There has been much talk over the last few years of the importance of digital marketing, how to create online marketing strategies, how to grow your online client base and following, how to build a brand’s online presence and how to conduct customer service via digital channels like twitter and Facebook. However there is very little conversation on the topic of how such brands’ can be protected once they have been established online. Businesses allocate massive marketing budgets to drive their digital presence. It would naturally make sense to safeguard your brand after so much capital has been invested. Some of the topics we shall be discussing over the coming weeks and months will cover the preventative measures your business can take to avoid such risks as brand reputation, revenue loss and of course legal litigation.

A key area of discussion over the next few months will focus on Domain Portfolio Management. Over the past year major developments and changes have rocked the world of domain names with ICANN , (Internet Corporation for Assigned Names and Numbers) releasing some 1,500 new domain names.
For instance, the music industry has just introduced .band as a new domain name available to online vendors. For yoga enthusiasts and teachers, the domain name .yoga was recently released; A plethora of new and unique domain names including .organic, .buzz, .beer even .wtf have recently been added to the domain name reservoir. This development can present great opportunities for brands endeavouring to expand and grow their online presence. It will allow enterprises to further develop targeted personalised marketing campaigns to new prospective clients and existing client bases. Needless to say, such transformations in the global domain registerary also possess threats to existing businesses. Opportunistic domain squatters may pre-emptively purchase a number of domain names that they imagine would hold equitable value to global brands. The news that Ashton Kutcher recently purchased a number of domain names for his baby daughter before she was even born, highlights the growing importance of reserving a domain name and also the growing awareness of online intellectual property. Brands must immediately consider how their domains are being managed, if at all!

Opportunities for cybersquatters are rapidly diminishing, because most businesses now know that securing domain names is a high priority. This has been happening many years and global brands are only now waking up to the extent of this problem. Companies that have won back their names from alleged cybersquatters following rulings from WIPO include Christian Dior, Nike, Deutsche Bank and Microsoft. Brands need to be aware of not only their current markets but also their potential markets. They need to protect themselves in both prospective future markets in addition to existing markets they currently operate in. Staying one step ahead is of critical importance.

Another issue our blog will discuss over the coming months is the problem of
Typo-squatting. Typo-squatting is similar to cybersquatting and is based on the probability that a certain number of Internet users will mis-spell or incorrectly type the name of a Web site (or actually its URL) when surfing the Web. For example, a common misspelling or a foreign language spelling. Back in 2006 to 2008, there existed an typo-squatted variant of Google listed as ‘’. Landing on this fraudulent website would automatically cause the domain to download computer viruses and other destructive software including the dreaded antispyware program SpySheriff.

Another potential problem facing online brands is Phishing. Phishing involves opportunistic cybercriminals installing malicious software or stealing personal information off of your computer. Like fishing, cybercriminals essentially ‘Phish’ for important data through creating fraudulent email messages, websites, and phone calls. A highly publicised instance of this occurred in 2008 when an online fraudster claimed to be the renowned actress Scarlett Johansson and set up a fake competition whereby she ‘offered herself’ in a threesome with two of the competition winners. The object of the online imposter was to harvest email addresses of the unknowing competition participants.

Another fast evolving form of cyber-crime is brand jacking. Brand-jacking is a particular form of cyber crime whereby someone assumes the online identity of a person or brand with the intention of stealing the organisation or persons brand equity. An example of this happened to US Republican Sarah Palin and US President Barack Obama whereby falsified Facebook pages were created to damage their online presence. Furthermore, in 2006 a fake advert for a Starbucks Frappuccino was devised by an anonymous brand jacker who sought to damage the brands reputation. The objective was to highlight the contrast between consumption and poverty. Such parodies can ultimately destroy a brands equity as social media facilitates the rapid and viral dissemination of such fraudulent material.

