Domain Management

Domain Management / Featured Blogs

Brand Impersonation Online is a Multidimensional Cybersecurity Threat

Brand impersonation happens much more often than people realize. In CSC's latest Domain Security Report, we found that 75% of domains for the Global 2000 that contained more than six characters from the brand names were not actually owned by the brands themselves. The intent of these fake domain registrations is to leverage the trust placed on the targeted brands to launch phishing attacks, other forms of digital brand abuse, or IP infringement...

Patterns and Trends in Domain Tasting of the Top 10 Global Brands

Domain tasting is a long-established practice involving the short-lived existence of a domain, which is allowed to lapse a few days after its initial registration. The practice arose in response to an Internet Corporation for Assigned Names and Numbers (ICANN) policy allowing a domain to be cancelled -- with all fees refunded -- within a five-day grace period, intended to address the issue of accidental registrations1. However, the practice is open to abuse by infringers.

Blockchain Domains and What They Could Mean for Online Scams and Brand Protection

Blockchain domain names, domains that are stored on blockchain or cryptocurrency exchanges, are part of a growing, unregulated, and decentralized internet. Right now, blockchain domains are used mostly by cryptocurrency users, but they are growing in popularity - the Ethereum name service reported over 2.2 million .eth domain name registrations in 2022. At the same time, crypto scams are also exploding, reaching a total of $3.5 billion in losses in 2022.

The Highest Threat TLDs - Part 2

In the first article of this two-part blog series, we looked at how frequently domains were used by bad actors for phishing activity across individual top-level domains (TLDs) or domain extensions, using data from CSC's Fraud Protection services, powered by our DomainSecSM platform. In this second article, we analyze multiple datasets to determine the highest-threat TLDs, based on the frequency with which the domains are used egregiously for a range of cybercrimes.

The Highest Threat TLDs - Part 1

A domain name consists of two main elements: the second-level domain name to the left of the dot - often consisting of a brand name or relevant keywords - and the domain extension or top-level domain (TLD) to the right of the dot. Domain names form the key elements of the readable web addresses allowing users to access pages on the internet and also allowing the construction of email addresses.

2023 Review of the Online Brand Protection Market

Having been involved in this sector for over fifteen years now, the rate of change in the market dynamics continues to surprise me - from its early years when MarkMonitor and NetNames clearly led the space for several years, then seeing well-funded startups such as Yellow Brand Protection and Incopro challenge that, followed by a period of heavy M&A, it is now extremely diverse.

How Safe Are Your .KIDS?

This year has been one of the busiest years for domain launches in quite a while. Before the end of 2022, we'll see one more significant domain launch, namely .KIDS, on November 29, 2022. This extension is being launched as a safe space on the internet for children and parents. The registry has set out some very strict use policies to make this happen. Some companies have already registered their brands during the Sunrise Period, while others have taken up names in the Community Sunrise.

Three Reasons Why CISOs Need to Understand Domain Security

Domain name abuse is one of the most dangerous and under-regulated issues in digital business security today. An attack on a web domain can lead to the redirection of a company's website, domain spoofing, phishing attacks, network breaches, and business email compromise (BEC). Domains used as a company's online world are part of an organization's external attack surface and need to be continuously monitored for cybercrime attacks and fraud.

Smells like Cybersquatting? How the UDRP “Smell Test” Can Go Awry

The UDRP has the form of a substantive Policy, but it operates as a "smell test".1 If the evidence smells bad, the panel will likely order a transfer. If it doesn't, the panel won't. An aim of this article is to help improve UDRP panels' sense of smell when it comes to differentiating between domain name investors and cybersquatters. I will provide some insight into the business of domain name investing that I hope will be helpful to UDRP panelists in making more accurate inferences in disputes involving investors.

Turning the Tide of Online Scams: Interview With Prof. Jorij Abraham, Global Anti-Scam Alliance

Professor Jorij Abraham has been a part of the international eCommerce community since 1997. From 2013 -- 2017, he has been Director of Research & Advise at Thuiswinkel.org (the Dutch Ecommerce Association) and the European Ecommerce Association with 25.000+ members in 20 countries. He is now Managing Director of Global Anti-Scam Alliance, whose mission is to protect consumers from getting scammed. He is also e-commerce professor at the University of Applied Sciences, TIO.