Tag Archives: MarkMonitor Inc.

About 1999 days ago Tools on Managing Technology

Fight the Faux: Battling Cybersquatting

our beautiful site

It’s not only the McDonalds and Coca-Colas of the business world that have to fight to protect their Internet addresses from cyber criminals who will try to ride on a brand’s coattails and pick up business from unsuspecting, potential customers who type in the wrong URL. Back in 1994, one of the earliest so-called “cybersquatters” was a journalist, former Newsday writer Joshua Quittner, who successfully registered “mcdonalds.com” in the rules for registering brand names changed. Quittner ended up selling the brand to the fast food giant, and donated the money to charity. But other cybersquatters have looked to simply cash in. In the years since, however, small and mid-sized businesses have increasingly had to take legal action to protect their business domain names. Earlier this year, GoDaddy.com, a mid-sized Internet firm based in Conroe, Texas, won an arbitration proceeding from the World Intellectual Property Organization (WIPO) and won the transfer of 10 different domain names — godaddyebay.com, godaddythis.com, and godaddythat.com among them – registered by Clark Signs, of Mableton, Ga., and Graham Clark of Del Mar, Calif. A bigger issue for small business The number of complaints about Internet domain names brought to WIPO, an international body based in Geneva that has become one of the leading dispute resolution centers for Internet names, has been steadily rising – from 1 case in 1999 to more than 1,900 this year so far. Among them are a growing number of small and mid-sized firms that realize someone else may be trying to siphon off their business by registering similar domains in the popular dot-com top-level domain. For business purposes, dot-com has become the gold standard for how to find a business online. “It’s probably more of an issue for small businesses,” says John Berryhill, a Media, Pa. attorney who does a brisk business in protecting domain names from cybersquatters for client. If you’re an Internet user and you can’t find Coca-Cola on the Internet, you know to go to a search engine and try some combination of the soft drink giant’s name. “But if you are a smaller, less well-known business and somebody has usurped your business name as a domain name,” Berryhill says. “You’re not even going to get a toehold on being found.” Large companies are primarily concerned with people chipping away at their good will by registering similar names or slight variations of spelling. But they’re not in any serious jeopardy of disappearing from the Internet, Berryhill says. For a smaller business, if some one else has got your domain name, then potential customers may not be able to find your outpost online. Fighting the cybersquatters Some cybersquatters — or their brethren, “brandjackers,” who register variations of famous brands – are simply looking to make money off of business they can pull away from more well-known firms or figure that the business ultimately may offer to pay them for the domain name. “From a financial perspective, it is to take money off of Web visitors who were really looking for the famous brand holder,” said Ari Master, COO of CitizenHawk, a company specifically focused on identifying and eliminating cybersquatters. “Cybersquatters register hundreds, if not thousands, of misspelled domains based on every well-known company’s trademarks,” said Master. “At this level, it is totally impractical and cost prohibitive to shut down these rogue sites through manual methodologies.” The deceptive websites are often used as landing pages for spam offers or in phishing attacks. These cybersquatting website may even try to take a consumer’s credit card information with the intention of stealing that person’s identity. Cybersquatting offenses were up 19 percent in the first three quarters of 2007 over the same period in the previous year. That’s according to the “BrandJacking Autumn 2007″ report released by MarkMonitor. Between the second and third quarters the rate increased by 10 percent alone, rising from 286,801 occurrences in Q1 to 342,512 at the end of Q3.  “Brand abusers take a shotgun approach — trying to get to as large an audience as possible,” said Andrew Horton, director of product management at MarkMonitor. He said very often the larger the brand, the larger the target. Howeve,r “for some industries a popular brand is not a function of company size.” Preventing domain confusion Any brand can fall prey to cybersquatting and other forms of brandjacking. It’s prudent to safeguard your brand in advance of such attacks. “The best defense is to put together a brand protection strategy for your company,” said Horton. “The first step is to prevent abuse from occurring by registering domains defensively. If you’re doing business overseas, make sure you register your most valuable domains and brands in the countries in which you are doing business. “You may want to register popular variants like ‘acmecustomerserivce.com’ or acmeproducts.com,” Horton advises. “Use your Web logs and Web analytics to help you identify the most popular terms that your customers are using online to find you and consider registering those terms to protect your traffic from brandjackers.” CitizenHawk’s Master suggests going so far as to think like cybersquatters. “I would highly recommend taking a proactive approach to protect against cybersquatters,” he said. “This includes purchasing the cloud of sites that surround the branded terms — the most likely misspellings — as well as derivations of the branded term — like ‘newbrandsucks.com.” The company has a tool on its website where domain and brand owners can see some of the top misspellings and alternate domains just to get things started. “While there will be no way to get all of them up-front, taking a strategic brand management approach from the beginning will stop a lot of future attacks,” says Master. Call for help in fighting brandjacking Google and other companies that operate sponsored links networks have rules against trademark abuse and can be helpful. While they can’t monitor the sponsored links bided on through their system, they will take down any that infringe on trademarks, once notified. The use of logos and other copyrighted materials is also a problem. Watermarking images, and having computer programs crawl the Web and detect such violations can go a long way toward protecting your brand. Another simple measure Horton recommends is to use notification services like Google Alerts to see how your name is being used. This is often referred to as a vanity search, and through most notification services it’s free, and effective. Plus sometimes you learn of the good ways people are talking about your brand.

