Top Whois, DNS, IP and threat intelligence data provider. We provide APIs, databases, and tools.
Domain brand protection has become quite challenging in this day and age, where anyone can register a domain name with only a few dollars. Some providers even hand out domains for free. Even worse, registrars often do not screen domains (purchased or obtained free of charge) for potential cybersquatters or typosquatters.
We found a free domain name provider, for instance, who let us register transferwise[.]gq free of charge for 12 months. It didn’t matter that we were probably infringing on the money transfer service provider’s brand and domain.
If this domain name falls into the hands of bad actors, they could do many things to mislead Transferwise clients and ultimately damage the reputation of the service provider. In this post, we delved into the harm that domain brand infringement can do and the solutions that can help fight against it.
Domain brand protection often lies in the hands of the brand’s owner. You can’t exactly rely on the government, registrars, and web hosting providers, as they can only do so much. Fortunately, there are Brand Protection Solutions that can help brand owners and their security teams.
Our suite of brand protection services comprises:
With more than 7 billion WHOIS records that can be accessed through APIs and Web-based interfaces or downloaded in database format, cybersecurity teams can get more information about specific domains (including their registrants, date of registration, expiration, etc.) that they suspect are infringing on their brands.
Response time is crucial in addressing cyber threats, which include cybersquatting and domain infringement. The sooner you take action, the less the damage is likely to be. Brand Alert API enables users to monitor brand names and receive notifications when domains that contain terms of interest are added to, modified, or dropped from the WHOIS database.
Domain name additions and modifications could be used to imitate and bank on the mimicked brands’ reputation. Dropped domain notifications, meanwhile, can alert users to immediately start negotiating with the domains’ registrars so they can take them over and prevent future cybersquatting attempts.
Those who have close competitors that they suspect of selling counterfeit products using their brand can count on this tool. They can get hold of domain names that any competitor registers by inputting their names on the API. It’s then a matter of waiting for any notifications of newly added or modified domain names that have the competitor’s name as the registrant.
Miscreants often register domain names for typosquatting purposes in bulk; many similarly-named domains at a time. These groups of domains are captured on a daily basis by the data feed, thereby assisting the early detection and investigation of certain typosquatting-related activities.
Our Brand Protection Solutions can help brand owners save money in the long run. But what exactly should they be wary of when we speak about domain brand infringement? Below are some brand-related cybercrimes that they can help ward off.
Some people primarily earn a living by buying and selling domain names. And some of them take it too far. For example, they might purposefully register domain variations that are very close to the real brand’s (i.e., transerwise[.]gq or transferwize[.]com in an attempt to impersonate transferwise[.]com) and demand unreasonably large amounts of money when the legitimate brand owners attempt to recover the typosquatted domains. Brand Monitor, for instance, detected 334 Transferwise typos, all of which could figure in cybersquatting- or typosquatting-enabled attacks.
Some threat actors register domains that are similar to those of well-known companies but then sell fake or even unrelated or competing products. The domain shopdisney[.]eu, for instance, once resolved to an online shop that wasn’t owned and managed by The Walt Disney Company. The brand took action and filed a cybersquatting case, leading the WIPO panel to rule in favor of Disney.
Domain brand hijacking
This is perhaps the worst that can happen to brands, as it means threat actors have taken control over their dashboard. They can then use the brand’s domain in phishing and other malicious activities. Brand Protection Solutions can help organizations against this as it can be integrated into existing solutions to help detect known indicators of compromise (IoCs) for blocking. The Enterprise Data Feed, in particular, can be used alongside an organization’s security systems and threat intelligence platforms.
Domain intelligence and IP geolocation data gleaned from Brand Protection Solutions are two sources of data that can enrich the overall security posture of an organization. With the information they give, domain brand hijacking can be prevented since IoCs can be detected in a timely manner.
Protecting your brand is a critical business process that requires both budget and human resource allocation. While Brand Protection Solutions may not eliminate all cyber threats, they can help mitigate domain-related ones such as cybersquatting and domain hijacking.