Phishing

Latest trends in cybersquatting

Daniel Dimov
January 11, 2017 by
Daniel Dimov

Protecting company's intellectual property, including designs, patents, trade names, and domain names, is an essential condition for establishing a successful business. The standard way to protect a brand is to register a trademark, a trade name or a logo that distinguishes the brand from other businesses in the field. The failure to register a trademark may result in financial losses, reputational harm, and circulation of counterfeit. Registering a trademark is also an important step in preventing cybersquatting.

The US Anticybersquatting Consumer Protection Act (ACPA) defines cybersquatting as an opportunistic practice of registering, trafficking in, and using a domain name resembling a trademark belonging to someone else with the aim to profit from it. Cybersquatting started emerging in the middle of 1990s.

See Infosec IQ in action

See Infosec IQ in action

From gamified security awareness to award-winning training, phishing simulations, culture assessments and more, we want to show you what makes Infosec IQ an industry leader.

Cybersquatters usually aim to resell the domain name back to the trademark owner or benefit from the web traffic generated by the domain name. By way of illustration, domain names registered as a result of cybersquatting may include www.gooogle.com, faceboook.com, www.amozon.co.uk, MikeRoweSoft.com, and www.parishilton100.net.

The tendency of abusive domain name registration is growing steadily. In 2015, The Arbitration and Mediation Center of the World Intellectual Property Organization (WIPO) received 2.754 complaints related to cybersquatting, 5% more than in 2014. The fraudulent gTLD registrations are anticipated to increase further as new domain name extensions (e.g., .shop) are about to launch.

Our article looks deeper into the phenomenon of cybersquatting by analyzing the most common types of cybersquatting (Section 2), discussing cybersquatting-related monetization practices (Section 3), examining the most vulnerable sectors affected by cybersquatting (Section 4), and recommending ways to combat cybersquatting (Section 5). At the end of the article, a conclusion is drawn (Section 6).

 Types of cybersquatting

Cybersquatters are free to register any available domain names, even if such domain names significantly resemble already registered domain names. Cybersquatters usually use a combination of legal and illicit schemes for generating profits. Such schemes may include the following elements: (1) registering domains which include common English words with the aim to resell them in the future; (2) registering mostly mistyped spelling of the names of popular websites; (3) purchasing recently expired domain names; (4) publishing derogatory remarks about a company or a person on the cybersquatted website; and (5) monetizing the content by publishing affiliated links and encouraging users to click on them. As a result of such practices, the owner of the legitimate website may experience serious financial and reputational consequences. At present, there are four dominant cybersquatting types, namely, typosquatting (section 2.1), identity theft (Section 2.2), name jacking (2.3), and reverse-cybersquatting (Section 2.4). They are briefly discussed below.

Typosquatting

Typosquatting is often referred to as 'URL hijacking,' 'a sting site,' and a 'fake URL.' Typosquatters rely on common mistakes made by Internet users when typing a web address into a web browser. Such mistakes include misspelling (e.g., www.intrenet.com), different phrasing of a domain name (e.g., www.internets.com), other top-level domain (www.internet.net), and use of Country Code Top-Level Domain (ccTLD) (e.g., www.internet.co). More advanced typosquatting techniques exploit visual, hardware, and sound similarities of trademarks. For example, homograph attacks rely on the visual similarity of symbols that can be confused, as well as on letters or strings that might be confused with one another, such as confusion between 'vv' and 'w' in the domain name www.bankofthewest.com (www.bankofthevvest.com).

To trick Internet users, typosquatters may also create a fake website that resembles the source by using a similar layout, color schemes, logos, and content. Typosquatters use such fake websites to (1) compel legitimate website owners to buy the cybersquatted domain names, (2) generate more web traffic, and (3) spread malware.

Identity theft

Cybersquatters may purchase a domain which was unintentionally not renewed by the previous owner. Cybersquatters use special software applications which allow them to monitor the expiration dates of targeted domain names easily. After registering the expired domain names, cybersquatters may link them with websites which duplicate the websites of the previous domain name owners. Thus, cybersquatters will mislead the visitors of their websites into believing that they are visiting the websites of the previous domain names owners.

Name jacking

Name jacking refers to the registration of a domain name associated with the name of an individual, usually celebrities and well-known public figures. Name jackers benefit from web traffic related to the targeted individuals.

In the US, personal names can have trademark protection if they acquire distinctiveness through advertising or long use and establish a secondary meaning. Personal names that do not fulfill this condition cannot not be registered as trademarks because many people within the same territory may share the same name. Hence, name jackers may fall outside the scope of the US Anticybersquatting Consumer Protection Act.

The registration of the domain name Madonna.com was a typical example of name jacking. The domain name, which is identical to the name of the pop diva Madonna, was used for spreading pornographic materials.

Reverse-cybersquatting

Reverse-cybersquatting refers to an attempt to secure a domain name legitimately owned by another person. Reverse-cybersquatting may include intimidation and pressure to transfer the legitimate ownership of a domain name to the person or organization which owns a registered trademark reflected in the domain name.

