August 26, 2010 – 12:36 pm by Mike Monzon
Designers and trade experts have noticed a rise in the counterfeiting of non-luxury brands according to a recent article titled, “Economic Indicator: Even Cheaper Knockoffs.” The article indicates that non-luxury and lesser targeted brands are being heavily counterfeited alongside Gucci, Prada and Louis Vuitton.
It should not come as a big surprise that counterfeiters have expanded their focus beyond luxury brands. Counterfeiters are shrewd business people and clever marketers and have a good pulse on what is happening within the marketplace and inside the heads of their potential buyers. These fraudsters have already demonstrated that they have mastered the art of distributing and promoting their goods via online channels such as paid search. Now, they have also proven that they are insightful and agile enough to respond to a tough economic market and appeal to an evolved, cost-conscious buyer.
Brand owners beware. Whether you sell luxury or not, you are probably not immune to the growing counterfeiting problem. The supply of knockoffs is virtually infinite as today’s counterfeiters have proven that they can easily and effectively replicate just about anything. Therefore, as a brand owner, in addition to building programs that attempt to reduce the supply of counterfeit goods, it is just as critical to supplement that program by implementing automated mechanisms to patrol and interrupt the online promotion and distribution of those counterfeit goods as well.
Tags: Brandjacking, counterfeits
August 23, 2010 – 5:29 pm by Teresa Chen
BJ Fogg, Director of Persuasive Technology Lab at Stanford University, recently gave a keynote session at last week’s Search Engine Strategies (SES) conference in San Francisco called “Hot Triggers: The Power to Change Behavior”. Recognized for his studies between the relationship of persuasion and technology, Fogg focused the discussion around his mantra,”Putting hot triggers in the path of motivated people”. Defining a hot trigger as something one can take immediate action on, this concept easily translates to the world of online marketing tactics such as “Click this link, hit this button, or enter your information here.” The trigger is characterized as hot because you can take this action now, versus cold triggers, which are calls to actions you can’t act upon immediately.
Fogg’s discussion struck accord with me as I thought about various hot triggers that are put in front of me each day. Case in point: When Facebook sends me emails stating I’ve been tagged in a photo, I usually immediately logon to check it out, and I end up spending more time than planned on the social networking site. In other words, I’ve been triggered. So, how does this all relate to brand protection? The concept of tying social sciences to marketing is nothing new as brand owners spend a lot of time, money, and resources to drive customers to their brands. But what about the bad guys? Don’t scammers do the same thing?
Let’s take the example of counterfeiters. These scammers know that low prices motivate people and use heavily discounted prices as their “hot trigger” to manipulate user behavior. (Yes, humans are fairly predictable) With that in mind, they propagate this to all forms of their scamming strategies. For example, just as legitimate marketers do, online scammers invest in paid search but do so by deceitfully leveraging brands in a paid search text ad or keyword buy. Think, how many times have you clicked on an online ad that touted authentic luxury bags at unbelievably low prices but instead of a great deal, you were presented with a counterfeit. Counterfeiters also use the psychology of persuasion to produce a desired outcome, which is to intercept traffic that is searching for a legitimate brand and lead consumers to counterfeit goods.
Technology is always changing, but human psychology remains the same. Just like brand owners and marketing professionals, scammers also study psychology in tandem with technology to recognize how to achieve results in the most effective way. Understanding hot triggers from a scammer’s perspective is important as it allows us to see what types of deceptive online marketing techniques are being used, so we can quickly identify online brand abuse. They often use “hot triggers” to divert customers away from legitimate websites, stealing your traffic and potential revenue. So, how about it? Do you have your finger on the hot trigger when it comes to tracking down scammers who abuse your brands?
Tags: Counterfeit, online advertising, Paid Search, paid search scams
August 19, 2010 – 11:49 am by Elisa Cooper
As a result of ICANN’s IDN ccTLD Fast Track process, which was launched in November of last year, a number of new ccIDNs (Country Code Internationalized Domain Names) have been successfully added to the root including: China (.中国, .中國), Egypt (.مصر), Hong Kong (.香港 ), Russia (.рф), Saudi Arabia (.السعودية), Taiwan (.台湾, .台灣) and the UAE (.امارات).
