Brand abuses are generally in it for the money, and want to maximise revenue opportunities from the easiest targets without being detected. To combat brand abuse it is important to understand what they are doing now, and how?
What industries are most vulnerable and what strategies can we employ to protect both our revenue and reputations online? This article will look at:
- The historic high level of Malicious domain and subdomain registrations
- The rise of Intellectual Property abuse: fake websites, fake social media pages, fake mobile apps; and
- The counterfeit problem in Australia
NetNames are global leaders in end-to-end online brand protection solutions, helping brands to stay one step ahead online. Our market leading technology, industry expertise, global reach and commitment to great customer service make us the ideal partner for corporates seeking to protect their valuable digital assets and brands online.
A historic high level of malicious domain registrations
With the launch of the new gTLD program we have seen over four million new domain names registered. The new gTLD program now enables parties to register their brands in domain name spaces closely aligned to their industry, for example ford.cars, google.online or apple.computer. With a crowded .com domain name space, this has opened up much greater opportunity for brand owners to develop new online properties and brands. However, cybersquatters have also been quick to take up the opportunity.
Forbes recently reported that on 29th January, Donuts Inc. launched the first seven of what will be some 1,000 new generic top-level domains. Six days later, at 2:04 a.m., Venura de Zoysa of Kingston in New South Wales, Australia, used GoDaddy.com to register the domain name Adidas .clothing. The following day Erwin Strobel of nearby Wagga Wagga registered Burberry.clothing. This has unfortunately been a common theme among many new gTLD releases.
At NetNames Australia, we have seen our clients attacked across a number of verticals, including the construction space, financial and insurance, FMCG to name a few. In fact, there is a scarce number verticals not affected by cyber squatters under this new gTLD program and brand owners are having to redress this issue through expensive and timely dispute resolution procedures or litigation.
There is also a growing number of malicious domain registrations occurring in our own dotAU domain name space. In the first half of 2014, there were over 1,800 dotAU domain names used in phishing attacks (http://docs.apwg.org/reports/APWG_Global_Phishing_Report_1H_2014.pdf) and in Q2 of 2014, the Anti-Phishing Working Group identified that 2% of global phishing scams now comes out of AU domain names. That is significant considering that there are over 270 Billion domain names registered globally (http://www.verisigninc.com/assets/domain-name-report-april2014.pdf) meaning that we unfortunately hit well above our weight in the malicious domain registration category.
Our clients are taking advantage of our domain name monitoring technology to monitor 3rd party domain name registrations to quickly identify and address issues before they turn into more sinister issues. The quicker we are able to identify issues the less likely scammers are to use these domain names for malicious purposes. We have also been able to block registrations in the new gTLD space be assisting our clients participate in programs such as the Domains Protected Marks List.
The rise of Intellectual Property abuse: fake websites, fake social media pages, fake mobile apps
Australian shoppers lured online to buy discounted designer brand name goods are increasingly falling victim to international counterfeiting operations, according to the head of the Australian School of Security and Investigations.[i] Recently, The Smart Company highlighted that the intellectual property of over 50 Australian online retailers such as Boat Books, Gardening Central, Hobby World and Our Deals was being used to scam potential customers out of their contact details. In most cases the scammer replicates the site, logo, images & code and will use cheap unauthenticated SSLs to give the perception of legitimacy.
Netnames have been working with our clients to take down fake sites set up to steal traffic, divert revenue to unauthorised channels and pass off as legitimate brands for malicious purposes. The scams don’t discriminate by industry; in Australia we have assisted Universities, Clothing companies, Banks, Insurance companies & some of our most iconic online brands and toy manufacturers to take down fake websites. The problem pervades all industry sectors.
Fake social media pages are also on the rise. In most cases, they are created by fans setting up unauthorised pages, third parties creating spoof brand pages or disgruntled customers venting through an unauthorised branded handle. However, there are occasionally instances where scammers use social media to trick customers into handing over their details. Twitter has recently warned that scammers have tricked users into handing over their passwords and user names to commit identity theft or steal money. It is important that brands monitor the major social media networks for unauthorised handles and pages and have them removed via the relevant policy and complaints department.
The new kid on the block in relation to ‘fake’ scams are fake mobile apps. There are a fair amount of fake apps in the Google Play Store® that could cause some unwanted problems to brands, such as virus infestations to consumers, or identify / credentials theft. Rovio Entertainment LTD’s Angry Birds, a popular and addictive game saw multiple fake versions launch through the Google Play Store, which included intrusive pop up ads that were attempting to collect personal information. More locally, in 2013 we saw a Russian syndicate create and launch a fake CommBank Android security app that targets mobile customers that when downloaded, infected the phone with a Trojan designed to block calls from the victim’s bank and capture incoming SMS messages that would otherwise carry the one-time verification passcode required to complete an online transaction.
Australian brands have been targeted in the past, and as mobile app users exceeds eight million users and growing, brands need to consider setting up monitors to ensure fake apps are not damaging their business.
The Australian counterfeit problem
The proliferation of online shopping sites has resulted in Australia being swamped with fake goods. Counterfeiting is a multi-billion-dollar industry and is causing massive damage to brands around the world, including those in Australia. The impact of the problem for Australian brands, and particularly for local manufactures, is significant. The counterfeiters are able to produce low cost replica products and undercut the rightful owner, resulting in significant loss of income. Some of [our clients] would estimate up to 80% of [their] goods found on major online marketplaces such as Taobao or Alibaba... are counterfeit.
Most counterfeits are from China. Low operating costs, uninhibited access to a global customer base and high levels of anonymity make online channels the perfect ‘shop window’ for the sale of counterfeit goods – not just knockoff luxury items, but also fashionable accessories, toys, cosmetics, pharmaceuticals and even car parts. Proactive and effective online anti-counterfeiting strategies must therefore be put in place to preserve customer confidence, brand equity and to safeguard sales and revenues.