To hijack a brand to deceive or divert attention; often used in abusive or fraudulent activities devised for gain at the expense of the goodwill, brand equity and customer trust of actual brand owners.
The sale of fake physical goods. May occur in the physical world, or on B2B exchanges, auction sites, eCommerce sites, or in spam.
The practice of abusing trademarks within the domain name system. Brand names—spelled correctly or, in a practice known as typosquatting, spelled incorrectly—are used within a domain name, enabling the squatter to divert web traffic meant for a legitimate site to an illicit site which may sell counterfeit goods, utilize pay-per-click abuse, host adult content or conduct other illicit activity.
A network that can only be accessed with specific software, configurations or authorization such as Tor (The Onion Router) browser. The darknet is a small subset of the deep web.
Un-indexed Web pages that cannot be accessed via a regular browser or search engine.
Websites containing a specified brand that appears in visible text, hidden text, meta tags or title in conjunction with other site content that indicates online sales are being transacted on the site.
The practice of using a specified brand or trademark in web content to imply a relationship with a company or brand where none exists.
The sale of authentic goods through unauthorized channels. Grey market goods are obtained through a variety of means: theft and discount fraud are common, as is refurbishing damaged goods. The goods are then sold on B2B exchanges, auction sites, and eCommerce venues. Parallel trade, in which goods priced for a specific geographic market are diverted and sold at a premium in other markets, is another widely used strategy.
Occurs when an illicit site or email attachment installs malware, viruses, keyloggers or other software that automatically steals usernames, passwords and additional information without a user's knowledge.
Websites containing a specified brand that appears in visible text, hidden text, meta tags or title in conjunction with pornographic, online gaming or hate content.
Paid placement advertising appearing on web pages. Operators of websites hosting PPC advertising derive revenue from ads that are clicked, hence the name PPC. Abuse occurs when a scammer sets up a website to host paid search ads, often leveraging a well-known brand name in the domain name and has loosely-related ads served to its site.
Criminal use of email to divert traffic to websites in order to fraudulently acquire usernames, passwords, credit card details and other personal information. The email and websites used in these operations employ "social engineering" techniques to trick users into believing they are interacting with a business or organization that they trust.
The sale of fake digital goods such as music, movies, software and gaming software. May occur on B2B exchanges, auction sites, eCommerce sites, in spam and through peer-to-peer (P2P) networks.
A method of phishing first implemented by the 'rock' phish gang that utilizes multiple layers of redundant infrastructure to increase the difficulty of shutting down the attack. Other phishers are now using these tactics as well.
The use of brands, slogans or trademarks located in visible text, hidden text, meta tags and title in order to manipulate search engine rankings so that the brandjacker's site can gain a more favorable search engine placement. This type of abuse is also known as Black Hat SEO.
Occurs when unauthorized parties use a brand as a keyword in search marketing, triggering ads that divert traffic to sites promoting unrelated, counterfeit or competitive brands.
The sending of unsolicited emails—frequently leveraging well-known brands—in order to divert traffic to illicit sites of every type. To encourage recipients to click through, spammers design their email to imply that their product or service is endorsed or sanctioned by the legitimate brand. Users who do click through encounter everything from pay-per-click abuse to sales of counterfeit or pirated goods.
Hijacking a brand to drive web traffic to a competitive or illicit site in order to generate revenue at the expense of the rightful brand owner.
Using brand names spelled incorrectly within a domain name, which enables the squatter to divert traffic meant for a legitimate site to an illicit site which may sell counterfeit goods, utilize pay-per-click abuse, host adult content or conduct other illicit activity.