Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
The Internet The Almighty Buck

The Typo Millionaires 308

theodp writes "Slate's Paul Boutin reports on the sordid history of the oldest scam on the Internet. For almost as long as the Web has existed, there's been a thriving economy of sites, services, and software vying to grab you as soon as your mistype a URL. Studies estimate that 10-20% of all hand-entered URLs are mistyped, adding up to at least 20 million wrong numbers per day, helping to enrich the likes of porn purveyors, ISP's, Paxfire, Microsoft and VeriSign."
This discussion has been archived. No new comments can be posted.

The Typo Millionaires

Comments Filter:
  • by caluml ( 551744 ) <> on Saturday February 12, 2005 @10:46AM (#11651440) Homepage
    Interested in joining an anonymous, underground internet? []
    • by Cthefuture ( 665326 ) on Saturday February 12, 2005 @10:58AM (#11651503)
      This is an interesting idea that I have been wondering about for some time. However, when people start saying things like "don't tell anyone how you got in" that does not make me feel comfortable. It's the whole security by obscurity thing.

      I mean, if it were truely a great design then why not switch the entire Internet? A good design can handle the load. A good design is still secure (or anonymous) even if everyone used it.

      Are there any other "nets inside the Net" out there?
    • by vally_the_poo ( 811216 ) on Saturday February 12, 2005 @11:15AM (#11651581)
      George W. Bush was right finally: there are internets !! Woaw, that will change my all life man !
    • by owlstead ( 636356 ) on Saturday February 12, 2005 @11:41AM (#11651704)
      Very interesting idea, but is it possible to use the same technology to create a virtual LAN, just for my friends? I'm not so sure that I trust all these anonymous people to be honest, and not wreak havoc. A virtual LAN to my friends though would be a big plus (and a very bad dream for the record industry), next to the real internet of course.
    • Of course, it's only anonymous as long as no one is looking.
    • by arhar ( 773548 ) on Saturday February 12, 2005 @01:18PM (#11652344)
      ... it might not be a good idea to spew venom and arrogance from almost every sentence.

      However, if you're happy with things currently, go back to your pap-fed, TV-induced brain-numbing stupor, and smile at the nice pretty pictures, the short snappy soundbites, and cower in fear at the Fox news alerts, and feel free not to engage.

      (The instructions are deliberately vague. A sort of aptitude test, if you will.)

      After reading crap like that, I can't imagine any normal person joining this ... only the types bearing strong resemblance to Jimmy Fallon's IT guy character from Saturday Night Live ...
  • I see no problem. :)

    Slashdit []
    What you need, when you need it

  • by Anonymous Coward on Saturday February 12, 2005 @10:50AM (#11651457)
    As are 75% of all hand-entered /. submissions.
  • The real problem is when an institution like Verisign does this kind of stuff. Many ISPs put some thing in their zones that shouldn't be there, the problem is when a root server does it.

    ICANN Should put his pants on and take action.

  • Beginner Users (Score:5, Insightful)

    by Aneurysm ( 680045 ) on Saturday February 12, 2005 @10:54AM (#11651484)
    It's a shame that the people who are probably more likely to mis-type a URL and not notice/tell the difference are probably beginner users of the internet. These people are also perhaps more likely to fall for scams such as downloading trojans etc. I work as an IT trainer teaching older people how to use computers, and many of them are unable to tell the difference between typing something into a search engine, and typing something into an address box. They are definately the people that don't know that mis-typing a URL actually makes much of a difference, and I have seen many of them attempt to install malware, just because the install box has popped up, and they have no idea what to do with it.
    • Re:Beginner Users (Score:3, Insightful)

      by perkr ( 626584 )
      Agreed, my parents have very little clue on stuff like that. Actually I think awareness of scams and security basics like an URL is an "address" and things you type in a search engine are search times should probably be on the priority list for an "learning to use computers" curricullum, esp. for older users.
      • Re:Beginner Users (Score:3, Informative)

