How Cybersquatting Works
Cybersquatting occurs when someone registers a domain name that is identical or confusingly similar to an existing trademark, without having any legitimate right to that name. The registrant acts in bad faith — typically intending to sell the domain back to the trademark owner at an inflated price, or to exploit the brand's recognition for their own gain.
The practice takes several forms. In the most straightforward scenario, a squatter registers a well-known brand name under a new or overlooked TLD before the brand owner does. When brands expand into new markets or new gTLDs become available, squatters move quickly to claim matching domains. Some squatters hold domains passively, waiting for the brand owner to make an offer. Others actively monetize the domain through pay-per-click advertising, phishing schemes, or by redirecting traffic to competing businesses.
Cybersquatting is distinct from legitimate domain investment. The critical factor is bad faith — whether the registrant targeted a specific trademark with the intent to profit from someone else's brand equity.
Legal Framework
ACPA (United States)
The Anticybersquatting Consumer Protection Act (ACPA), enacted in 1999 and codified at 15 U.S.C. Section 1125(d), provides trademark owners with a federal cause of action against cybersquatters.
To prevail under ACPA, a plaintiff must demonstrate that the defendant registered, trafficked in, or used a domain name that is identical or confusingly similar to a distinctive or famous mark, and did so with bad-faith intent to profit.
Courts evaluate nine statutory factors to determine bad faith, including: the registrant's trademark or other intellectual property rights in the domain name; whether the domain name consists of the registrant's legal or common name; the registrant's prior use of the domain in connection with a bona fide offering of goods or services; the registrant's intent to divert consumers in a way that could tarnish or disparage the mark; any offer to sell the domain to the trademark owner for financial gain without having used it legitimately; the provision of misleading false contact information when registering the domain; the registrant's acquisition of multiple domain names corresponding to the marks of others; and the extent to which the mark is distinctive and famous.
Available remedies under ACPA include forfeiture, cancellation, or transfer of the domain name. Courts may also award statutory damages ranging from $1,000 to $100,000 per domain name, at the court's discretion. ACPA supports both personal jurisdiction over the registrant and in rem jurisdiction against the domain name itself — a critical feature when the squatter is located overseas or uses anonymous registration.
UDRP (International)
The Uniform Domain-Name Dispute-Resolution Policy (UDRP), administered by ICANN, provides an international administrative proceeding as an alternative to litigation. A complainant must establish three elements: the domain name is identical or confusingly similar to a trademark in which the complainant has rights; the registrant has no rights or legitimate interests in the domain name; and the domain name was registered and is being used in bad faith.
WIPO (the World Intellectual Property Organization) is the most widely used UDRP dispute resolution provider. Since the policy's inception in 1999, WIPO has processed over 80,000 cases. The transfer rate is approximately 90% of panel decisions in favor of the complainant.
A UDRP proceeding before a single-member panel costs approximately $1,500 and typically resolves within 60 days. This makes it significantly faster and more affordable than litigation, though it does not provide for monetary damages — the sole remedies are cancellation or transfer of the domain.
Notable Cases
Julia Roberts v. Russell Boyd (WIPO Case D2000-0210) — Boyd had registered the domain juliaroberts.com along with more than 50 other celebrity-name domains. The WIPO panel ordered the domain transferred to Roberts, finding bad faith registration and no legitimate interest on Boyd's part. The case established an early precedent for celebrity name protection under the UDRP.
Gordon Sumner p/k/a Sting v. Michael Urvan (WIPO Case D2000-0596) — The musician known as Sting filed a UDRP complaint for the domain sting.com. The panel denied the complaint, finding that "sting" is a common English word with many legitimate uses, and the respondent had a plausible reason for registering it unrelated to the musician's fame. This case illustrates the limits of the UDRP: generic or common-word marks face a higher burden of proof, and panels will not automatically favor famous complainants when the term has independent meaning.
The Scale of the Problem
Cybersquatting has grown steadily over the past two decades. Annual UDRP filings at WIPO have risen from approximately 1,800 per year in 2000 to over 6,200 per year in 2025. These figures represent only the disputes that reach formal proceedings — the actual number of cybersquatting registrations is far higher, as many are resolved through direct negotiation or go undetected.
The expansion of the domain name system has amplified the challenge. Since 2014, over 1,200 new generic top-level domains (gTLDs) have been introduced, from .shop and .online to .luxury and .law. Each new extension creates additional domains that squatters can target. The next round of new gTLD applications opens on April 30, 2026, which will further expand the attack surface for brand owners.
For organizations managing large trademark portfolios, monitoring every potentially infringing registration across every TLD is no longer feasible through manual processes.
Cybersquatting vs. Typosquatting
While both involve domain names that exploit trademarks, cybersquatting and typosquatting target different vulnerabilities. Cybersquatting involves registering the exact trademark as a domain name (e.g., brandname.com or brandname.shop). The squatter relies on the brand owner eventually wanting or needing that domain. Typosquatting, by contrast, relies on common user typing errors to intercept traffic (e.g., brandnme.com or barndname.com).
Both are actionable under ACPA and the UDRP. However, typosquatting domains are harder to anticipate because the number of possible misspellings for any given brand is virtually unlimited. Cybersquatting domains, being exact matches, are easier to identify through monitoring — but harder to prevent proactively given the sheer number of TLDs available.
How to Protect Your Brand
Register key domains proactively. Secure your brand name across major TLDs (.com, .net, .org) and any industry-relevant extensions (.law, .legal, .shop). Defensive registration is cheaper than recovery.
Use the Trademark Clearinghouse (TMCH). ICANN's Trademark Clearinghouse allows trademark owners to register their marks and receive sunrise priority when new gTLDs launch — giving you a 30-day window to register your brand before the general public. The TMCH also triggers a Claims Notice to potential registrants for the first 90 days of a new TLD, warning them that the name matches a registered trademark.
Monitor new domain registrations continuously. Cybersquatters act fast. By the time a manual audit catches an infringing domain, it may already be in use for phishing, counterfeiting, or resale. Automated monitoring tools that scan new registrations in real time are essential for early detection.
Act quickly once a threat is identified. The longer a cybersquatting domain remains active, the greater the potential for consumer confusion, lost revenue, and brand damage. Automated detection paired with rapid enforcement — whether through registrar abuse complaints, UDRP filings, or cease-and-desist notices — reduces the window of harm from weeks to hours.