Home / Blogs

Why Brands Need Their Own TLD - The Mulberry-Sale Site that Scammed Me

As a seasoned internet user, even an old ‘Domainer’, I was there when ICANN launched the first round of New TLDs. I remember the criticism we received from the media back then. We were invited to countless roundtable discussions, press conferences, and local internet events at which we were expected to answer the key media question: “Why are new TLDs necessary?” Dot BIZ, .INFO, and four more were the test bed new TLDs—I represented .BIZ in EMEA.

We constructed arguments based on the future internet; where segmentation was possible. We were building a ‘business section’ online with .BIZ. We proposed that there remained only limited options for elegant domain names under .COM and .NET and the growing global business community, particularly new businesses launching their online presence, needed new inventory. Back then there were just 30 million .COMs. Now, 10 years later there are 95 Million. So inventory wasn’t the issue. People associated the Internet with .COM and our job to launch these new TLDs was to be an uphill struggle.

Now in 2011, it’s been 10 years since the first round of new TLDs was launched by ICANN. Those six names were reasonably successful. I say reasonably given the advertising community’s disinterest in them. Between the top two performers—.BIZ and .INFO there are now close to 10 Million names worldwide. In the ICANN lead up to their launch in 2000, many of the same industry players submitted similar bids to what ICANN is asking of applicants in this round. The same process was repeated in the second round of new gTLDs with names like .MOBI. In that round many names represented different identities and new uses starting to see a little innovation in the web name space.

This time, however, I see one very different reason for new TLDs. The time has come for Communities, Geographies and Brands to have access to authenticity and authority online. Today’s opportunity is all about preventing fraud and misrepresentation online. Brands and named personalities have had to fight tooth and nail to hang on to, or win back their rightful names. Anyone can register anything under the current generic TLD space where you find dirt-cheap anything.COM. Name sellers have built name generating software to come up with a wide variety of options for any name in .COM. If a company has not been extreme in their diligence to protect the IP of their brand online—they are wide open to fraud. The domain name space has spent almost two decades growing up. Fraudulent domain owners can now secure lock a name, and hide their identity. That is so long as their luck does not run out and they are found misrepresenting a brand, or swindling consumers.

Which brings me to my point. I’m an online shopper. I love the experience, the browsing, the solitude of my screen, the satisfying dragging of icons into my virtual shopping trolley.

My particular weakness is a luxury handbag bag. And in this I’m far from being alone. I’m part of a substantial target audience. Alas it’s an audience that is targeted by fraudsters.

After many years of managing to never be fooled by the deal that just looks too good—they got me. A respected friend, from the legal community no less, forwarded an email with a link to the Mulberry-Sale.com site. And the deals were very attractive, not outrageously cheap, just the right pricepoint to be believable.

Feeling very smug about my clever find, I proceeded to checkout, entered all my bankcard details and looked forward to receiving my package. Five days later I began receiving confirmations about the delivery. The tracking number and shipping company listed were the giveaway—why would a Chinese delivery company handle a US-European shipment? And then I noticed the style of English—Asian style not US and I knew I’d been had. I immediately called my bank. Too late: of course they couldn’t put a stop payment on the charge, I had already confirmed it.

I wrote Mulberry customer care an email about the experience and warned them they had better be more diligent about protecting their brand online. I suggested they take such actions as registering any combination of their brand in .COM and other geographic markets they sold to. It took me a few moments to escalate my tone towards the obvious—APPLY FOR THE .MULBERRY TLD and save us the headache of wondering if a site belongs to you or not. I want to go to your OFFICIAL Mulberry website, and to know that anything not bearing the .MULBERRY domain name—is not your site. I want that from all of the brands selling their wares online. I’m tired of being fooled by clever cyber-crooks. Even if I should have know better.

At the ticket price of USD $185,000 to apply for a TLD with ICANN, coupled with the consultancy fees brand owners will most likely need to take on to write a bid that meets all the demands of the ICANN registry contract—only the worthy will bother. It’s apparently the only way we can ever be guaranteed a trusted, secure space online to transact and interact with a known entity. Remember when the WhiteHouse.com website was highjacked? ICANN is asking for a real and true commitment from those who want their identity online to be permanent and guaranteed. And I’m asking nothing less as a consumer interacting with those names online.

Filed Under


Hmm David A. Ulevitch  –  Oct 17, 2011 9:04 PM

whitehouse.com wasn’t hijacked—It used to be owned by an adult site.  If people can’t figure out that whitehouse.gov is the address for the whitehouse, they won’t figure out http://www.whitehouse is the official site either.  In fact, more people will probably just end up typing whitehouse.com as a result. 

It’s apparently the only way we can ever be guaranteed a trusted, secure space online to transact and interact with a known entity.

That’s a conclusion drawn from nothing. If SSL has taught us anything, it’s actually that you can’t have confidence in a stranger you don’t trust determining who is trustworthy.

Requiring people to pay $185,000 won’t make things more secure or trustworthy and there’s nothing in your post to suggest that it will.  I can’t (and won’t) claim it’ll make it worse, but I do think it’ll certainly make things more confusing for users.

Is that .mb, .mulb, mulberry .mulbarry-bags, .mluberry or .mulberry-sale? jeroen  –  Oct 18, 2011 8:21 AM

Is that .mb, .mulb, mulberry .mulbarry-bags, .mluberry or .mulberry-sale?

Like normal domain names, one can do typo’s quite fine when on the TLD level.

The only way you are going to get what you are likely looking for is to google for it. And that is fortunately what most people do.

Those scams tend to happen because stupid people click on links in emails they get from friends
One can’t do much against that though.