        by Aneurysm ( 680045 )
        It's true, I teach primarily for Microsoft Office. The module that we run that people have more trouble with than anything else is the internet, simply because of the amount of acronyms/jargon that is used. One question asks them to find out some information about three different ISPs. Invariably on their first attempt they come up with Google, Yahoo and AOL. It takes some of the older students weeks to learn the difference between ISP and search engine.
        • Re:Beginner Users (Score:3, Interesting)

          by E_elven ( 600520 )
          How about "ISP is the company you pay your Internet bill to"?
          • That's pretty much what I say. But then you have the problem that they identify the term ISP ONLY with the ISP they personally use. They don't realise that there are more than one ISP, and then you're nearly back to square one. Also many of them don't even own computers, much less have the internet at home.
    • by reallocate ( 142797 ) on Saturday February 12, 2005 @11:18AM (#11651606)
      ...many of them are unable to tell the difference between typing something into a search engine, and typing something into an address box.

      Both boxes look pretty much the same.

      What you're highlighting is the imlicit expectation among software designers that users will come to understand the how the Internet works. That is, that users will understand what a URL is, how DNS works, what a search engine is, and ehat happens when you enter a search phrase versus entering a URL.

      Those are unwarranted expectations. An analogy would be cars designed on the assumption that drivers understand how internal combustion engines work. Few of us would be able to drive safely if that was a prerequisite.

      The most effective way to protect users from crooks and abusers on the net is to design software that does the protecting and is not based on unreasonable assumptions about user knowledge.
      • Those are unwarranted expectations. An analogy would be cars designed on the assumption that drivers understand how internal combustion engines work. Few of us would be able to drive safely if that was a prerequisite.

        Since everyone loves analogies -- especially car ones -- I think a better one would be expecting people to tell the difference between a gear shift lever (on steering column) and turn signal lever. Both look pretty much the same, if you don't know what you are looking at.

        It seems reasonabl

      • What you're highlighting is the imlicit expectation among software designers that users will come to understand the how the Internet works. That is, that users will understand what a URL is, how DNS works, what a search engine is, and ehat happens when you enter a search phrase versus entering a URL.

        Those are unwarranted expectations. An analogy would be cars designed on the assumption that drivers understand how internal combustion engines work. Few of us would be able to drive safely if that was a prere

    • Yeah, that would explain the link to in the article below. Those people that type URL's wrong are all lusers. They probably get internet access just to be able to read, that must be ti. Whoops where I go.
  • not new (Score:5, Funny)

    by Anonymous Coward on Saturday February 12, 2005 @10:56AM (#11651494)
    I remember the time several years back when I read about people registering misspelled web addresses. So I thought I'd take a look, and tried the first spelling mistake I thought of,

    I've been very careful since about what I type.
    • I second that (Score:2, Interesting)

      I also had the same idea about the same site. I thought it would be funny to see what was there. Now I am emotionally scarred and, since I'm a Californian, I'm thinking about suing.
  • slashdot (Score:5, Interesting)

    by digitalchinky ( 650880 ) on Saturday February 12, 2005 @10:57AM (#11651498)
    I recall once typing in, (incorrectly) and ended up at a site displaying nice frequency/time graphs of how often that occured. (A lot)

    I wish I could remember what it was - I think - (now just a black page with an automatic redirect)

    One of those milk through the nose moments.
  • "Various studies have estimated that 10 percent to 20 percent of all hand-entered URLs are mistyped"

    Surely that number is slightly exagerated there? My personal score would be well under 1%, and I practically live on the internet. That's a lot of URLs that I type.

    Especially with the drop-down menus telling URLs that start with the letters you are typing, I don't see how people could mistype that many URLs.
    • Re:Studies? (Score:5, Informative)

      by zeux ( 129034 ) * on Saturday February 12, 2005 @11:03AM (#11651526)
      I work for a company that exploits mistyped URLs.

      From our business, we found that a dial up user does an average of 4 bad requests a month and a broadband user an average of 10.
      • Precisions (Score:3, Interesting)

        by zeux ( 129034 ) *
        Oh and we work at the DNS level with DNS NXDOMAIN anwsers.

