect of the internet, serving as the online address for websites. Unfortunately, some unscrupulous individuals use domain names to engage in fraudulent activities, such as phishing scams, identity theft, and other types of online fraud. There are various indicators that can help a researcher to spot suspicious activity. One of them is the number of characters in a domain name.
How can such a simple thing as the length of the domain name be useful in brand protection and domain management?
It is important to understand that in online investigations it is the correlation of various metrics that is important, not just one single thing. While the number of characters in a domain name may not be the most informative indicator independently, in combination with other factors it may be quite useful. Fraudsters often use certain tactics to create domain names that can deceive users and lead them into fraudulent activities – both shorter and longer domain names have their own risks associated with them.
Risks associated with shorter domains
Here are some examples of how digital wrongdoers use short domain names for their malicious purposes:
Typosquatting. Shorter domain names are more prone to typosquatting, where cybercriminals register domain names that are similar to legitimate ones to deceive users. For example, “gogle.com” instead of “google.com”, or “www.amaz0n.com,” which is designed to deceive users into thinking they are visiting the legitimate Amazon website.
Phishing. Similarly, phishing attacks often use domain names that are similar to legitimate ones to trick users into providing sensitive information. Shorter domain names are easier to remember and can be used to impersonate well-known brands. By monitoring short domain names that are similar to their own, brand owners can quickly identify phishing attempts.
Brand dilution. Longer domain names may be more difficult for competitors or malicious actors to use to dilute a brand’s identity. For example, “brandname-products.com” may be less likely to confuse consumers than “brandname.com” or “brandnameprod.com”. By monitoring longer domain names that include their brand name, brand owners can protect their brand identity.
Risks associated with longer domains
On the other hand, using a long domain name that closely resembles a legitimate website is another tactic for scammers to take advantage of the users. For example, a fraudster may use a domain name such as “www.paypal-security-checks-verification.com,” which appears to be a legitimate PayPal website but is actually a fraudulent site designed to steal users’ personal information.
A variation of that tactic is registering domain names that are similar to popular or well-known brands, with the intention of selling them back to the brand owner for a large profit. For example, a fraudster may register a domain name such as “www.coca-cola-store.com” and try to sell it to the Coca-Cola company for a high price.
Furthermore, wrongdoers may also use a longer domain name that includes several generic words or phrases that are associated with trustworthy businesses or organizations. For example, a fraudster may use a domain name such as “www.online-banking-verification.com,” which may look like a real online banking website but is actually a site designed to trick users into sharing their login credentials.
Using the data to combat Internet fraudsters
So, being able to set the limit for the number of characters may be an important factor for investigations depending on what type of malicious activities you are focusing on. Additionally, keeping an eye on such domains is useful from a domain monitoring perspective for a TLD registry operator or a registrar – quite often long domain names (over 50 characters) are used to post harmful or abusive content that affects the overall health of the zone file or domains under management.
At DomainCrawler we have discovered that in combination with other filters available on our Domain Research platform (such as searches in HTML content or in the domain name itself) can greatly benefit the investigator’s ability to be precise in their research and effectively combat internet scams, infringement and abuse.
Let’s say, you’d like to check a famous sportswear brand name for typosquatting in the last letter in .com zone.
By entering adida and selecting the Starts with option in the filter you get 7379 domain names.
It is quite a large number to process. So by adding such a simple criterion as the number of characters in the domain name, you are able to narrow the search making it more precise. When limited to 6 characters, the system returns a list of 29 domain names which are mostly defensive registrations done by the company. But if set to 7 characters, data base returns only 96 domain names which is a much more workable number.
The list contains some interesting results which require further investigation. For instance, it is quite safe to assume that adidaas.com is piggybacking on Adidas brand name – the website contains three buttons leading visitors to other web shops.
In conclusion, while the number of characters in a domain name (nor any other indicator) should not be the sole metric used in brand protection and domain management, it can be a useful tool in identifying potential abuse and protecting a brand’s reputation.