It should be noted that reverse cybersquatting may be considered an abuse of domain name dispute resolution procedures. Reverse-cybersquatting may also constitute a tort or an unfair business practice within the meaning of the laws of some jurisdictions and, therefore, entitle the victims of reverse-cyber squatters to compensation for damages.

Monetization practices

Cybersquatters employ at least the following five techniques to obtain profits from their activities: (1) domain parking; (2) ransoming domain names; (3) affiliate marketing; (4) hit stealing; (5) scams. These five techniques are examined in more detail below.

  1. Domain parking can be defined as redirecting a domain name to a website that contains advertisements for the purpose of generating web traffic.
  2. Ransoming domain names refers to the use of domain names for spreading ransomware. It usually blocks access to the files of the infected systems until the victim pays a ransom. Some forms of ransomware (e.g., Locky) decrypt the files of the infected system, thus making the recovery of the encrypted files virtually impossible.
  3. Affiliate marketing means redirection to web pages used for selling product and/or services in exchange for commissions on the sales of those products and/or services.
  4. Hit stealing is the practice of referring an Internet user who visits a website associated with a cybersquatted domain name to the website of a competitor.
  5. Scams related to cybersquatting may include, for example, identity theft and credit card fraud. By way of illustration, operators of cybersquatting websites may announce that people who register accounts on their websites may win various prizes. The personal data collected in this way can be used for identity theft.

Most vulnerable sectors affected by cybersquatting

The website of the World Intellectual Property Organization (WIPO) indicates that, in 2015, most domain name cybersquatting cases were related to the following 5 areas of commerce: (1) fashion (10% of cases); (2) banking and finance (9% of cases); (3) Internet and IT (9% of cases); (4) retail (8% of cases); and (5) biotechnology and pharmaceuticals (7% of cases). In 2015, multinational corporations, including Hugo Boss (62 cases), Philip Morris (60 cases), and Electrolux (48 cases) were the most active complainants.

Combating cybersquatting

The domain name registrars can contribute to the fight against cybersquatting by requiring potential registrants of domain names corresponding to registered or unregistered trademarks to present trademark certificates or authorizations from trademark holders. However, the main actor in counteracting cybersquatting is the Internet Corporation for Assigned Names and Numbers (ICANN), the organization responsible for maintaining the global domain name system, which allows victims of cybersquatting to resolve their disputes by using procedures organized under the Uniform Domain Name Resolution Policy (UDRP). Such procedures are quicker and cheaper than traditional litigation.

Before submitting a UDRP claim, one needs to meet the following conditions:

  1. The complainant has to have a registered or unregistered trademark. Evidence proving the existence of such a trademark should be submitted to the arbitrational panel.
  2. The complainant has to explain how the trademark owned by him is identical or confusingly similar to the disputed domain name.
  3. The complainant has to prove that the holder of the disputed domain name does not have the rights in the disputed domain name.
  4. The complainant must prove that the disputed domain name was registered in bad faith.

Commenting on the importance of the UDRP, WIPO Director General Francis Gurry states: "By combating opportunistic domain name registration practices, WIPO's services help consumers to find authentic web content and enhance the reliability of the Domain Name System."

Despite the effectiveness of the UDRP, owners of trademarks willing to preserve their good reputation should rely not only on post-factum measures to remedy the effects of cybersquatting, but also take preventive measures aiming to reduce the risks of cybersquatting. For example, trademark owners may register domain names that are confusingly similar to their trademarks, thus preventing cybersquatters from registering those domain names.

Conclusion

Cybersquatting has become a lucrative online practice that may negatively affect the reputation of well-established commercial brands. The owners of such brands may face legal challenges related to overcoming their cybersquatting issues. This is because the demarcation line between the legality and illegality of cybersquatting is difficult to draw, as the phenomenon combines both legitimate and illegal activities.

Although domain name disputes related to cybersquatting and related practices can be resolved in a timely and affordable manner through UDRP procedures, preventive measures can save trademarks owners the fees for initiating such procedures.

Sources

Co-Author

Rasa Juzenaite works as a project manager in an IT legal consultancy firm in Belgium. She has a Master degree in cultural studies with a focus on digital humanities, social media, and digitization. She is interested in the cultural aspects of the current digital environment.

Phishing simulations & training

Phishing simulations & training

Build the knowledge and skills to stay cyber secure at work and home with 2,000+ security awareness resources. Unlock the right subscription plan for you.

 

Daniel Dimov
Daniel Dimov

Dr. Daniel Dimov is the founder of Dimov Internet Law Consulting (www.dimov.pro), a legal consultancy based in Belgium. Daniel is a fellow of the Internet Corporation for Assigned Names and Numbers (ICANN) and the Internet Society (ISOC). He did traineeships with the European Commission (Brussels), European Digital Rights (Brussels), and the Institute for EU and International law “T.M.C. Asser Institute” (The Hague). Daniel received a Ph.D. in law from the Center for Law in the Information Society at Leiden University, the Netherlands. He has a Master's Degree in European law (The Netherlands), a Master's Degree in Bulgarian Law (Bulgaria), and a certificate in Public International Law from The Hague Academy of International law.