And earlier this month, five additional countries / territories were approved by the ICANN Board including: Sri Lanka (.இலங்கை), Thailand (.ไทย), Palestinian Territory (.فلسطين), Tunisia (.تونس) and Jordan (.الاردن).
With so many new registration possibilities available, and several Sunrise periods quickly approaching, many corporate domain managers are asking themselves whether new registrations should be added to portfolios which are already bursting at the seams.
For the most part, the answer is – it depends.
Some brands are never translated, transliterated or transcribed into other languages and always appear using Latin script. In those instances, registering ccIDNs to protect brands may not make sense at all.
However, reviewing non-Latin trademark portfolios is an important step in determining which ccIDNs should be registered. This can provide a definitive list of names for registration and offers a good starting point.
In addition to researching trademark registrations, reaching out to regional marketing groups can also provide valuable information about where and how brands are actively marketed. Information obtained may be of critical importance in deciding whether a new registration is really necessary.
Regional marketing groups may also be able to assist in identifying generic terms that should be registered along with the brand. I recently heard of a domainer who was very excited because he had registered ‘World Cup’ using a non-Latin script. Unfortunately, only later did he find out that what he actually registered was ‘World Glass’ which did not have the same meaning at all.
Clearly with this ever-expanding namespace, the opportunities for cybersquatting are increasing. However, registering every variation is impractical – so employing a brand protection approach to monitoring and taking action becomes more important that ever.
Tags: ccTLD, domain management, icann, IDN
August 18, 2010 – 5:08 pm by Mike Monzon
File-hosting companies are the latest class of online service providers to successfully dodge copyright infringement claims. Like online marketplace and search engine providers, cyberlockers have also triumphed in lawsuits filed against them because they were protected by the Digital Millennium Copyright Act (DMCA) safe harbor.
A recent example involved a lawsuit filed against a popular online file-hosting service provider, Scribd, for copying and inserting copyrighted work into an internal filtering system. Ironically, this filtering system was in place to help the cyberlocker detect copyright infringement on their site. The suit, filed by an author, maintained that the act of filtering her copyrighted material was a form of copyright infringement and that Scribd failed to stop illegal downloads of her book. This closely watched lawsuit was eventually dropped.
Scribd lawyers asserted that the DMCA provided safe-harbor protection and also stated, “They didn’t realize that Scribd had a very strong protection under the law.” The quote appears to ring true and is in line with the outcome of two similar cases decided in the U.S. earlier this year. The first case included another popular online file sharing provider RapidShare vs. media company, Perfect 10. The second was a highly visible case involving YouTube vs. entertainment giant, Viacom. In both cases, the online service provider prevailed.
The message is clear. The DMCA continues to protect the online service provider provided the online service provider takes down copyrighted material once notified. The burden remains on the copyright owner to police the Internet to detect cases of infringement online.
Tags: copyright, DMCA, Piracy
August 9, 2010 – 8:59 pm by Teresa Chen
Google recently announced that starting September 14, 2010, it will begin to allow advertisers in most European countries to use competitors’ trademarks when bidding for online ads. This shift in European policy doesn’t come as a complete surprise as the European Court of Justice (ECJ) sided with Google in the LVMH trademark case earlier this year. The judgment found Google and other search engines not liable for trademark infringement when advertisers purchase a keyword based on competitors’ trademarks so long as it removes infringing ads promptly when notified.
So what are the implications for brand owners? Simply put, any third party (including competitors) bidding for trademarked keywords is now allowed in these European countries. Google states that the change in policy actually aligns with current policies in the U.S., Britain, Canada and 200 other countries, and will help both users and advertisers “improve the usefulness of text ads,” making ads more specific and relevant for users.
Let’s be clear though; not all is lost for brand owners as there is still much that can be done. Google will continue to remove infringing ads, taking action upon counterfeit situations, ads or landing pages that contain copyrighted material, or ads that contain text that confuse users as to the origin of the advertised goods and services. Google will also remove any unauthorized use of trademarks in the ad text in these countries if requested by the brand owner. Finally, brand owners always have the option of contacting the advertiser directly to remediate any abusive advertising practices.
The fight against trademark infringement still comes down to this – brand owners can and should still continue to enforce on their brands since the onus is on the brand owner to police this kind of activity.
With Google’s plans to relax its European AdWords policy, brand owners need to be that much more proactive in order to defend their rights and protect their brands.
