Re: I used to pay...
I'm afraid your problem is really one of thinking that your customers are somehow going to go to the wrong domain when I very much doubt they even know what the right domain is anyway. People don't use domain names like that any more, they just hit a Google or other link and find you, then bookmark it.
There are literally so many other domains out there that I can't guess what most places would use at first attempt, even when I know their business or website inside-out. There are companies whose official name is .uk.com, personal users on .co.uk, and huge companies on .net and other TLDs. Hell, the whole .eu debacle should show you what a waste of time it is - companies went mad to snap them up and now if they were British they have to forfeit them anyway, and someone else can have them.
My old workplace did this for about 10 years, trying to buy up every related domain, and they soon realised that the "wrong" domains just sat unused for years (because it would have been incredibly simple to prove they were passing-off on the basis of the actual name, no matter the TLD), and people were literally registered more deliberately and then telling that place, in the expectation that we'd buy their domain too.
It got stupid, and a stop was put to it, and now they have one domain and that's it. They get far more hassle from other random, unrelated companies doing things like putting their opening hours on generic "opening hours dot com" websites, getting them completely wrong (in some cases just making them up), and then when customers google what the opening hours are for your company they somehow think that random-website-on-the-other-side-of-the-world knows better than the actual, main company website. And when you contact those pages to demand removal or correction, they want to charge you to do so.
Buy a domain. Stick with it. To my knowledge, I've never knowingly typed in a .uk (without a "co" or something before it) or a .hotel or a .travel or a .anything - I may have clicked on a link to them or been redirected to them, but I've never typed them in or tried to remember them.
And any website that's passing off as you? They could do it on a billion similarly-named domains, including the unicode tricks to look like normal characters that look almost identical. The problem there is fraud in claiming to be you, not what name they actually host under. They can find a thousand domains that are confusingly similar to yours in an instant.
Biting the hand that feeds IT