> I wrote Mulberry customer care an email about the experience and warned them they
> had better be more diligent about protecting their brand online. I suggested they take
> such actions as registering any combination of their brand in .COM and other geographic
> markets they sold to.

As you are a domainer, you would love to have them get every single domain possible (as it earns you money), even though all of these are useless and with the advent of UTF-8 a lot lot more can be created that look like the real thing but are not the real thing.

I guess for you have now learned to use the internet the hardway: if you get a link, verify ownership if you are going to give something money.

Googling/Binging/Yahooing/whatevering for a domain generally will tell you if it is a fresh domain that nobody knows about or that it is the real deal.

Also, what amazes me here is that, you as a domainer fell for this without simply doing a WHOIS on that domain, which should have showed you some kind of strange DNS servers and likely a Domains By Proxy kind of hiding service.

TLD typos Kevin Murphy  –  Oct 18, 2011 9:04 AM

Typosquatting at the TLD level will not be possible. There are far too many safeguards in the ICANN evaluation/objection/contention procedures for any of your examples to ever be approved.

Even if the 'price' for a TLD jeroen  –  Oct 18, 2011 9:12 AM

Even if the 'price' for a TLD will be high, it does not guarantee a thing. The organisations that are in place have already gotten their .com + .cc-tld variants that they need. Matchbox might want to have .mb and so does Mulberry, who is going to get it? And then still is it .mb, .mulberry, or anything else that one needs? Just typing "mulberry" in google/yahoo/bing/whatever will give you the result you want, which is likely going to be www.mulberry.com for a long long time, as that is where all the links point to. Note also that stupid people will simply click on a link when it has mulberry-sale in it, be that on the TLD level or below a TLD, this as they don't bother to check it. As such it won't "protect" stupid people, it will, just like anything else with domaining, just make free money out of some random bits for a few select amount of people. I do really hope that in the case of TLD sales that cash that is generated is donated to an organisation like ISOC so that they can at least use that money for the good of the Internet.

.mb Kevin Murphy  –  Oct 18, 2011 9:38 AM

The Applicant Guidebook contains several mechanisms that would prevent a brand typo or any confusing similar string being approved at the gTLD level. It's not just about the price. The Guidebook also rules out your .mb example, because all new gTLDs have to be three characters or more. But what you say about "stupid people" is true -- .brands will only work as security features if the brands themselves market the heck out of them, and even then they won't be foolproof.

True, but pointless The Famous Brett Watson  –  Oct 18, 2011 10:08 AM

I'm inclined to agree that the monetary and bureaucratic barriers to TLD registration will be sufficiently high to prevent petty fraud of this sort. Nobody is going to sink that much time and effort into hit-and-run counterfeiting. Registering a TLD won't make you any more secure against impostors, however. If people can't get it into their heads that mulberry.com is the only official site, then there's no reason to think they'll fare better with www.mulberry instead. People are fooled by fraud of this sort because they look at the domain name in isolation: they don't check it against anything, they just think, "that looks kind of realistic." Thus, any realistic-looking name will do to conduct fraud. Private TLDs have nothing to offer on this front.

There is a strong possibility that new Paul Tattersfield  –  Oct 18, 2011 11:16 AM

There is a strong possibility that new gTLDs will make the problem worse at least in the short term. Why?

Because through time and usage people have become accustomed to http://www.brand.com or brand.com and as a result many consumers are instinctively aware that variations of http://www.brand[genericword].com may be less trustworthy.

New .brand gTLDs introduce a problem - What do you put before the dot?


It is certainly likely that different brands will try different styles until a perceived way of branding becomes apparent. This creates a whole host of passing off opportunities in both existing and new open gTLDs. This is something that individual .brand will not be able to control because it is not only which sub domains they use but also what other brands use and as a result some consumers come to consider trustworthy.

The 30,000,000 to 95,000,000 .com figures are interesting. At the 30,000,000 time domain tasting was just gaining momentum. How much of the rapid increase in registrations was down to domain tasting? Several million a day were being tasted at the high point.

This gives those relying on earlier .com growth statistics to demonstrate demand two problems -

1.) Domain tasting by definition is / was finite even without ICANN acting (after fact) and the daily increases in the .com zone file without tasting are typically now in the 10,000’s a day.

2.) Domain tasting requires type in traffic and most open new gTLDs will almost certainly get miniscule type in traffic for years to come.

Non-sequitir Daniel R. Tobias  –  Oct 20, 2011 2:11 AM

I fail to see how “branded” TLDs are more trustworthy than the existing system.  If you’re confident that your favorite company/organization/agency has its own name in the appropriate .com/.org/.gov/etc. domain (and/or checked the WHOIS in case you’re in doubt), then anything in that domain is as trustworthy as a vanity TLD in the organization’s name.  If companies would resist the impulses of their marketing types to use lots of silly gimmick domains like “companyname-special-offer.com”, and use their normal companyname.com (or organizationname.org) domain (or subdomains of it), then you’d be assured of their genuine nature.

I don't think it is that easy, John Briscoe  –  Oct 22, 2011 3:11 PM

I don’t think it is that easy, there are lots of bonafide shops selling Mulberry merchandise, they are called resellers, the resellers would then all have to move their online shops over to the .mulb TLD (losing control, paying Mulberry for the privilege, etc), and then someone would email then and ask why don’t they create their own e-shop TLD.

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet



Domain Names

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API

IPv4 Markets

Sponsored byIPv4.Global


Sponsored byDNIB.com


Sponsored byVerisign

Brand Protection

Sponsored byCSC

New TLDs

Sponsored byRadix