        That means that these figures I gave in the parent post DO NOT include mistyped URLs going to a registered domain (ie which is a domain that does exist) and all the errors caught by under Internet Explorer and under Firefox.

        Also, we only care about HTTP traffic.

        That explains maybe the difference between our numbers and the 10% to 20% the studies found...
    • Surely that number is slightly exagerated there?

      Oops! A typo. That should be "exaggerated"

      My personal score would be well under 1%

      The evidence you provide refutes your claim.
    • My personal score is well under 1% as well, which means there's ALOT of people that are compensating for our lack of typos.

      I had trouble believing it, until I remembered one huge demographic: kids 11-16. IM session:

      "Uhm, did u reed hw assmint 2nyte?"

      "Yep, sed sthng bout web sight called www.wallstjernal

  • It's true. (Score:4, Funny)

    by tektek ( 829733 ) on Saturday February 12, 2005 @10:58AM (#11651502) Homepage
    It's hard typing correctly all the time with only one hand free. ;)
  • Not just typos... (Score:5, Informative)

    by bigtallmofo ( 695287 ) on Saturday February 12, 2005 @11:00AM (#11651512)
    This goes way beyond typos. There is a whole cottage industry of people registering domain names that unwary site owners allow to expire. I've heard several stories [] of church groups who accidentally let their domain expire and within a matter of days it had teen porn on it.
    • by darkov ( 261309 ) on Saturday February 12, 2005 @11:10AM (#11651557)
      Really? I just though it was where you went for teen porn. Do you think I attended a Christian youth group for the singing and praying?
    • Karma be damned....

      I have no sympathy for them. It's their fault their domain expired normally and someone else bought it up. That's why it's always best to renew at least a few days before the domain expires, or at least have payment information on-file so that a domain can be renewed automatically.

      Now, I do remember reading about a particular domain that was hijacked by another registrar/company in Australia. It was on Slashdot, but for the life of me I can't remember the URL.
    • I posted a story [] on AQFL [] about it:

      "Former U.S. President candidates' Web sites can be just another place to shop for sex toys, download movies and get a law degree online in a few months...

      When politicians and Internet domain names meet, strange things happen, particularly after the campaigns are over. Click on Elizabeth Dole's old site, and you go straight to an auction of Pokemon video games on eBay. A Libertarian currently owns the original 1996 Clinton and Dole campaign Web sites, and uses them to sup
    • Other way round in my case. used to be porn, and now its my homepage. Its great to have a short, pronouncable URI.. but I suffer a lot of spam all coming to someone called "Cecile Lover". :S
    • Re:Not just typos... (Score:3, Interesting)

      by ajna ( 151852 )
      It happened to me. I let a domain expire since I didn't want it anymore, and it was immediately snatched up by a miscreant who set up a referral redirect to a porn site. At this time I complained to my registrar about this but was unsuccessful in persuading them that anything was wrong with this practice.

      However, the next month the domain-snatcher made a mistake by putting up a text version of my real page, with all links stripped except for three referrals at the bottom. At this point I was able to succes
  • no ads on slsshdot [], but it is for sale for all you porn vendors who target geeks who cannot type properly.
  • Zappos (Score:5, Funny)

    by strider44 ( 650833 ) on Saturday February 12, 2005 @11:01AM (#11651515)
    Shoe shoppers who mistype as get pictures of women who are wearing shoes but not much else.

    Unfortunately, though Slate's servers are well hardened against DOS attacks such as what slashdot inflicts, since every slashdotter who will read that quote will instantly type in into his URL bar, the servers of that site will fall under the weight of the 80% of slashdotters who get that URL correct.
  • When one is trying to accomplish a task, ending up at the wrong site is a distraction, not necessarily a hot, sweaty tangent.

    Just because someone ends up on a porn site doesn't necessarily mean that they'll instantly stop what they're doing and start beating off.