About 1999 days ago Setting Up a Website

Fight the Faux: Battling Cybersquatting

our beautiful site

It’s not only the McDonalds and Coca-Colas of the business world that have to fight to protect their Internet addresses from cyber criminals who will try to ride on a brand’s coattails and pick up business from unsuspecting, potential customers who type in the wrong URL. Back in 1994, one of the earliest so-called “cybersquatters” was a journalist, former Newsday writer Joshua Quittner, who successfully registered “mcdonalds.com” in the rules for registering brand names changed. Quittner ended up selling the brand to the fast food giant, and donated the money to charity. But other cybersquatters have looked to simply cash in. In the years since, however, small and mid-sized businesses have increasingly had to take legal action to protect their business domain names. Earlier this year, GoDaddy.com, a mid-sized Internet firm based in Conroe, Texas, won an arbitration proceeding from the World Intellectual Property Organization (WIPO) and won the transfer of 10 different domain names — godaddyebay.com, godaddythis.com, and godaddythat.com among them – registered by Clark Signs, of Mableton, Ga., and Graham Clark of Del Mar, Calif. A bigger issue for small business The number of complaints about Internet domain names brought to WIPO, an international body based in Geneva that has become one of the leading dispute resolution centers for Internet names, has been steadily rising – from 1 case in 1999 to more than 1,900 this year so far. Among them are a growing number of small and mid-sized firms that realize someone else may be trying to siphon off their business by registering similar domains in the popular dot-com top-level domain. For business purposes, dot-com has become the gold standard for how to find a business online. “It’s probably more of an issue for small businesses,” says John Berryhill, a Media, Pa. attorney who does a brisk business in protecting domain names from cybersquatters for client. If you’re an Internet user and you can’t find Coca-Cola on the Internet, you know to go to a search engine and try some combination of the soft drink giant’s name. “But if you are a smaller, less well-known business and somebody has usurped your business name as a domain name,” Berryhill says. “You’re not even going to get a toehold on being found.” Large companies are primarily concerned with people chipping away at their good will by registering similar names or slight variations of spelling. But they’re not in any serious jeopardy of disappearing from the Internet, Berryhill says. For a smaller business, if some one else has got your domain name, then potential customers may not be able to find your outpost online. Fighting the cybersquatters Some cybersquatters — or their brethren, “brandjackers,” who register variations of famous brands – are simply looking to make money off of business they can pull away from more well-known firms or figure that the business ultimately may offer to pay them for the domain name. “From a financial perspective, it is to take money off of Web visitors who were really looking for the famous brand holder,” said Ari Master, COO of CitizenHawk, a company specifically focused on identifying and eliminating cybersquatters. “Cybersquatters register hundreds, if not thousands, of misspelled domains based on every well-known company’s trademarks,” said Master. “At this level, it is totally impractical and cost prohibitive to shut down these rogue sites through manual methodologies.” The deceptive websites are often used as landing pages for spam offers or in phishing attacks. These cybersquatting website may even try to take a consumer’s credit card information with the intention of stealing that person’s identity. Cybersquatting offenses were up 19 percent in the first three quarters of 2007 over the same period in the previous year. That’s according to the “BrandJacking Autumn 2007″ report released by MarkMonitor. Between the second and third quarters the rate increased by 10 percent alone, rising from 286,801 occurrences in Q1 to 342,512 at the end of Q3.  “Brand abusers take a shotgun approach — trying to get to as large an audience as possible,” said Andrew Horton, director of product management at MarkMonitor. He said very often the larger the brand, the larger the target. Howeve,r “for some industries a popular brand is not a function of company size.” Preventing domain confusion Any brand can fall prey to cybersquatting and other forms of brandjacking. It’s prudent to safeguard your brand in advance of such attacks. “The best defense is to put together a brand protection strategy for your company,” said Horton. “The first step is to prevent abuse from occurring by registering domains defensively. If you’re doing business overseas, make sure you register your most valuable domains and brands in the countries in which you are doing business. “You may want to register popular variants like ‘acmecustomerserivce.com’ or acmeproducts.com,” Horton advises. “Use your Web logs and Web analytics to help you identify the most popular terms that your customers are using online to find you and consider registering those terms to protect your traffic from brandjackers.” CitizenHawk’s Master suggests going so far as to think like cybersquatters. “I would highly recommend taking a proactive approach to protect against cybersquatters,” he said. “This includes purchasing the cloud of sites that surround the branded terms — the most likely misspellings — as well as derivations of the branded term — like ‘newbrandsucks.com.” The company has a tool on its website where domain and brand owners can see some of the top misspellings and alternate domains just to get things started. “While there will be no way to get all of them up-front, taking a strategic brand management approach from the beginning will stop a lot of future attacks,” says Master. Call for help in fighting brandjacking Google and other companies that operate sponsored links networks have rules against trademark abuse and can be helpful. While they can’t monitor the sponsored links bided on through their system, they will take down any that infringe on trademarks, once notified. The use of logos and other copyrighted materials is also a problem. Watermarking images, and having computer programs crawl the Web and detect such violations can go a long way toward protecting your brand. Another simple measure Horton recommends is to use notification services like Google Alerts to see how your name is being used. This is often referred to as a vanity search, and through most notification services it’s free, and effective. Plus sometimes you learn of the good ways people are talking about your brand.

