Registering a domain used to be more straightforward. There is more to consider than just registering your company or product domain name, especially in igaming and affiliate publishing.
Cybercriminals are using techniques like website spoofing through typosquatting and lookalike URLs. But these brand impersonation attacks often don’t attack a company’s owned infrastructure, making them difficult to detect using traditional security tools. But brand spoofing steals your customers’ trust, money, and personally identifiable information.
In typosquatting, domains are registered with deliberately misspelled names of well-known websites to lure visitors to alternate websites based on your brand, for example, gooogle.com instead of google.com. Fake domain registrations are meant to leverage the brand’s trust and can lead to an IP infringement which can cause revenue loss, traffic diversion, and a diminished brand reputation.
This can be as simple as adding an extra letter in the domain. In 2020, someone registered the domain Goggle.com, leading to a website with fake news about the 2020 US election. But there are endless domain spoofing tactics and permutations being used today, such as fuzzy matches like cscglobal.com and cscgl0bal.com, where Latin-character substitutions are used, and cousin domains like cscglobal.jp or cscglobal.es.
In the case of the German shoemaker Birkenstock, the company filed a claim in 2021 against a Chinese registrant on their registration of four .cc domain names, which were identical or confusingly similar to their trademark. In the end, the panel ruled there was an element of bad faith by the Chinese registrant and ordered the domain names transferred to Birkenstock.
Alexander Kucherenko, business development manager at Okens.domains, says that companies should monitor their own domains and their entire domain ecosystem. “Knowledge is power, and this translates into understanding the types of domains that are being registered and understanding where the gaps are in your domain strategy,” said Kucherenko.
Today, with companies and brands owning multiple brands with hundreds or even thousands of domains within their portfolios, the best practice is a strategic understanding of the gaps in your domain strategy coupled with a proactive rapid detection and deactivation strategy to manage the threat of domains imitating brands.
Three easy steps to protect your brand.
- Set up brand domain monitoring – Create an ongoing domain monitoring program for threats outside your domain portfolio. This will help you see the bigger picture as you learn to spot the risks before they become an issue for your brand and business.
- Get a domain gap analysis – Understand where your threats are with your domain and your domain portfolio. This will help you create a strategy to reduce risk to your brand, manage your tactical domain names and protect your online identity and assets.
- Find a partner – Find a domain partner specializing in gap analysis and domain protection. They will be able to help you monitor your domain globally and provide advice on the best strategy to protect your digital territory.