    I imagine we would have read about this behavior in business journals by now if it were the case.
  • Is there a plug-in to have whatever you type spellchecked or suggested, something like Google Suggest.
  • Because it's just so easy to mistype goooooooooooooooooooooooooooooogle
  • White House (Score:3, Funny)

    by ectotherm ( 842918 ) on Saturday February 12, 2005 @11:04AM (#11651533) Current President's home Former President Clinton's home ;)
    • Funny comment, but you've got to wonder about the whole premise of this slashdot article. How is it possible that there's a sizable group of people who would sit down at the computer to look up, say, some research on american politics, and then when they mistype a URL and end up looking at a screen full of naked people decide "what the hell, might as well buy some porn instead"? It just doesn't make any sense...
  • by chiph ( 523845 ) on Saturday February 12, 2005 @11:06AM (#11651540)
    Mine is

    Those guys must be making a killing from people hitting ctrl-enter by mistake.

    Chip H.
    • This isn't a misspelling, but I wonder about the website ©.com [.com]. I didn't even know you could register something like that.

      Hope it shows up correctly on your screen, if not it's copyright symbol dot com.

      AFTER PREVIEW: looks like the text shows up fine, but /. stripped the symbol out of the link. You'll have to copy-paste the URL, or type it yourself.
  • by lxt ( 724570 ) on Saturday February 12, 2005 @11:11AM (#11651561) Journal
    Is most of this really a scam though? It seems to me there are two levels to this type of behavior - the true scam, whereby a user is led to believe the site they are looking at really is the site they intended to go to, and therefore handing over personal details / card numbers etc.

    However, most of what is described appears to be people capitalising on poor typing skills - a "lesser" scam if you will. I suspect the majority of these miss-spelt domain names don't claim to be the site you're looking for.

    A scam is, after all, to defraud somebody. Mis-spelt domain names is akin to reading a map incorrectly, and ending up somewhere you didn't expect.

    Of course, the fact that many of these sites will then go on to install malicious software etc, and that they generally intend to catch traffic from other sites probably works against this argument.
  • Google have prevention for this type of thing on their site by registering multiple domains. [] [] []

  • This also happens when people forget which TLD a website has. Like .
  • Google goes after [] people who register domain names with the word "Google" in it or any variant of it. It also registers hundreds of domains that can be considered common typos, such as "" or ""

    It's not only typos, but entire names that people take advantage of, for example people can register names such as (inactive) and use the name to attract (trick?) gullible visitors. The typo problem only exists as a subordinate to the larger trademark issue at hand.
  • A friend of mine.. (Score:3, Interesting)

    by iONiUM ( 530420 ) on Saturday February 12, 2005 @11:19AM (#11651612) Journal
    does this. He owns easily over a few thousand miss-spells, and offers services to buy up expired domains. There's really 2 tricks to this service.
    The first is to have a program to find domains that expire, and find them the day of expiry so you can pick them up before others trying to do the same. Of course, some domains will do better (ie. miss-spell of slashdot) than others (ie. miss-spell of some joe-blow site).
    The second is to target the material on it to the types of visitors it would get. Of course, with the new domain ad pages from google, it makes this really easy. This is a huge business, honestly, you have no idea how many people, when they get to the wrong page, go through and click on an advertisement.

    So how well does this do? He makes 6 figures canadian a year on it, and that's not including business derived from his own programs to find expired domains. Furthermore, he's my age (22) and still in university. How can you argue with something that brings that type of money for doing so little work?
  • Not just URL's (Score:4, Informative)

    by lildogie ( 54998 ) on Saturday February 12, 2005 @11:23AM (#11651631)
    AT&T had a national collect-calling campaign telling people to "Dial 1-800-Operator."

    A competitor, MCI IIRC, quickly snatched up the number 1-800-Operater and got lots of the business from the campaign.

    So it's not just URL's that get the typo business.
    • 1-800 holiday was famous example
      1-800 h0liday (with a zero) was snatched up by a travel agency, who then booked commisionable stays at holiday inns--

      holiday inn sued and lost

      the agency never advertised as "1-800-h0liday" they just happened to have this certain # with a zero in it.-so it was not infringing on a trademark... kinda harder to do with URLS..

      more of the same here []

    • Apple or Phone Sex? (Score:3, Interesting)

      by Hooptie ( 10094 )

      Make sure you dial Ess-Oh-Ess NOT Ess-Zero-Ess. One is (or rather was) Apple's help line, the other was a phone sex line. Back in the bad old days I worked at Best Buy and routinely had to deal with customers complaining that we had told them to call a phone sex number.


