Top brands face up to 10,000 "brandjacking" incidents a
week from cybersquatters who are trying to pass off fake sites as
genuine, according to
new statisticsfrom researcherMarkMonitor
.
The direct cost of removing each one using a
Uniform Dispute Resolution
Policy process at ICANN,
the top internet domain registry, is around £4,000 per incident.
Legal fees can add thousands per incident.
Fortunately, relatively few people are responsible for most of
the brandjacking, said Charlie Abrahams, vice-president and general
manager of MarkMonitor. This allowed companies to identify the
individuals behind the scams and to get a blanket injunction
against them, he said.
"These guys are very organised and very sophisticated," Abrahams
said. He said some are using obscure but legitimate domain
registries such as .cm (Cameroon) or .co (Colombia) to register
generic and brand names like sex.co or sex.cm or Coke.co. They hope
to catch people who misspell the URL they really want or that
search engines will deliver the "wrong" link together with the
legitimate site.
They also set up automated watch lists to see when a legitimate
domain name comes up for renewal. They hoped to re-register it in
their own name before the real owner renewed it, Abrahams said.
Abrahams said CIOs needed to put their names on to auto-renewal
and ensure that all their websites were registered in their
employer's name. "It is surprising how many domain names for large
brands are registered to former IT managers or website developers,"
he said.
Abrahams said the study is based on MarkMonitor's investigation
of brandjacking incidents at 32 of Interbrand's
Top 100 brands. The study found cybersquatting up by one-third
over last year, and phishing attacks against retailers
quintupled.
With cybersquatting, a non-brand owner registers as his own a
well-known brand or a domain very close to or simply misspelled.
This is by far the most common form of brandjacking, said Abrahams.
Others include false association, domain kiting (using a domain
name until the internet's domain name servers know who the rightful
owner is), pay-per-click fraud and phishing, among others.
The study found 382,000 incidents of cybersquatting, 73,000
cases of false association, and 27,000 pay-per-click frauds. But
there were bright spots. Paid search abuse halved, which meant
there were also fewer objectionable pop-up advertisements and
e-commerce abuses, Abrahams said.
Abrahams said more brands are under attack. Abuses aimed at
motor vehicle makers were up 83%, with 95,000 in the last quarter
of 2007 alone. There were two-thirds more attacks on food, beverage
and other consumer packaged goods targets, while attacks on
clothing brands were up 50%.
Traditional targets such as banks and media companies were up
23% and 38% respectively, the study found.
Abrahams said the US hosted most brandjacking sites (68%),
followed by Germany (9%), the UK (4%) and Canada (4%).