Threat Intelligence Blog

Posted September 3, 2015


With the launch of hundreds of new generic top-level domain names (gTLDs), the risk of infringement, bitsquatting, and other threats to your company’s domain security have dramatically increased. Brand and security professionals need to get ahead of these threats, but many, especially those working in smaller organizations, don’t know how. Here are some ways to proactively prevent these issues:

Register Your Trademark

Make sure that your company has secured national and international trademarks, or other rights, for the brand name, company name, etc. you are looking to protect. Ensure that corporate domain names are not registered under an individual employee’s name to prevent problems managing it if they leave your company. Additionally, the International Corporation for Assigned Names and Numbers (ICANN) created a Trademark Clearing House (TMCH) for trademark owners to register their marks in new gTLDs before they launch.

Consistency is Key

All of your corporate sites and social media accounts should have the same branding, along with information on how to contact your company and your privacy policy. This helps prevent customers from confusing fraudulent and unauthorized sites with legitimate ones.

Build Your Domain Name Portfolio

Proactively register your brands in the appropriate domain name extensions, whether they represent your company, product, or future products. New gTLDs have the potential to cause consumer confusion. For example, if you are in the financial services industry, .bank, .financial or .accounting should be on your list of domain name extensions to consider registering. Additionally, gTLDs like “.SUCKS,” “.WTF,” and “.PORN” have sparked strong reactions with brands and should be considered for proactive registration.

Domain Name Registration Monitoring

The release of more than 1,400 new gTLDs makes it unrealistic for companies to register all of the new extensions. However, organizations should still be aware of when new gTLDs related to their industry launch, so they can monitor for potentially infringing registrations.

While the above are all ways to stay ahead of potential threats and enhance your domain security, what do you do if someone has already registered your brand in a domain name? Here are a few tips on how to get your domain name back:

Research the Infringer

Every registered domain name has information on the registrant called WHOIS. Through this information, you can find out who has registered the domain name, where they are located, and whether they have a legitimate right or interest in the name. The only time you will not be able to access WHOIS data is when it is made private by the registrant. In cases like this, the privacy company will pass your communications to the registrant, and the host may intercede if the content violates terms of service.

Take Action

Send a cease and desist letter, file a Uniform Domain Name Dispute Resolution Policy[1] (UDRP) or Uniform Rapid Suspension (URS)[2] compliant, file a trademark infringement lawsuit, or file a cybersquatting lawsuit (ACPA). The best strategy usually encompasses multiple means. Company stakeholders must decide at which point to escalate to the next step. If the domain name registrant is unresponsive, contact the registrar and see if they have a mechanism to assist in site turnover. If you decide to bring a lawsuit, think about additional costs, such as hiring an attorney and whether the court will have jurisdiction over a foreign registry.

In instances where you do not have rights to a domain name, or the domain name registrant has a legitimate interesting name, you can still try to obtain it or use it. You can attempt to secure the rights to the domain name from the current registrant by contacting him or her, bidding on the domain name when it comes up for renewal at the registrar, or using a third party that specializes in such services..

Whether you already have a robust domain name portfolio or are just getting started, monitoring and response services can help preserve your brand and reputation, and prevent the use of your domain name in phishing scams, fraud, and brand dilution. A reputable response service provider will leverage international relationships and industry expertise to expedite content removal or site takedown, ultimately helping you reduce in-house resources required and costs such as legal fees.

Contact us for more information on our domain name monitoring solutions and other services for brand and legal professionals.

You May Also Be Interested In…


Additional Posts

Cyveillance Weekly Threat Intelligence Brief – September 9, 2015

We publish this weekly threat intelligence brief keep you informed on the latest security ...

Cyveillance Weekly Threat Intelligence Brief – September 1, 2015

We publish this weekly threat intelligence brief keep you informed on the latest security ...