[ Strategy ]

Brand Protection Domains: What to Register and What to Skip

Registering defensive domains around your brand name is cheap and often worth it. But there is a limit to how far the protection extends.

· · 6 min read

Brand Protection Domains: What to Register and What to Skip

Companies with any public visibility face a consistent low-level threat: squatters registering domains that look like their brand to capture confused users, run scams, or sell the domain back at inflated prices. Brand protection domains are the preventive response.

The question is not whether to protect your brand through domains — it is how much protection is proportionate to your scale and risk profile.

The Core Set

Every company with a public brand should own:

The .com version. This is the primary domain. If you do not have it, acquiring it is a business priority, not an optional nice-to-have.

The .net and .org versions. Low cost, prevents the most common adjacent registrations. Point them both to redirect to your main domain. Set them to auto-renew and never think about them again.

Common misspellings. Think about how users type your name when they are not being careful. One letter transpositions, doubled letters, swapped vowels. For "Figma" — figma.com is the primary, figna.com and ifgma.com and figmma.com are the defensive picks. You do not need to register all possible typos — focus on the ones a distracted typist would actually make.

Hyphenated version. If your domain is unhyphenated (myproduct.com), register my-product.com. If hyphenated, register the un-hyphenated version. Point it to the primary.

What to Skip

Registering every possible TLD is not necessary and gets expensive fast. If your brand name is "Acme," you do not need acme.shop, acme.store, acme.online, acme.site, acme.ninja, and 40 other new gTLDs. The marginal protection value of each additional TLD drops sharply after the main ones.

Skip ccTLDs for countries you do not operate in. A UK company does not need to register brand.de, brand.fr, and brand.es as defensive registrations unless you are actively expanding there.

Skip phonetic variant registrations unless your brand has an unusually ambiguous spelling. If your brand is a standard English word, the misspelling variants that matter are the obvious ones.

When to Expand Protection

The right time to expand your defensive portfolio is when your brand visibility increases significantly. After a major press mention, a funding announcement, or rapid user growth, squatters are more likely to register adjacent domains. The window between visibility increase and squatter registration is often 24-72 hours.

Run a batch availability check of your brand name across the full TLD set before major announcements. Register anything available that you care about. The cost to register is trivially cheap compared to the cost of disputing or purchasing a domain from a squatter after the fact.

Handling Squatters After the Fact

If someone registers a domain that could confuse your users, you have options:

Buy it. For parking pages or clearly speculative registrations, a direct purchase offer is often the fastest resolution. Make an offer through a broker to maintain anonymity and avoid signalling desperation.

UDRP. File a UDRP complaint if the registration is in clear bad faith and you have trademark rights. Requires meeting the three-part UDRP test.

Registrar abuse report. If the squatter is using the domain for active phishing or fraud, the registrar will often suspend it quickly on an abuse report with documentation.

Live with it. Some defensive registrations are not worth the fight or the purchase cost. A squatter holding brand-reviews.com at an inflated price may be less damaging than the cost of acquiring it.

The Portfolio Maintenance Reality

Every domain you register for brand protection is an annual cost and a renewal you need to manage. A portfolio of 20 defensive domains costs $200-$400/year and requires active monitoring to prevent accidental expiry.

Set them all to auto-renew with a reliable payment method. Store the list in your IT asset inventory. Review the list annually — drop any that have become irrelevant as your brand evolves.

The worst outcome is registering defensive domains, having them lapse because you forgot to renew, and watching a squatter re-register them immediately. Use BatchDomain periodically to spot-check that your defensive domains are still in your account and not recently dropped.