* Policies may vary depending on region. Google recently updated its ad text policy for Canada, UK and Ireland to state that trademarks are now allowed in the ad text.
Tags: keywords, online advertising, Paid Search, trademark infringement
July 22, 2010 – 10:32 am by Teresa Chen
The abuse of well-known seal of approvals seems to be the latest ruse used by online fraudsters. Leveraging reputable names that existed long before anyone heard of the Internet is a blaring reminder that even trustworthy seals are not off limits to scammers. In fact, linking to reliable sources of reviews and certification is proving to be an essential part of any fraud strategy today.
A recent string of fake websites tricking car shoppers serves as the latest example. America Auto Sales, a glitzy site listing used cars at discounted prices, appeared to be an authentic channel where many consumers could find great deals on previously owned vehicles. The website not only held an extensive inventory of repossessed cars, but seemed to be ‘certified’ with reviews from reputable sources. America Auto Sales even had an “A” rating with the Better Business Bureau (BBB), a longstanding goldmine on business reliability.
And so the story goes – the website turned out to be a scam, in yet another case where gullible victims fall prey to the bad guys. Sadly, online buyers lost thousands of dollars and the authorized dealerships were left to deal with the aftermath. The real America Auto Sales was slammed with over 1000 customer calls as a result of stolen identity.
Sure, we’re all aware of the customary tricks to steal a company’s identity as is evident in this story. What’s interesting is now scammers deploy the usage of trusted authentication services such as BBB to further deceive unsuspecting victims. We’ve seen this type of behavior in other industries, such as online pharmaceuticals as well. In numerous occasions, illicit online pharmacies sport a Verified Internet Pharmacy Practice Sites (VIPPS) certification, a program governed by the National Association of Boards of Pharmacy to ensure the legitimacy of online pharmacies. Many consumers use the VIPPS certification to confirm the validity of pharmacies to shop safely for pharmaceuticals online. However, similar to the online auto scams, fraudsters are plastering the VIPPS seal onto their fake websites, implying a false association to fake their credentials.
Fraudsters are smart. They will do whatever it takes and are clearly not above usurping seals of approval. This is where consumer education comes into play as it serves as the first line of defense against any fraud and deception. Most recently, BBB posted an article highlighting best practices to red-flag fraudulent websites. These types of best practices enable consumers to make well informed decisions and ultimately avoid rip-offs like the recent car scams. They serve as a complementary and critical component to any brand protection strategy. Whether its educating consumers on how to verify online pharmacies or on how to tell the difference between a counterfeit coupon from an authentic one, consumers need to be equipped with the best information to outsmart the fraudster.
Tags: Consumer trust, Scams
July 15, 2010 – 2:32 pm by Elisa Cooper
With the launch of new gTLDs expected to occur early next year, many are closely examining the opportunities and risks associated with ICANN’s Program.
Although still in draft format and subject to change, keep these gotchas in mind as you think through your strategy.
A 70% Refund Sounds Great – If you decide not to move forward with your new gTLD application after its initial posting, you are eligible to receive a 70% refund. But because the application fee is $185,000, pulling an application from the process will still result in a cost of $50,000.
You’ll Need to Move Quickly to Object to Applications that Pass the Initial Evaluation - Objections to new gTLD applications can be made as soon as they are posted to the ICANN site for a period of approximately five months. However, you will only have two weeks to file objections once the Initial Evaluation results are made available.
Obtaining a New gTLD Could Take 19 Months – If you fail the Initial Evaluation, if your application is disputed, and if there is string contention, even the Guidebook says it could take up to 19 months before your new gTLD is delegated.
Trademark Clearinghouse Only Simplifies Trademark Sunrises – In the past, Registries have relied upon Trademark Sunrises to help recoup their internal start-up costs. With the Trademark Clearinghouse, Registries will no longer be able to charge exorbitant Trademark validation fees. This does not mean, however. that other Sunrise periods won’t also be instated. Be prepared for the submission of business registration requirements, local presence requirements, and proof of industry trade association membership, along with additional fees for validation.
The Uniform Rapid Suspension (URS) May Be More Work than It’s Worth – When the Implementation Recommendation Team originally devised the URS, it was supposed to be a quick, easy and inexpensive method for dealing with clearly infringing domains. As it stands now though, it isn’t any of those things. Domains that are successfully suspended as a result of the URS procedure are only suspended for the remainder of their registration term, or for an additional year at current market registration rates. After suspension ends, domains become available for registration and are likely to be registered again resulting in a never-ending cycle of watching and suspending.
