Each day, millions of people are harmed in one way or another by cybercrime. While we have a good understanding of the number of systems compromised or even the profits of the attackers, the harm experienced by humans is less well understood, and reducing this harm should be the ultimate goal of any security intervention. To efficiently allocate effort for the purpose of reducing harm, we must understand how this harm is perpetrated, which perpetrators are causing it, and how much harm is being experienced due to which attacks. This paper presents a strategy for quantifying the harm caused by the cybercrime of typosquatting via a new technique we developed called intent inference. Intent inference allows us to achieve three goals: define a new metric for quantifying harm to users, develop a new methodology for identifying typosquatting domain names, and quantify the harm caused by various typosquatting perpetrators. Through synthesizing complementary datasets, we find that on average, typosquatting costs the typical user 1.3 seconds per typosquatting event over the alternative of receiving a browser error page, and legitimate sites lose approximately 3% of their mistyped traffic over the alternative of an unregistered typo. While these metrics quantify harm for typosquatting overall, there is much variation between perpetrators: while on average perpetrators increase the time it takes to find the intended site, many typosquatters actually improve the latency for users finding their intended site. Overall, we find that we are able to precisely quantify the amount of harm experienced by the primary stakeholders, and that some perpetrators of typosquatting are actually strictly utility increasing for themselves, the targeted site's owner, and the users, calling into question the necessity of harsh penalties or legal intervention against this flavor of cybercrime.