Typosquatting – How Fraudsters use it to steal commissions

The affiliate didn’t run an ad, write a review, or send a single email. They just registered a misspelled version of your domain and waited for people to make typos. That’s typosquatting. And it’s one of the most effective forms of affiliate fraud because it’s invisible unless you know exactly where to look.

The concept isn’t new. Typosquatting has existed since the early days of the internet. But in affiliate marketing, it has found a perfect home. The combination of automated tracking, cookie-based attribution, and commission payouts means a single misspelled domain can generate thousands of dollars in fraudulent commissions every month.

How Typosquatting Works in Affiliate Programs

The mechanics are simple, which is exactly what makes it dangerous.

A fraudster identifies a brand with an active affiliate program. They register several domains that are slight misspellings of the brand’s URL. Think “niike.com” instead of “nike.com,” or “bookking.com” instead of “booking.com.” Domain registration costs a few dollars per year, so registering 10 or 20 variations is practically free.

Next, they sign up for the brand’s affiliate program (or join through a sub-affiliate network where vetting is minimal). They configure each typo domain to redirect visitors through their affiliate tracking link before landing on the brand’s real website.

Here’s what happens when a customer mistypes the URL: they hit the typo domain, get redirected through the affiliate tracking link in milliseconds, a cookie drops on their browser, and they arrive at the real website. The entire redirect takes less than a second. The customer never notices anything unusual.

When that customer makes a purchase, the affiliate tracking system credits the sale to the typosquatter. The brand pays a commission on a conversion that would have happened anyway, because the customer was already trying to reach the site directly.

This works especially well against last-click attribution models, which most affiliate programs still use. The typosquatter’s redirect becomes the last tracked touchpoint before the sale, overwriting any previous marketing efforts that actually influenced the customer.

Real-World Typosquatting Examples

Typosquatting in affiliate marketing isn’t theoretical. It has been documented across major brands for over a decade.

Lands’ End discovered that dozens of misspelled domains (variations of landsend.com) were redirecting users through affiliate tracking links. The affiliates were earning commissions on customers who were simply trying to type the correct URL. This case became one of the most cited examples of affiliate program exploitation through typosquatting.

The .CM network is another well-documented case. Cameroon’s country-code top-level domain (.cm) is one letter away from .com. An operation registered thousands of .cm versions of popular websites, intercepting users who forgot to type the “o” in .com. Security researchers found that these domains attracted 12 million visits from 8.5 million unique visitors.

Facebook took legal action against more than 100 domain squatters and won $2.8 million in damages. Microsoft pursued a similar case over typosquatted versions of hotmail.com, resulting in $2.4 million in settlements.

These are the cases that made headlines. For every brand that catches typosquatting and takes legal action, there are hundreds where it goes undetected for months or years.

The Financial Impact

The numbers are hard to ignore. Affiliate marketing fraud reached $3.4 billion in losses in 2022, more than double the $1.4 billion reported just two years earlier. Fraudulent traffic now accounts for an estimated 17% of all affiliate traffic, up from 10% in 2020. Typosquatting is one of the primary methods driving those numbers, alongside cookie stuffing and click injection.

With the global affiliate marketing industry now valued at over $18.5 billion, even a small percentage of fraud translates to hundreds of millions in stolen commissions.

For individual brands, the math is straightforward. If you spend $500,000 per year on affiliate commissions and 10% of that goes to typosquatting affiliates, you’re losing $50,000 annually on traffic you already owned. Scale that to enterprise affiliate programs spending millions, and the losses become significant budget line items.

Under the U.S. Anti-Cybersquatting Consumer Protection Act (ACPA), statutory damages range from $1,000 to $100,000 per domain name. But litigation is slow and expensive. Prevention is cheaper than prosecution.

Typosquatting vs. Cybersquatting vs. Domain Squatting

These terms get used interchangeably, but they describe different things.

Typosquatting targets user mistakes. Someone registers a domain that’s a common misspelling of an existing brand (goggle.com, yuotube.com) and profits from the traffic that lands there by accident.

Cybersquatting targets brand names directly. Someone registers a domain containing a brand name (like “nike-outlet-official.com”) with the intent to sell it back to the brand owner or profit from the brand association. The intent is different: it’s about exploiting the brand’s value, not user typos.

Domain squatting is the umbrella term that covers both practices. Any registration of a domain with the intent to profit from someone else’s trademark falls under this category.

For affiliate marketers, typosquatting is the most common and the hardest to detect because the domains look almost identical to the real thing.

Is Typosquatting Illegal?

Yes. Multiple legal frameworks exist to combat it.

In the United States, the ACPA specifically targets bad-faith domain registration. Brands can sue for statutory damages without needing to prove actual financial losses. The Uniform Domain-Name Dispute-Resolution Policy (UDRP), administered by WIPO, provides an international mechanism for domain disputes. In 2024, WIPO handled over 6,100 domain dispute cases, and more than 95% resulted in the domain being transferred to the trademark owner.

The legal tools work, but they’re reactive. Filing a UDRP complaint takes weeks. A typosquatter can register a new domain the same day they lose one. That’s why automated, real-time detection matters far more than legal action alone.

How to Detect and Prevent Typosquatting

Manual detection is possible, but it requires consistent effort.

Register common misspellings of your brand domain. Think about character swaps, missing letters, doubled letters, and wrong top-level domains (.co instead of .com, .net instead of .com). This is the most basic defensive measure, and most brands skip it.

Audit your affiliate referral sources regularly. Look for referring domains that are visually similar to your own URL. If an affiliate’s traffic comes from “yourbrand-shop.com” or “yourbrannd.com,” that’s a red flag.

Watch for suspicious conversion patterns. Typosquatting affiliates typically show unusually high click-through rates paired with normal conversion rates. The traffic converts well because these are real customers who intended to visit your site. They just took a detour through a tracking link first.

Vet new affiliate partners. Before approving an affiliate, check which domains they own and operate. Use a domain scanner to verify their domain portfolio doesn’t include variations of your brand name.

Include explicit anti-typosquatting clauses in your affiliate agreements. Make it clear that registering domains that are misspellings or variations of your brand is grounds for immediate termination and commission clawback.

These steps help, but they don’t scale. A brand with a global affiliate program might have thousands of active affiliates at any given time. Checking every one manually isn’t realistic.

How 24metrics Detects Typosquatting with AI

This is exactly the problem our AI domain classifier was built to solve. The setup is simple. You add your legitimate brand domains to a whitelist: amazon.com, amazon.de, amazon.fr, and any other official domains. This tells our system what’s real.

From that point, every incoming click passes through the AI domain classifier in real time, at click level. The system compares the referring affiliate’s domain against your whitelist and automatically flags suspicious variations. Domains like amazon-shopping.to, amaz0n.de, or amazon-support.de get caught instantly, before a commission is ever attributed.

The classifier detects all common typosquatting patterns: character swaps, added or missing letters, wrong top-level domains, hyphenated variations, and homograph attacks (where lookalike characters from other alphabets replace standard letters).

This isn’t a weekly report you review manually. It runs on every click, in real time, so typosquatting affiliates get flagged before they accumulate fraudulent payouts. The difference between catching this on day one versus month three can be tens of thousands of dollars in saved commissions.