In previous posts in this series, I've discussed a number of applications of cryptography to the DNS, many of them related to the Domain Name System Security Extensions (DNSSEC). In this final blog post, I'll turn attention to another application that may appear at first to be the most natural, though as it turns out, may not always be the most necessary: DNS encryption. (I've also written about DNS encryption as well as minimization in a separate post on DNS information protection.) more
I recently shared at a conference how a seasoned brand and fraud expert from one of the world's largest global financial institutions lamented a major attack where multiple fraudulent websites would pop up every single day. All attacks were launched from the same registrar and web hosting company, and no matter how much they reached out to these providers, they received the same reply: "we will pass on your request to the registrant or site owner," and then nothing happened. more
2020 - a year like no other. The impact of COVID on the domain name industry was felt far and wide as ICANN meetings were held virtually, travel was cancelled, TLD launches were delayed, the topic of domain name abuse was front and center, and we all tried to navigate a "new" normal. Unlike many sectors, the domain name industry was fortunate and, in many ways, survived 2020 unscathed. Much of our industry was able to continue working from home after an initial period of adjustment. more
With the COVID-19 pandemic persisting, online shopping will be the preferred method for the 2020 holiday shopping season. While staying home to shop is the safest option right now, it means consumers are more vulnerable to online fraud, counterfeits, and cyber crime. Increased online activity provides opportunities for unscrupulous infringers to abuse trusted brand names to drive visitors to their own fraudulent content. more
Speculation in one form of another has an ancient and honorable history. It not only creates entrepreneurial activity but fuels markets for selling wares and offering services, but also generates competition for consumers and wars over loyalty. The commercialization of the Internet in the 1990s, which extended market activity into virtual (cyber) space, has many of the virtues of the actual but also its vices: cheating and fraud, and other skullduggery. more
The Silent Librarian advanced persistent threat (APT) actors have been detected once again, as the academic year started in September. With online classes increasingly becoming the norm, the group's phishing campaigns that aim to steal research data and intellectual property could have a high success rate. Dozens of phishing domain names have been reported, although some may have already been taken down. more
In the first article in this two-part series, we looked at the impact of brand abuse and infringements against intellectual property (IP) on an organization's brand value. In this second article, we delve into how action against enforceable infringements can deliver tangible return on investment (ROI) for a brand, and demonstrate the importance of a robust brand protection program. more
In this two-part blog series, we take a closer look at brand abuse and intellectual property (IP) infringements. In this first article, we explore the components making up a company's IP and how online content can affect a brand's value, both actual and perceived... The IP held by an organization -- i.e., the portfolio of brands, trademarks, and other intangible assets that provide it with its distinctiveness, and protect it from unfair competition in the marketplace... more
The risks of fraud and disinformation in the U.S. election process have been hiding in plain sight. CSC's new research finds that a large majority of web domains closely linked to the campaign websites for Joe Biden and Donald Trump lack basic domain security protocols and are prone to domain spoofing tactics. This makes them a potential target for hackers looking to spread disinformation ahead of the election, and criminals who want to take advantage of voter intentions... more
No one will disagree that disputes before arbitral tribunals and courts should be determined on the merits. I have noticed that some Panels appointed under the Uniform Domain Name Dispute Resolution Policy (UDRP) have employed the words "objective" and "objectively" in their recent decisions. In pondering these linguistic choices, it seems to me that there are two possible reasons for their use; the first is more acceptable than the second. more
The Anticybersquatting Consumer Protection Act (ACPA) creates two distinct avenues by which mark owners may seek a remedy for cybersquatting. A person who is a suitable defendant under 15 U.S.C. ยง1125(d)(1)(A) is one over whom the court has in personam jurisdiction. However, if the mark owner is "not able to obtain in personam jurisdiction over a person who would have been a defendant" in the ACPA action, then "[t]he owner may file an in rem civil action against a domain name in... more
As the steward of .ORG, Public Interest Registry is committed to serving as an "exemplary registry" for the DNS. As part of that mission, PIR published our Anti-Abuse Principles last year that serve as our north star to address questions of abuse. As PIR has stated on many occasions, generally speaking, the DNS is not the appropriate place to address questions of website content abuse because of the blunt tool we as a registry have and the collateral damage that can be caused by suspending a domain name for a piece of content. more
The .AU Domain Administration (auDA) will soon implement new .AU domain administration licensing rules either late this year or early next year. These rules apply to new registrations and around 3 million existing domain names in the com.au, net.au, org.au, and more .AU namespaces... Previously, an Australian trademark application or registration may constitute the required Australian presence for an .AU domain name, but the domain name need not match the trademark. more
I have returned to the subject of the title on a number of occasions and it is worth revisiting. Like judicial proceedings, the substance of disputes under the Uniform Domain Name Dispute Resolution Policy (UDRP) and Panel determinations are publicly available. The Internet Corporation for Assigned Names and Numbers (ICANN) mandates in its Rules that all decisions must be delivered to the parties within "three business days" of their receipt of the decision and posted on providers' websites. more
Apple announced its decision to trust only one-year digital certificates on its Safari browser in February 2020. This decision created a domino effect, with Mozilla and Google following suit; certificate providers announced they would not issue two-year certificates after Aug. 19, 2020. We wrote an article in March to help brands to prepare for this change. more
A World-Renowned Source for Internet Developments. Serving Since 2002.