Registry Services Should Not Be Taken Lightly – Registries are responsible for running their TLDs in a stable and secure manner, complying with ICANN’s consensus and temporary policies, implementing start-up and post-launch rights protection mechanisms, providing protection for country and territory names, depositing data into escrow, delivering monthly reports to ICANN, hosting a Whois services, maintaining relationships with ICANN-accredited Registrars, maintaining an abuse point of contact, cooperating with contractual compliance audits, making TLD zone files available, and enabling DNSSEC.
Your Relationship with ICANN Could Be More Solid Than Many Marriages – That’s right – when you apply for a new gTLD, be prepared for a 10-year commitment.
You’ll Need to Prepare for the Worst – To obtain a new gTLD, not only will you need to define its mission and purpose, develop financial plans, and describe technical and operational capabilities, but you will also be required to maintain a continued operations instrument sufficient to fund basic operations for a period of three years which would continue in place for five years after the delegation of the registry AND you must also have a continuity plan in place which includes the designation of a transition provider.
New Registrations Won’t Likely Be Available Until Late 2011 / Early 2012 – Even if applications are accepted early next year, even in the best case scenario, it will still be some time before we actually see new gTLDs in the root.
The ICANN Board Still Needs to Approve All Applications – Even after the numerous reviews by the String Similarity Panel, the DNS Stability Panel, the Geographical Names Panel, the Technical Evaluation Panel, the Financial Evaluation Panel and the Registry Service Technical Evaluation Panel, at the end of the day – entry into any Registry agreement by ICANN must first be approved by the ICANN Board of Directors.
Tags: Domains, icann, New gTLDs, top level domains
June 24, 2010 – 3:54 pm by Joshua Lin
Since March 2010, and especially this month, the MarkMonitor Security Operations Center (SOC) has noticed a significant increase in the use of free web hosting services for phishing and malware attacks. Cybercriminals are using free hosting services to either host the phishing and malware sites themselves or redirect to fast-flux malicious sites.
Here is how this new attack method works: Emails with links, obfuscated by the use of HTML or a URL shortening service, direct victims to a free-hosted web page. In some cases, this page would be a phishing or malware site. In other cases, the landing page would have Javascript which would seamlessly redirect users to a malicious site hosted on a fast-flux botnet.
The free hosting-fast-flux combination is particularly interesting because it indicates cybercriminals have added another, front-end layer to their fraud infrastructure for greater stealth and resilience:
- Layer 1: Free-hosted webpages with Javascript redirectors
- Layer 2: Constantly changing compromised PCs that serve as proxy redirectors
- Layer 3: Phish or malware domains
The SOC believes free hosting services are becoming popular with cybercriminals because these services give cybercriminals unlimited free resources to launch their attacks and to protect their expensive fast-flux infrastructures.
In addition, cybercriminals are able to set up malicious sites on free hosting services much more easily than registering malicious sites with ISPs or registrars. Typically, cybercriminals would register their malicious sites using stolen credentials. With free hosting services, cybercriminals may now open accounts and set up their malicious sites by simply using email addresses created on free email services.
MarkMonitor’s SOC believes that this new development of free hosting combined with fast-flux, especially as seen this month, suggests the tell-tale signs that something on a larger scale may occur this summer. The emergence of free hosting front-ends to fast-flux botnets may indicate that cybercriminals have been beta-testing their new attack infrastructure in recent months before a general release in August, the historical high point of phishing each year. Stay tuned …
Tags: botnet, Brandjacking, cybercriminals, fast-flux, Fraud, free web hosting, malware, phish, Security
June 24, 2010 – 11:34 am by Mary Roach
Chanel’s warning to counterfeiters: “we are watching and we are taking action.” That’s the literal message you will see when visiting around 40 websites that used to sell counterfeit goods (such as mychanelshop.com) that now redirect to the Chanel-owned website chanelreplica.com. These domains were transferred to Chanel as a result of a favorable decision rendered in May 2010 against two counterfeiters. Chanel has since leveraged these past infringing domain names to send a clear message to fraudsters: that stopping counterfeits is a top priority and that it will take legal action when necessary. At the bottom of chanelreplica.com, Chanel provides links to examples of past judgments against online counterfeit operators, letting them know that it will follow through on its promise to aggressively defend its brand.