  • this is how (Score:3, Interesting)

    by WormholeFiend ( 674934 ) on Saturday February 12, 2005 @11:24AM (#11651637)
    This is how I found out about []
  • ... counting on human error in order to profit by.

    Hmmm, as an example.... war on iraq for oil....

    credit card promotional interest rates and the untentional failure (honestly forgetting) to make a payment, or not knowing that transfers at 0% or low rates while having higher rate debit ... where the lower rate gets paid off first -- increasing compounded interest on teh higher rate... etc..

    I have no doubt that as a matter of insured payoff, to invest in human failure is a successful investment practice.

  • by iXiXi ( 659985 ) on Saturday February 12, 2005 @11:28AM (#11651645)
    This isn't a fat finger mistake but a funny story. This lady that I worked with was Internet illiterate. She wanted to set up an e-mail address so she could send junk home that was personal in nature. She had trouble with her ISP e-mail and no one at work wanted to volunteer to intercede and help out. I told here to just go to and set up an account for free. She went to and started screaming !! She thought she would be fired on the spot...I had to get the President, John, to help calm her down...hell she was almost 66 years old. Never saw anything like that I guess. /snicker
  • There's another typo-squatting game that only the big guys can play. In 2001, Microsoft rejiggered Internet Explorer so that if you type in a URL that doesn't exist, the browser will redirect you to a Microsoft page.

    *Cough*Verisign SiteFinder*cough*
  • can get you sent to prison []. A dude made porn sites that were common typos of Disney and Disney names, ie targetting children. He got thrown in jail....
  • I wonder (Score:3, Interesting)

    by CastrTroy ( 595695 ) on Saturday February 12, 2005 @11:33AM (#11651670) Homepage
    I wonder if you could make any money doing something like this over the telephone. It would work like this. Register an 800 number very similar to some other high traffic number, like one belonging to Visa, Or some other frequently called company, and play an advertisement everytime someone calls. It's much easier to mistype a phone number as many phones don't allow you to see what numbers you actually typed, or dialed in.
    • Re:I wonder (Score:2, Insightful)

      Go4it. But remember, you're paying a fee each time someone dials. If you're successful you'll be broke.
    • Re:I wonder (Score:2, Informative)

      by Anonymous Coward
      The best example of this is when AT&T started a service at 1-800-OPERATOR, MCI registered 1-800-OPERATER and got a fair chunk of their buisness.
    • Re:I wonder (Score:5, Funny)

      by aduzik ( 705453 ) on Saturday February 12, 2005 @01:38PM (#11652484) Homepage
      JERRY: Well wait a second, don't you see that's 555-FILK.
      KRAMER: What's Filk?
      JERRY: Filk's nothing, but 555-FILM is Movie Phone.
      KRAMER: Oh Movie Phone.
      JERRY: Yes, so people are just dialing it by mistake and getting you.
      KRAMER: So, I'm Filk?
      JERRY: You're Filk.
      KRAMER: Oh, Mama.
  • by saddino ( 183491 ) on Saturday February 12, 2005 @12:21PM (#11651964)
    ...The Typo Milionaires? ;-)
  • The oldest scam on the Internet is forged email, though it was more of a prank than a scam (there was a long before there was a The second oldest is the Make Money Fast spam, though it wasn't called spam back then.

    Typosquatting is a youngling. AFAIK, mine was the first ( and that only happened in 2/96.
  • (Score:3, Interesting)

    by Jesus IS the Devil ( 317662 ) on Saturday February 12, 2005 @02:35PM (#11652920)
    I used to own for a while. The domain was getting massive amount of unique traffic. I believe it was something like 2000 uniques per day. Then I got curious and set a catch-all email address. That got really interesting real fast...

    But I gave it up because it didn't feel right. Could have linked it to one of those search engine sites to make some decent change though... Oh well...

Trap full -- please empty.