In many cases the examples quoted above could be avoided if certain steps had been taken to carefully and thoroughly protect the brands listed. It often occurs that SMB’s and large corporations find themselves having to take costly legal action to fix what originally was a preventable problem. Enormous costs can be incurred if enterprises fail to implement and revise their digital brand protection strategy. In the year 2000, global brand Kodak won back its rights to after a long, tedious litigation process lasting a year and involving some twenty lawsuits. A further example of this occurred when multinational corporation Verizon won a $33 Million dollar lawsuit retrieving it’s domain name from domain-quatters. These global brands had the financial means to pursue such costly litigation, many scaling brands establishing their online presence and scaling their business would not have such capital available.

Whether you’re an SMB or a large multinational, whether you work in the Tech industry or the entertainment industry, the same principles apply. Being prepared is key to guarantee your brands online presence and digital footprint is safeguarded.

Phishing is a type of email scam that cybercriminals use to steal credit card or personal identifying information. The Anti-Phishing Working Group (APWG) reported that 125,215 attacks occurred [PDF 1.28 MB] in January through March of this year alone, which reminds us to be suspicious of “too good to be true” offers you receive in email, even if they appear to come from places you interact with or trust,including ICANN.
Recently, online scammers have targeted domain name registrants with a registration renewal scam in order to fraudulently obtain financial information. The scam unfolds as follows. The scammer sends an email to a domain registrant that offers an opportunity to renew a registration, and encourages the email recipient to “click here” to renew online at attractively low rates. These emails appear to be sent byICANN. The scammers even lift ICANN’s branding and logo and include these in both the body of the email message and at the fake renewal web page, where the scammers will collect any credit card or personal information that victims of the scam submit.
Phishing attacks frequently employ the use of familiar imagery, visuals and language associated with well-known brands in order to trick recipients into believing they come from a valid source. In recent years, scammers have grown especially adept at mimicking real communications, so it’s especially important that registrants take note of any suspicious or unsolicited emails coming from ICANN.
The security of our community remains one of our key priorities. While ICANN is actively investigating these scams, we recommend that registrants also take steps to protect their personal information. If you receive an email similar to the one described above, follow these steps:
Be suspicious of any email that offers domain renewal services from ICANN.
As a reminder, ICANN does not process domain registrations or collect fees from registrants directly. All fee collections are transactions between the registrar and the registrant.
Report any scams to ICANN immediately via an email to Contractual Compliance at Where possible, please provide a copy of the suspicious email.
Contact your sponsoring registrar directly for any concerns about the status of your domain name.
While cybercriminals are always looking to exploit people’s good intentions, it serves as a reminder to always use email security best practices. If you think an email is suspicious, always avoid clicking on any links in the message.

View Source

“A typical phishing or Web-based malware attack usually isn’t terribly complex,” says a report on Threat Post. “But they need a few things in order to work, and one of the key components often is a malicious domain. Researchers spend a lot of time identifying and taking these domains down, but some researchers now are trying to stay a step ahead of the game by predicting which domains will be used for malicious purposes.”
According to the report, “Like bored tweens at the mall, malicious domains tend to cluster together, showing up in large groups at certain hosting providers. Often, these are so-called bulletproof hosting companies that aren’t overly concerned with what kind of activity is emanating from the domains on its platform.”
Dozens of domains are often registered at a time, “typically with nonsensical alphanumeric URLs, and use them as needed, discarding them whenever they’re identified as malicious.”
To counter these attackers, researchers at Palo Alto Networks have been looking at their behaviours. And as a result they have “identified a few things that can help them predict which domains may end up being malicious at some point. They found that one domains are identified as malicious and blacklisted by reputation services, the attackers will abandon them. Then, after a period of time, the domain is removed from the reputation systems and other blacklists and will fall back into a pool of domains that are useful to attackers. In research presented at the Virus Bulletin conference here Wednesday, Wei Xu, Yanxin Zhang and Kyle Sanders of Palo Alto said that they have developed a formula that enables them to predict which of those domains will be used by attackers again.”