Is a domain a copycat if it just contains my brand name?

Often, yes. A domain that adds a word to your brand (brand-outlet.com, brand-support.com) is called a combosquat, and it is one of the most common and convincing forms of abuse precisely because your name is spelled correctly. What matters legally is whether it is confusingly similar to a mark you have rights in, and whether it was registered and used in bad faith.

What is a homograph domain?

One that swaps a normal letter for a character that looks identical but comes from another alphabet, for example a Cyrillic a in place of a Latin a. To the eye the domain reads as yours; to the registry it is a different string, stored in a Punycode form beginning with xn--. They are dangerous because the address bar looks correct.

Do these domains have to be live to be a problem?

No. A parked or unused lookalike is still a standing risk: it can be activated overnight into a phishing page or a counterfeit store, and its mere existence can support a bad-faith finding. The earlier it is mapped, the cheaper it is to deal with.

What counts as a copycat domain

Most brand owners discover a copycat domain by accident. A customer emails a screenshot of a checkout page that is not yours. Support starts fielding refund requests for orders you never took. Your paid traffic dips for no reason you can find in the ad account. By the time it is obvious, the domain has been working against you for weeks.

The good news is that copycat domains are not infinite or mysterious. They come in a small number of recognisable shapes. Once you can name the shape, you can look for it deliberately, and most of what you find can be recovered or taken down.

The working definition

A copycat domain is any registration close enough to yours that a buyer could mistake it for the real thing. That is the practical test, and it lines up with the legal one: under the UDRP, the first thing a complainant has to show is that the domain is identical or confusingly similar to a trademark they have rights in. If a confused customer could land there and believe it is you, you are usually looking at something actionable.

What follows is the field guide.

Typosquats: one keystroke away

A typosquat is your domain with a small typing error baked in. They track the ways fingers slip:

Omission: a missing letter, like brandnme.com.
Addition: a doubled or extra letter, like braand-name.com.
Transposition: two letters swapped, like bradn-name.com.
Substitution: an adjacent key, like brsnd-name.com.

None of these look right if you stop and read them. The point is that people do not stop and read them. They glance, they type fast, and a small fraction land on the wrong door. At any real traffic volume, that fraction is a business.

Homographs: it looks exactly like you

A homograph domain swaps one or more normal characters for lookalike characters from another script. A Latin a becomes a Cyrillic а; an l becomes a digit 1 or a capital I. The result can be visually identical to your domain.

These are stored in an encoded form, Punycode, that begins with xn--, so the registry sees a different string even though the eye does not. This is what makes them effective for phishing: the address bar looks correct. Homographs are less common than typosquats because they take more effort to register and weaponise, but they are the most convincing, and worth watching for specifically.

Combosquats: your name, plus a word

A combosquat keeps your brand spelled perfectly and adds something to it: brand-name-sale.com, brand-name-support.com, secure-brand-name.com, shop-brand-name.com. This is probably the most common form of brand abuse, and the hardest to catch with a naive search, because your brand string is exactly right.

The added word is doing the work. Support and login set up credential phishing. Outlet, sale, and shop set up counterfeit storefronts. Pay and secure set up payment interception. The extra word tells you what the operator intends.

TLD swaps: the same name, a different door

Your store is brand-name.com. Someone registers brand-name.co, brand-name.shop, brand-name.store, or brand-name.online. Same second-level name, different extension. With hundreds of extensions available cheaply, this is a low-effort way to stand up something that reads as you, and the missing or changed letter at the end is the part customers notice least.

The rarer cousins

A few patterns show up less often but are worth knowing:

Bitsquatting: a domain one bit-flip away from yours in the underlying character data, exploiting rare memory errors that mis-resolve a typed address. Mostly a concern at very large scale.
Soundsquatting: a homophone, something that sounds like your brand when read aloud (4ever for forever). These are a particular risk for anyone using a screen reader, who hears the same word.
Doppelganger / omission domains: dropping the dot after www, so www.brand-name.com becomes wwwbrand-name.com, catching the people who forget the period.

How they make money

The shape often predicts the scheme. Lookalikes get monetised through phishing and credential or payment harvesting, counterfeit storefronts selling fakes under your name, plain traffic and affiliate theft that diverts your mistyped visitors to ads or competitors, and malware delivery. The same registration can move between these over time: parked today, a fake checkout next week.

That mobility is the real argument for mapping early. A domain you have already identified and documented is a domain you can act on the day it turns hostile, instead of starting from zero while it converts your customers.

What to do with the list

Naming the shapes is step one. The next step is to look for all of them around your specific brand, rank what you find by how much risk it actually carries, and decide which to recover, which to take down, and which to simply watch. That is the work a confidential review does in one pass: a full map of the lookalikes around your name, each ranked by recovery probability, yours to keep regardless of what you do next.

You cannot defend a surface you have never seen. The first move is always to see it.

The working definition

Typosquats: one keystroke away

Homographs: it looks exactly like you

Combosquats: your name, plus a word

TLD swaps: the same name, a different door

The rarer cousins

How they make money

What to do with the list

Keep reading

Catch a copycat domain before it goes live

How a domain gets recovered: UDRP in plain English

How to take down an impostor storefront

Worried about a domain near yours?