The practice of digital squatting – registering domains that mimic established brands – has reached record levels, creating serious risks for companies and consumers alike.
In 2025, the World Intellectual Property Organisation (WIPO) handled 6 200 domain name disputes, the highest total in the organization’s history, marking a 68% increase since 2020.
Decodo looked into this rising threat and found it affects businesses of all sizes, from startups to global brands.
Criminal networks now use lookalike domains to steal customer data, distribute malware, and tarnish reputations.
Several distinct types of domain squatting have appeared over the years:
- Typosquatting involves registering common misspellings of popular domains, such as gooogle.com instead of google.com.
- Combosquatting adds keywords to legitimate brand names, creating domains like amazon-deals.com or netflix-login.com.
- TLD (Top-Level Domain) squatting exploits different domain extensions, registering a brand name under .org, .net, .biz, or newer extensions like .io and .ai.
- Homograph attacks use visually similar characters from different alphabets, such as substituting a Cyrillic а for a Latin a to create nearly undetectable fakes.
Impersonators target Decodo’s old branding
Web data infrastructure provider Decodo, formerly known as Smartproxy, has faced impersonators registering fraudulent domains, including smartproxy.org and smartproxy.cn. Customers have been deceived into purchasing services from these impostor sites, leading to lost funds and damage to Decodo’s reputation.
“We’ve spent years earning our customers’ trust through reliable service and ethical practices,” says Vytautas Savickas, CEO of Decodo. “Impersonators don’t just steal money. They deliver low-quality services that fall far short of what real companies provide. Every fake site makes it harder for honest businesses to earn trust and for customers to know who to rely on.”
Global trend among major brands
Digital squatting is not limited to small companies. High-profile cases include Tesla, TikTok, Microsoft, and Google, all of which have battled domain squatters, sometimes involving multimillion-dollar settlements or lengthy legal proceedings.
Cybercrime connections are clear: phishing attacks using squatted domains have surged, costing organisations millions per breach. A 2025 IBM report found the average phishing attack cost $4,8-million, highlighting the financial stakes.
Protect your brand from domain squatters
Prevention offers the most cost-effective approach to the domain squatting problem. Businesses that proactively secure their digital presence face fewer disputes and suffer less damage when squatters do strike.
Domain registration should extend beyond your primary .com address. Securing your brand across major TLDs, including .org, .net, .io, and .ai, prevents opportunistic registrations. Common misspellings of your brand name deserve attention, as typosquatters specifically target these variations.
Country-code TLDs matter for businesses operating internationally, with extensions like .co.uk, .de, and .cn requiring consideration based on your market presence.
“Digital squatting has evolved from a nuisance into a serious business risk that demands executive attention,” says Vaidotas Juknys, chief commercial officer at Decodo. “We urge every company to audit its domain portfolio today, not tomorrow.
“Register the obvious variations, monitor for new threats, and educate your customers about how to find you safely. The squatters are counting on businesses to be reactive. The only way to win is to be proactive.”