Industry View

Industry View | Battling Brandjackers

MarkMonitor's CSO Ihab Shraim offers strategies against domain kiting, pay-per-click abuses and other attacks on your brand

By Ihab Shraim, MarkMonitor

April 28, 2008 —

The Internet has changed the world in astonishing ways—both good and bad—and all in the last 10 to 15 years. We marvel at the good: immediate access to even the most obscure information, free and secure worldwide person-to-person communication, and the ability to access almost any product or service with just the click of a mouse.

But its mass appeal and reach combined with anonymity and complex, constantly evolving technologies also make the digital world an unsafe place. Criminals and hackers are wreaking havoc on increasing numbers of well-known brands for their own profit. These 'brandjackers' have fine-tuned the techniques of online marketing and are exploiting them to their advantage and at the expense of true brand owners. As a result, organizations face serious online threats to their reputations, customer relationships, and ultimately, their revenues.

Just as the CSO role was created to combat heightened IT security threats in the '90s, increasingly sophisticated Internet schemes have made it necessary for the CSOs to take up arms in defense of their company brands. As Brian Burke, program director of security products at IDC has noted, "Protecting brand reputations, customer relationships and revenues from online abuses is becoming as important to enterprises as securing their networks, data and systems from Internet-borne threats."

In order to shed light on the "brandjacking" phenomenon, MarkMonitor, an enterprise brand protection firm, created the Brandjacking Index, a quarterly report that measures the effect of online threats to the world's strongest brands. The latest edition of the Brandjacking Index tracked millions of emails and billions of Web pages over a full year to examine how brandjacking tactics such as: cybersquatting (the registration of domain names containing a trademark to which the registrant has no right); pay-per-click (PPC) fraud; domain kiting (the process whereby domains are registered and dropped within the 5 day ICANN grace period, and then registered again for another 5 days); offensive content; unauthorized sales channels; and phishing have evolved.

Among our most striking findings were continued declines in domain kiting and pay-per-click abuses. We believe these declines can be attributed to increased litigation efforts by brandholders and ICANN scrutiny. What this tells us is that targets of attacks have proven they can fight back successfully. This should encourage CSOs, working alongside their colleagues in the C-suite and the General Counsel's office, to be vigilant about protecting their brands and their customers against evolving threats.

While overall brand abuse continues to increase, the distribution of attacks is evolving over the past year. Cybersquatting continues to be the most common method observed with more than 380,000 exploits in the last quarter of 2007. This represents a 33 percent increase for the year. Using brand names as part of a domain name is an easy way to drive traffic through search engines, and since most common dictionary words are already used for domains, fraudsters and criminals continue to turn to brand names and trademarks when they register domains. We continue to observe sites that abuse popular children's brands and place offensive and adult content on the squatted domains.

• Email
• Print
• Comments
• Digg This
• SlashDot

• That's Gonna Leave a Mark
• A Case for Anticounterfeiting
• 5 Ways Google Is Shaking the Security World