Threat Intelligence Blog

 

dot-sucks

Author: Camille Stewart

The launch of the .SUCKS top-level domain name (gTLD) has reignited and heightened concerns about protecting brands and trademarks from cybersquatters and malicious actors. This new extension, along with more than a thousand others, has been approved by the Internet Corporation for Assigned Names and Numbers (ICANN) as part of their new gTLD program. The program was designed to spark competition and innovation by opening up the market to additional gTLDs.

Not surprisingly, though, complaints are emerging that unscrupulous operators are using .SUCKS to extort money from companies by threatening to use it to create websites that could damage their brands. ICANN is now reportedly asking the Federal Trade Commission (FTC) and Canada’s Office of Consumer Affairs to weigh in on potential abuses so it can address them. Recently, Congress weighed in on the issue, holding a hearing about. SUCKS and other controversial domains like .PORN .

Vox Populi Registry Ltd. began accepting registrations for .SUCKS domains on March 30 from trademark holders and celebrities before it opened to public applicants. It recommended charging $2,499 a year for each domain name registration, and according to Vox Populi CEO John Berard, resellers are selling most of the names for around $2,000 a year. Berard asserts that the extension is meant to create destinations for companies to interact with their critics, and called his company’s business “well within the lines of ICANN rules and the law.”

Other New gTLDs Pose Potential Risk
A final determination of whether or not this gTLD violates US and/or Canadian law, as asserted by the advisory body called the Intellectual Property Constituency representing major companies and industry groups, remains to be determined. However, this is not the only new extension that has the potential to cause harm to brands. In this first round of applications, nearly 1,400 new gTLDs were approved to be delegated over the next few years, including: COMPANY, .EDUCATION, .GURU, .HOSPITAL, .INC, .INVESTMENTS, .ENERGY, .TECH, .CONSULTING, .NEWS, .BANK, .SCIENCE, .PORN, .FINANCIAL and .WEBSITE.

Some of these will be closed and regulated, but others will offer domainDomain: A specified location where a set of activity or knowledge exists. For instance, an Internet domain is synonymous with a website address or URL where information can be made available. LookingGlass Cyber (n) - A fancy name for a URL or website. names for registration just like traditional gTLDs. Malicious actors will be able to register domain names featuring brands or variations of brand names and use them for phishingPhishing: The use of emails that appear to be from a legitimate, trusted source that are enticed to trick recipients into entering valid credentials including personal information such as passwords or credit card numbers into a fake platform or service. LookingGlass Cyber (n) - tailoring an attack (such as email) to garner trust and credentials that are then used maliciously. The preverbal digital version of the ol' hook and bait. attacks, scams and fraud, all with the potential for creating consumer confusion and reputational damage.

This is not a passing threat, as ICANN plans to open more application rounds for additional new gTLDs. It is important for companies to be aware of this exponential growth in the domain name space, and make sure their domain name strategy evolves to address this change.

Proactive registrations are no longer a realistic means of protecting your brand. There are far too many new gTLDs launching for most companies to register all their brands. However, companies should still employ proactive registrations as a tactic for industry-relevant or otherwise popular new gTLDs that do not have closed registration rules. For example, financial services companies should consider proactive registrations in new gTLDs such as .INVESTMENTS, .FINANCIAL, etc. While some new gTLDs like .BANK and .INSURANCE are highly restricted, and eligibility requirements only allow for legitimate industry relevant registrations, others will be available to almost anyone to register, which may mean lengthy and frequent appeals to protest registrations that infringe on your brand. Staying on top of this and registering new gTLDs that have the potential to cause consumer confusion is important.

Domain Name Alerting Tools
An important tool that provides a more targeted approach is to employ a domain name registration alerting service. Domain name registration alerting services monitor domain name registrations across multiple extensions, including new gTLDs. These services allow you to review and make real-time decisions on how to address brand infringement. The most beneficial services report not only registrations with an exact match of your trademarks, but also include common misspellings of your trademark used with other terms. Customization is key. The ability to adjust the configurations and filtering criteria based on your business needs is important, as the landscape and business priorities are always changing.

Summary
The expanding domain name landscape will continue to make brand infringement a security and branding concern. Companies should keep abreast of these changes, and develop a strategy to keep up with the daily launch of new domains and the subsequent registrations. A domain name registration alerting service provides a proactive approach to protecting your company’s intellectual property from cybersquatters, fraudsters and other malicious actors seeking to capitalize on the goodwill of your company name.

Contact us for more information on our domain name monitoring solutions and other services for brand and legal professionals.

Additional Posts

OpiaTalk’s Popomaronis, Lookingglass win TEDCO ICE awards

With a host of Maryland tech scene players gathered at the Columbia Town Center Hotel, TEDCO CEO ...

LookingGlass Weekly Cyber Security Trends Report: May 19, 2015

  Welcome to the Cyveillance Weekly Cyber Security Trends Report Since threat intelligence is ...