Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Brand Protection |
Sponsored by |
|
In the 2021 Domain Security Report, we analyzed the trend of domain security adoption with respect to the type of domain registrar used, and found that 57% of Global 2000 organizations use consumer-grade registrars with limited protection against domain and DNS hijacking, distributed denial of service (DDoS), man-in-the-middle attacks (MitM), or DNS cache poisoning. On average, the adoption of domain security controls is two times higher for enterprise-class registrars than for those using consumer-grade registrars. more
Domain brand squatting can be defined as the unauthorized or dishonest use of a brand or company identifiers in domain names. It is often linked to the use of look-alike domains in bad faith, and we see it all the time. The threat actors behind these domains are called different names, though a prevalent one would be “typosquatters.” The Hot on the Trail of Compulsive Brand Squatters webinar showcased how these people are infiltrating the Internet. The first page of PhishTank’s valid phish search alone as of this writing tells us that domain brand squatting is a real and present danger. more
According to the Cybersecurity and Infrastructure Security Agency (CISA), most cyberattacks, including ransomware and business email compromise, begin with phishing. Although losses due to ransomware now exceed billions annually, most ransomware protection and response measures don't protect against the most common phishing attacks. Established research shows that phishing attacks most commonly occur from a maliciously registered, confusingly similar domain name, a compromised or hijacked legitimate domain name, or via email header spoofing. more
With cybercrime on the rise, companies in 2021 have experienced increased ransomware attacks, business email compromise (BEC), phishing attacks, supply chain attacks, and online brand and trademark abuse. While domain cyber risk is rising, the level of action being taken by Forbes Global 2000 companies to improve their domain security posture has remained unchanged, leaving these companies exposed to even more risk. The risk of not addressing your domain security can be catastrophic. more
Domain names are registered by the thousands every day. In July 2021, 236,336 domains were newly registered daily on average across all top-level domains (TLDs). Tens of thousands were also newly expired. Other months could be just as busy. "Newly registered" and "newly expired." Those are two terms I often get questions about. Newly registered domains are domains that someone just reserved, typically through a registrar or web hosting company. Newly expired domains, meanwhile, are those domains that someone had reserved but decided to let go for one reason or another. more
Not infrequently mark owners in disputes under the Uniform Domain Name Dispute Resolution Policy (UDRP) claim that respondents should have been aware that the domain names they registered corresponded to their marks; and from this, urge panelists to draw the inference that the registrations were designed to take advantage of their goodwill and reputation. To test this premise, we need to take a step back for a quick look at UDRP provisions. All it takes to acquire a domain name is to sign a registrar’s registration agreement. more
Domain blocking mechanisms are an important element of an organization's defensive domain strategy. With the introduction of the New Generic Top-Level Domain (gTLD) Program by the Internet Corporation for Assigned Names and Numbers (ICANN) in 2013, brand owners were faced with a new challenge -- protecting their marks without overburdening their budgets. Defensive domain registrations were and still are an effective way in which a brand can protect itself in domain namespaces. more
I have pointed out in earlier posts that some panelists disapprove of the business of speculating in domain names. There have been a succession of decisions expressing this view beginning with <crew.com> discussed below. Forfeiture has been justified with a mixture of theories. If the offering price is allegedly "excessive" or the domain name is passively held, or the respondent has renewed its registration after the mark is first used in commerce, the panelists find respondents have engaged in unlawful conduct and must forfeit their domain names. more
In this final article in the series of studies looking at Euro 2020-related infringements, we revisit domain name infringements and consider activity across other online channels, with a focus on social media and mobile apps. Following the original study, which looked at domains registered before May 2020 with names containing "euro2020" or "euro2021," we analyzed daily activity levels in the period immediately preceding and during the competition. more
Following our previous article on the Euro 2020 football tournament that looked retrospectively at domain name registrations relating to the competition, this article considers activity on eCommerce marketplaces. For this study, our Discovery Engine technology was used to conduct a regular series of scans across key international online marketplaces. We monitored for listings (offers of sale) relating to Euro 2020 clothing and merchandise. more
During last week's ICANN71 Virtual Policy Forum, the Brand Registry Group (BRG) held a very informative session about how ICANN can help potential applicants prepare for the next new gTLD round. Speakers during the session provided historical perspective that applicant guidebooks have regularly evolved over time as a result of community review and feedback provided to ICANN, providing concrete examples of how the current applicant guidebook was developed. more
In the run-up to the postponed Euro 2020 football championships, we've analyzed historical registration trends in domains containing the terms "euro2020" or "euro2021." A number of previous studies -- looking at events as diverse as the COVID pandemic, the annual holiday season shopping events, and the Reddit campaign relating to the manipulation of the stock price of U.S.-based retailer GameStop -- show a link between real-world events and spikes in online activity. more
Managing the risk of third parties has become a compliance focus for many large organizations. Companies even work with third-party service providers and external vendors just to manage this risk. The recent SolarWinds attack escalates the critical need for chief compliance officers to collaborate with their business counterparts to identify and mitigate potentially unknown threats that lie within third-party supply chains. Yet how can companies manage this risk when it's not if but when you're attacked? more
Domain name abuse is one of the most dangerous and under-regulated issues in digital business security today. Many of the largest companies in the world still lack basic domain security protocols, making them prime targets for bad actors. An attack on a domain can lead to the redirection of a company's website, domain spoofing, domain and domain name system (DNS) hijacking attacks, phishing attacks, network breaches, and business email compromise (BEC). more
CSC recently participated in an open discussion at the World Trademark Review's APAC WTR Connect, where we moderated a discussion with brand owners, Western Digital and PVH, and platform owner, Alibaba, on the topic: "Making the Platform Relationship Win-Win." How do brands define what a platform is? For the brand owners, a platform could be any distribution service of their products -- be it a traditional eCommerce marketplace like Alibaba or Amazon.com -- or other digital service enablers... more
A World-Renowned Source for Internet Developments. Serving Since 2002.