The Changing Face of Online Brand Abuse

Te Smith , Vice President, Corporate Communications, MarkMonitor

The brand breathes life into every aspect of business, guides every customer interaction and drives market perception. Online thieves also earn a living by attacking leading brands. These attacks come from multiple directions, often simultaneously and always at warp speed.  

Constant growth and changing targets

Our most recent Brandjacking Index™ quantified these attacks by examining 30 leading Interbrand-ranked global brands through  2007 and the first quarter of 2008. We found the biggest growth in brandjacking abuse was in mainstream product categories. Automotive brands rose the most sharply as targets for brandjacking with a 99% increase and food and beverage products with a 77% increase. Cybersquatting continues to be the most common method of brandjacking that we observed with more than 400,000 exploits in the first quarter of 2008 alone. This represents a 40% increase for the year, beginning 2007.

The recent news on phishing continues to be worrisome. Phishers are carefully picking the most desirable targets. During the last quarter of 2007, there was profound growth in the number of new organizations targeted by phishers, with 122 companies observed for the first time as the subjects of an attack. This is the biggest increase in any quarter of the year, showing that the phishers are widening their focus. We also saw seasonal shifts in the types of target industries, and continued increasing sophistication in the types of exploits used by phishers to obtain individual user account information.

Overall, 412 different organizations were targets of phishing attacks last year, which represents an increase of 37% over the number observed in 2006. November was a record month for phishing targets, with 275 targeted organizations.

Vigilant brandholders do have an effect
As a dedicated defender of your brand, you are the expert to whom your colleagues turn for help when your brand is under attack online and your efforts show signs of paying off. Domain kiting and PPC activity has dropped off among the brands that we studied. Pay-per-click attacks actually dropped in the last two quarters, and were well below levels observed at the beginning of 2007.

We believe that brandholder vigilance is the major reason for these declines. Further scrutiny by ICANN and Google’s announcement that it will turn off Ad Sense revenue for domains that are younger than six days old should make kiters see a further significant drop in their revenue streams.

Kudos to you for your vigilance and creativity! After the celebration, though, remember -- as long as there is money to be made, we can be sure to see brandjackers evolve their techniques – and seek fresh brand targets – to line their pockets.

For the full story on our most recent Brandjacking Index, which includes a special in-depth look at brand abuse in the Travel Industry, please visit www.markmonitor.com to download a complimentary copy. I’d love to hear your ideas for future reports, so feel free to drop me a line at tsmith@markmonitor.com.

Sincerely,

Te Smith
VP Corporate Communications, MarkMonitor Inc.

ICANN UPDATE

ICANN New Delhi Update

Margie Milam, General Counsel, MarkMonitor

We are happy to report that significant progress has been made by ICANN on two important issues to the intellectual property community - domain tasting and registrar compliance.

Domain Tasting
In April, the GNSO Council approved a motion to discourage use of the current “add grace period” (AGP), whereby domains can be returned within five days without cost, for “domain tasting” purposes. The motion (which is pending for Board action at the Paris meeting) would prohibit any registry from offering a refund to a registrar for any domain name deleted during the AGP that exceeds 10% of its net new registrations during that month, or fifty domain names - whichever is greater.

“Domain Tasting” refers to the registration of domain names, with the aim of testing those domains to see if they generate sufficient advertising revenue (usually through pay-per-click advertising). If the name is profitable, it is kept. If not, the AGP is used to return the domain at no cost to the registrant. This practice has resulted in a significant increase in cybersquatting activities targeting the world’s largest brands, as reported in the MarkMonitor Brandjacking Index™.  

Last October, the GNSO Council launched a policy development process on domain tasting and produced a draft Final Report. Many of MarkMonitor’s clients participated in the policy development process and submitted comments in favor of eliminating domain tasting. In response to the significant abuse attributed to domain tasting, both Affilias (the .info registry) and NeuStar (the .biz registry) independently submitted a request to ICANN to allow them to similarly revise their policies to discourage the use of the AGP. We commend Afilias and NeuStar for their leadership in recognizing the need to address the domain tasting problem. The GNSO motion, if approved by the ICANN board, would apply to all gTLD registries, including the .com and the .net registries operated by Verisign. 

Registrar Compliance
Some more good news - ICANN has dedicated additional resources to tackle registrar compliance issues, in the face of growing complaints against certain retail registrars. ICANN’s compliance director, Stacey Burnette, initiated numerous activities to hold noncompliant registrars accountable for their actions. These include registrar audits, as well as the implementation of the ICANN registrar escrow program.  

Another area of compliance deals with the Uniform Dispute Resolution Policy (UDRP) which is relied on to protect brands from cybersquatters. In May, ICANN announced that it has sent a notice of breach to Red Register Inc. documenting its failures to comply with the UDRP. Specifically, Red Register refused to implement UDRP decisions in favor of numerous trademark holders that had been successful in their UDRP proceedings against cybersquatters - see http://www.icann.org/announcements/announcement-19may08.htm. ICANN may terminate Red Register’s registrar accreditation if it fails to address its breach. 

Red Register has faced previous challenges for trademark infringement and cybersquatting in the past, by companies such as Microsoft. ICANN’s notice of breach is reassuring to brandholders since it signals to the registrar community that they will be held accountable if they do not comply with their ICANN obligations.

Participation in ICANN
These issues highlight the need for brandholders to participate in the ICANN process, whether through attending the Paris meeting, or through submissions of comments at the appropriate times. In response to public comments recently submitted during the mid-term review of the Joint Project Agreement between ICANN and the U.S. government, ICANN has expressed a desire to hear from businesses affected by their policies. Brandholders should welcome this opportunity to inform ICANN of their concerns. We will continue to let you know when brandholder participation is needed to address issues important to your brand. 

INDUSTRY UPDATE

FTC Phishing Videos

One of the best ways to protect your brand against phishing attacks is to help customers protect themselves, by educating them on the issue. With that in mind, the Federal Trade Commission has created some short videos on phishing which aim to stimulate people to think about phishing and the value of their personal information.

The videos are the newest tool on OnGuardOnline.gov, a partnership between the federal government and the technology industry to help consumers be on guard against Internet fraud, secure their computers, and protect their personal information. The new videos also are featured at www.youtube.com/ftcvideos and on the FTC site at http://ftc.gov/bcp/edu/multimedia/video/ogol/phishing/index.shtml.

 

Subscription Center | Contact Us | Careers | Privacy | Legal | Glossary | Site Map

© 2010 MarkMonitor Inc. All rights reserved.