Chanel also takes the opportunity to warn current and would-be counterfeiters by posting a copy of a lawsuit in progress on the websites named in the lawsuit. The lawsuit against Liu Zhixian and other unidentified defendants filed on April 10, 2010, for example, is posted on 11 websites, including chanel2u.com. Chanel has provided updates on subsequent orders and injunctions on these sites to let fraudsters know that Chanel is indeed serious about identifying these individuals and making them accountable while simultaneously sending a signal to other counterfeiters not to hijack its brand.
On the consumer front, Chanel creatively uses the recovered domains that now point to chanelreplica.com to educate consumers on why buying fakes is harmful to society as a whole (i.e., by supporting criminal and terrorist activity) and what risks they take on themselves (i.e., receiving poor quality goods with no chance of a refund or repair services). As a result, any consumer who may have visited these sites in the past now knows without any uncertainty that the products were fake, and will maybe even rethink buying fakes in the future. Chanel also takes aim at warning consumers about the downside of buying fakes online at fakechanel.com.
While its fight against counterfeiters is not yet over, Chanel is taking an innovative approach of leveraging past infringing websites to fight the fight. What impact this will eventually have is still to be determined, but if all fake counterfeit sites contained similar messages, counterfeit buyers and sellers alike would likely think twice about engaging in this illegal trade.
Tags: Brand Abuse, Brandjacking, counterfeits
June 21, 2010 – 1:09 pm by Joshua Lin
Beginning this month, MarkMonitor will be sharing a new, monthly Fraud Intelligence Report with customers and other interested parties in our blog. The goal of the report is to provide timely analysis of developing trends and new threats in the fraud landscape. The Fraud Intelligence Report will complement the current MarkMonitor analysis as provided in the semi-annual Brandjacking Index® reports and customer reports.
The headline findings of the April 2010 Fraud Intelligence Report are:
Phishing Attack Volume Continues to Grow
Phishing attack volume increased 33% to 36,557 attacks in April, continuing the growth trend from March; however, phishing attack volume has not returned to the level seen in April 2009.
Fewer Organizations Targeted
The number of targeted organizations decreased 9% to 270 in April, reversing a growth trend that began after December 2009, but the current level has returned to the level seen in April 2009.
Attacks per Organization Grow
Monthly attacks per organization grew 27% to 135 in April, suggesting a return to concentrated attacks on lucrative targets.
Payment Services Sector Continues as Most Popular Phishing Sector
The Payment Services sector was the primary sector favored by phishers, accounting for 41% of phish attacks in April. The Financial sector, historically the most popular phishing sector, accounted for 33% of phish attacks.
Social Network Phish Volume Declines
Phish targeting social networks declined 24% to 1,379 attacks in April, reversing the steep growth observed in March.
The US Continues to be Most Popular Phish Hosting Country
The US continued as the predominant country hosting phishing sites, accounting for 52% of phishing attacks in April. A notable new development was that Bulgaria grew almost 9,600% to jump from the #47 position to #2 and accounted for 6% of total phish.
An important major trend underlying the above points is that phishers have shifted their primary attack vector from fast-flux botnets to hacked websites. Phishing attacks hosted on fast-flux botnets hide behind a cloud of rapidly changing proxies but ultimately present a single point of failure – the malicious domain. Cybercriminals registered domains for multiple fast-flux phishing attacks targeting many brands. But these domains, and the multiple phishing attacks they hosted, could be detected (often preemptively), Fraudcasted, and shut down in high volumes.
In the meantime, hacked website-based phishing attacks became more prevalent. In these attacks, cybercriminals compromise legitimate domains and host their phish attacks on the subdomains. This effectively removes the single point of failure in fast-flux phishing attacks – now there is no malicious domain to detect, Fraudcast, and shut down. From the fourth quarter of 2009 onwards, the MarkMonitor Security Operations Center observed a dramatic decline in phishing attacks hosted on fast-flux botnets and an equally dramatic rise in phishing attacks hosted on hacked websites.
Download the report here: MarkMonitor Fraud Intelligence Report, April 2010
Tags: botnet, Brandjacking, fast-flux, Fraud, malware, Phishing, Security
|
