• Article

How to Fight Domain Name Abuse

How to Fight Domain Name Abuse

Although you may not realize it, a domain name is an asset and often an important one. Choosing the right domain name is crucial to building a successful online presence. Your online presence hugely affects your sales and reputation and can even make or break your company.

 

Want to protect Your Brand? Contact us for a Free Demo:

 

 

 

 

Why are domain names significant?

Domain names are the address that people type to search for a website.  Every domain name is unique and there cannot be two that are the same. Due to the top-level domain (TLD) system, domain names also characterize websites in the eyes of consumers.

 

What are top-level domains?

Before we go more into domain name abuse, let us understand the basics of domain names.

Top-level domains (TLD) refer to domain suffixes, the last part of a domain name that comes right after the last dot. For example, in the Wiser Market internet address , the “.com” is the TLD.

Most TLDs are generic top-level domains (gTLDs) or country-specific called country-code top-level domains (ccTLDs).

ccTLDs indicate a country, such as .br as the TLD for Brazil and .ru for Russia.

As for gTLDs, some of the most popular generic TLDs include:

  • .com
  • .org
  • .gov
  • .net
  • .edu.

These TLDs represent the type of domain, such as .edu. to represent websites of educational institutions and .com for commercial ones.

The Internet Corporation for Assigned Names and Numbers (ICANN) is the organization responsible for assigning and coordinating domain names and IP addresses and keeping a centralized database.

 

How to choose the right domain for you?

Domains have different extensions, some of the most popular being .com, .net, .org, and hundreds more. To choose the right extension for your brand, you should consider that some domain extensions are perceived as more trustworthy and memorable, such as .com. This perception affects its price and fees.

 

How to choose a domain name?

When choosing a domain name, make it simple and easy. Simple in the way that your domain name reflects the name of your brand. And easy: easy to remember, easy to pronounce, easy to type. And do not forget to find out if the name is not already taken.

 

What is domain name abuse?

For our purposes, domain name abuse refers to domain registration and security threat to your intellectual property.

 

How to Fight Domain Name Abuse

 

Why is domain name abuse increasingly common?

From shopping to banking and dating, every online activity has become more prevalent. This rise has presented growth opportunities for both legitimate brands and cybercriminals.

In addition to the overall growth, domain name abuse is on the rise for various reasons. To start with, it is easy to register domain names, and the approach is usually of “first come, first serve” that does not require proof of intellectual property rights or use.

Also, domain registration prices are accessible. In addition, a typical lack of understanding of the digital namespace makes it an easy target for cybercriminals.

 

What are the reasons for domain name abuse?

The end goal for domain-related infringing activities is not always the same. Some abusers have malicious intentions to damage your brand and tarnish its reputation. Others use domain name abuse to get more traffic and profit from using your brand.

Through diverting your traffic, they can sell counterfeit products and mislead buyers into believing they are the genuine brand. They can also use the domain name to launch malicious attacks, such as malware or ransomware.

No matter the reason, domain name abuse causes the genuine brand loss of revenue, damage to its reputation, and a loss of trust.

 

What are the major categories of abuse of the domain name system (DNS)?

DNS abuse refers to the abuse related to DNS services and includes five major categories:

  1. Malware
  2. Botnet Attacks
  3. Phishing
  4. Pharming
  5. Spam

 

What are the types of domain name abuse?

Domain infringements can come in different forms. Here are the most common types of domain name abuse carried out in bad faith:

 

  1. Buying a domain name with another TLD

There are currently over 1,500 TLDs. Registering the same domain name with a different TLD (brand.net instead of brand.com) is often intentionally misleading.

 

  1. Typosquatting

As the name suggests, typosquatting, also known as URL hijacking, refers to the method of purposely choosing domain names that are only one typo away from the real ones (goggle.com to confuse with google.com).

 

  1. Adding a word in a domain name

Cybercriminals register domain names and add a word that makes the name confusingly similar and credible (like adding to brand.com and registering brand-us.com).

 

  1. Registering an existing domain name with a different TLD

By registering a domain name with a different TLD, cybercriminals may practically hijack a website until they are stopped.

The attack begins when they illegally change the domain’s TLD (for example, from .com to .org) with malicious intent, hoping that people are unaware of the change. Another example is replacing the TLD from generic to country code.

This form of hijacking makes sense because many international brands own their name as a gTLD (such as brand.com), but they also have their name registered as a local website (brand.uk, brand.fr, etc.).

 

What are the most common types of typosquatting?

As we explained, typosquatters buy domain names that are slightly different or have a typing mistake but are almost identical to the legitimate website.

Then, when a person makes a simple error in the URL, it leads him or her to the wrong website. This way, abusers exploit traffic that was intended to reach the legitimate website.

The most common causes for typos are:

  1. A typo in the domain name, such as adding or omitting a character (typing Facebok.com rather than Facebook.com).
  2. Misspelling, especially of confusing spellings (for example, dictionary.com instead of dictionary.com).
  3. TLD typos where typosquatters register an identical domain name with a confusingly similar TLD (such as the ccTLD .cm that stands for Cameroon instead of .com).

 

 

What are some real-life examples of domain name abuse?