About 2274 days ago Computer Security

Protect Your Business from Phishing

The latest news about “phishing” is not good for small and mid-size businesses. Phishers – people who send fraudulent emails and try to lure unsuspecting recipients into revealing confidential information on a phony website — are no longer impersonating only big commercial banks. They’ve started using the names of smaller companies, too. Phishing is a nightmare not just for the consumer recipients — who have doubled in number since 2004, according to a recent Gartner Inc. report — but also for the businesses whose brand names are being misused. When customers receive a phishing email that purports to be from your company, the company’s good name gets tarnished. That’s not exactly a good way to brand a growing business. And there is always the risk that your company could be sued. Phishing, unfortunately, isn’t going away anytime soon although it is changing in nature. Gartner found that phishing emails are impersonating banks less often and other types of companies more often. Many of those other brands are also big companies like eBay and PayPal, or financial firms, such as mid-size banks, but the threat to more types of businesses is growing. The good news, according to Gartner analyst Avivah Litan, is typically “really small businesses aren’t attacked because criminals don’t know about them.” However, any brand can be at risk. Here’s what you should know to protect your small business: Be the master of your domain Know the domain names that your company has registered and proactively register variations of those names. This way, if phishers try to set up a website imitating your business, the obvious variations on that name are already spoken for and hopefully customers are less likely to be fooled. The best defense, the cliché goes, is a good offense. Eyes wide open Continuously monitor the Internet for suspicious new domain registrations and changes to existing domain registrations, says Todd Bransford, vice president of marketing at online monitoring company Cyveillance, of Arlington, Va. “Early detection of a registration of a domain that’s similar to your organization’s domain could allow you to minimize or even prevent a phishing attack.” If you would rather farm out the monitoring of domain registrations, there are online fraud prevention companies, like Cyveillance and other one called MarkMonitor, that can do this for you. The rates for monitoring companies are typically run upwards of thousands of dollars per month. Teach your clients Educate your customers, suggests Bransford. That means let your customers know how you plan to contact them – via mail, telephone, or email. “Post a clear policy on your site, in plain English describing how you will contact them,” says Frederick Felman, chief marketing officer of MarkMonitor, a San Francisco firm. Felman says also specify “what type of info you will ask for…. and what you will NEVER ask for,” such as passwords. Remind your customers to use the anti-phishing features in some Web browsers, as well. Browse well Alert browser companies and email providers about those fraudulent URLs used by phishers so that each URL you identify is blocked at the browser or when the email is sent, advises Felman. Internet Explporer 7.0 and Firefox 2 do a great job of blocking phishing sites. Litan cautions, however, that this solution is not a cure all. Deter this Have a strong authentication, anti-phishing message prominently displayed on your website, Bransford says. This should include a mechanism for reporting suspicious emails or suspected phishing attacks such as a special inbox (i.e.phishing@yourdomain.com ). Customers are on the front line of these attacks and can be the first to alert you that your business has been targeted. Take that extra step Felman suggests including electronic signatures with your emails so that email providers know when an email sent by your company is really sent from you. Disaster preparedness Have a plan in place in the event your company becomes a victim of phishers. Remember to take care of your customers. Provide those who believe they have become victim information on what to do, such as contacting the major credit bureaus. You might also want to provide them with free credit reports for a certain time period, as a gesture of good will. Remember to alert other customers — put a notice on your website at a minimum and perhaps also contact them by mail – to alert them about the potential fraud. Contact authorities and report the crime immediately. Also contact the Anti-Phishing Work Group. Have a plan in place to notify website owners and Internet Service Providers to get phishing sites taken down, says Felman. Gather the numbers in advance. Just like with stolen credit cards, it can be a real hassle to deal with looking for numbers in the middle of a crisis. If that doesn’t work, monitoring companies can take care of all of this quickly for you, if you hire them after an attack. Cyveillance’s Bransford also suggests having a public relations strategy ready, too, to minimize the damage. The bad news is that there’s nothing a small business can do to provide 100 percent protection from getting hit. If even big companies like PayPal aren’t able to stop it, cautions Gartner’s Litan, that doesn’t bode well for smaller businesses.