Criminals flood the digital space, looking for new ways to exploit it for their gain, and they are often savvy and creative about it.

The system of giving every country a two-letter internet TLDs designated the ccTLD of .cm to the African nation of Cameroon. Abusers were quick to realize it was just one letter away from .com.

As a result, the Neiman Marcus Group found out that although it owns neimanmarcus.com, neimanmarcus.cm was also registered – and not by the luxury brand. Neiman Marcus took action, and now neimanmarcus.cm redirects to the .com official website.

In a different type of typosquatting, www.goggle.com used a typo to get people to a site unrelated to Google’s www.google.com. It is reported that at first, the site also used a design that was similar to Google’s.

In 2011, Google filed a complaint against goggle.com, goggle.net and goggle.org. Google claimed that the domain names are “confusingly similar” to the Google trademark and have the same “look and feel.”

A name that is easily misspelled became the target of domain name abuse related to fashion designer Simon Porte Jacquemus. The designer’s trademark, Jacquemus, was registered in 2013.

In 2020, someone registered the domain name Jacqumus.com. Jacquemus filed a complaint with WIPO. The panel’s decision was to transfer the domain name <jacqumus.com> to the complainant.

Lately, WIPO’s Arbitration and Mediation Center has received the 100th case for .cn and .中国 (China) ccTLD. According to WIPO, the case was filed by Chinese technology company Tencent and concerns five Tencent-related domain names, such as tencentwechat.cn.

 

 

What laws apply to domain name abuse?

Internationally, the World Intellectual Property Organization (WIPO) oversees intellectual property protection, including domain name abuse. If the domain name is identical or confusingly similar to yours, although the registrant has no rights to your works and uses the site in bad faith, you can gain ownership of the domain.

The Internet Corporation for Assigned Names and Numbers (ICANN) can also help you gain ownership of a domain used by domain name abusers like typosquatters.

Local laws also apply. In the United States, the Anti-Cybersquatting Consumer Protection Act (ACPA) protects against cyberpiracy.

It allows a trademark holder to take action against anyone who in bad faith intends to profit from the goodwill of his trademark and for this reason registers, traffics in, or uses a domain name that is identical to, or confusingly similar to, that trademark.

Trademark owners can prove bad faith according to various factors listed there, although there may be others.

One factor is the person’s intent to divert consumers from the mark owner’s website to a site that could harm the goodwill of the trademark holder “either for commercial gain or with intent to tarnish or disparage the mark, by creating a likelihood of confusion as to source, sponsorship or affiliation, or endorsement of the site”.

Another case is if a third-party is sitting on the identical or confusingly similar domain name and not using it, and even more so if they offer to sell the domain name “for financial gain without having used, or having an intent to use, the domain name in the bona fide offering of any goods or services.”

The law discourages other cyberpiracy, such as the registration or acquisition of multiple domain names the person knows “are identical or confusingly similar to marks of others that are distinctive at the time of registration of such domain names, or dilutive of famous marks of others that are famous at the time of registration of such domain names.”

 

Is domain name abuse associated with other intellectual property infringements?

The content hosted on a website can infringe on your trademark(s) and copyright(s), whether there was domain name abuse or not. Yet, the same copied website can infringe on multiple intellectual property rights.

A third party may use your trademark and register a ccTLD, resulting in domain name abuse. Following this, it may pretend to be representing your company or act in your name without your authorization.

To do that, the third party is likely to illegally use your company’s logos or images without your consent so it can pretend it is the authorized party, resulting in intellectual property abuse.

 

How to combat domain name abuse?

Brand owners can follow a strategy of defensive domain registration that mitigates the chances of domain name abuse.

Defensive registration includes popular TLDs, and brands can also register common negative phrases within the domain for better control. This strategy may be effective, but it comes with a price tag.

The alternative strategy is to be on the lookout and proactively respond to specific threats.

When you find domain name abuse, you can contact the registry with evidence that proves your claim and ask that they block or take down the abusive domain.

Blocking illegitimate domains is part of an effective brand protection strategy. Going to the registry is usually more efficient than going to court. Court proceedings tend to be lengthy and costly, and reducing the time of abuse is crucial.

To monitor, detect, analyze, and eliminate domain name abuse quickly and efficiently you need technology and expertise.

 

Wiser Market Online Brand Protection

 

Wiser Market: online brand protection

Look-alike domains, almost-identical domain names and other domain name abuse infringe on your intellectual property.

It causes loss of sales, damages your reputation, and undermines consumer trust.

Online brand protection services can help you detect and eliminate this malicious activity.

Wiser Market is your partner in combatting online threats. Wiser Market brand protection agency provides a proactive brand protection solution to protect your domain name and brand online.

We search and monitor globally to analyze and flag major online threats and effectively enforce, remove, and deter abusers.

At Wiser Market, we believe in a proactive brand protection strategy. Our superb brand protection services, from detection through analyzing to enforcing takedown actions, result in over a 90% success rate.

 

Want to protect Your Brand? Contact us to learn more:

Schedule a Demo

 

 

WiserTip: After your register your domain name with a popular TLD, consider getting other popular TLDs and set them to redirect to your main TLD.