Crushing cybersquatters – fighting those who abuse your brand online

When the Web site began publishing pornographic images created with Lego toys, trademark owner Lego Juris AS, which sells the popular plastic building blocks for children, acted quickly. “The content available on the site consisted of animated mini-figures doing very explicit things. We were not amused,” says Peter Kjaer, an attorney for Billund, Denmark-based Lego.

Lego didn’t go to court. Instead it filed a complaint with the World Intellectual Property Organization’s (WIPO) Arbitration and Mediation Center, which ruled in its favor. The domain registrar for, Scottsdale, Ariz.-based Inc., eventually shut down the site and transferred the domain name to Lego, in compliance with the Uniform Domain Name Dispute Resolution Policy (often called the UDRP), a procedure set up by the Internet Corporation for Assigned Names and Numbers (ICANN) to address domain-name brand abuse.

(ICANN is the international organization that coordinates the Internet’s domain-naming system. Domain registrars are companies accredited by ICANN or a national authority to sell and register domain names on behalf of individuals, companies or other organizations.)

The UDRP process, set up 10 years ago, saves time and money by getting offending sites down relatively quickly and without lengthy lawsuits. But it hasn’t deterred cybersquatters, who can come up with domain names that play on a virtually unlimited number of variations on well-known brand names, including common misspellings of those names, to drive traffic to their own sites. The increase in operating expenses driven by the price of attractive domains names is pushing wider brand abuse, experts say.

People intent on visiting a brand’s Web site may instead end up on a cybersquatter’s site and then find themselves redirected to a phishing site or a site with objectionable content or — most commonly — advertising that may link to competing products and services. The most popular brands can be the target of thousands of cybersquatting sites.

Authentication technologies are a great way for businesses to protect their corporate domains against use in phishing and spoofing attacks, experts say.

Bad for business

Cybersquatting can damage a company’s brand reputation and result in substantial business losses. One company that has tried to defend itself is Verizon Communications Inc., which has aggressively pursued cybersquatters and reclaimed thousands of domain names related to its businesses. This year it activated many of those and set them up to redirect users back to its own Web site.

Brand abuse online

Cybersquatters use variations on trademarked names to draw visitors to their sites. Those sites may contain offensive content or pay-per-click ads, or they may create a false association with the trademark owner or sell competing products. Some may combine offensive content and e-commerce — featuring pornographic images and offers for sex toys or other products, for example.

Per cent increase in 2008 over 2007:

  • Cybersquatting: 18 per cent
  • Offensive content: 21 per cent
  • Pay-per-click advertising: 24 per cent
  • False association: 20 per cent
  • E-commerce sites: 46 per cent

Source: 2008 Brandjacking Index, MarkMonitor Inc., San Francisco

“We’re on track to bring in 9 million new visitors, just from the names we’ve been able to get back,” says Sarah Deutsche, vice president and associate general counsel at Verizon.

But it’s not just the big names like Verizon that are suffering. Green energy is a hot topic right now, so cybersquatters have been targeting wind and solar energy start-ups, Deutsche says. “A lost sale for them is a huge hit.”

Malicious sites can create havoc with a brand’s reputation. In some cases, criminals have copied a brand’s entire Web site in order to collect usernames and passwords. They then try to figure out where else on the Web that name and password might work. “Guess the fake. You can’t, usually. It’s pretty nuts,” says Mark Feldman, chief marketing officer at MarkMonitor Inc., a San Francisco-based domain registrar that also monitors brand abuse activity for corporate clients.

Eighty per cent of the cybersquatting sites MarkMonitor tracked in early 2007 were still online one year later, Feldman says. Why aren’t brand owners pursuing them? Some businesses have had to prioritize which cybersquatters to pursue, while others have given up on the problem or have chosen to ignore it.Ignoring the problem is getting harder to do as the amount of brand abuse continues to rise. Cybersquatting activity rose by 18 per cent last year, with a documented 440,584 cybersquatting sites in the fourth quarter of last year alone, according to MarkMonitor’s annual Brandjacking Index report.

Lego’s Kjaer has noticed an uptick in activity as well. “The number of cases in our monitoring reports and number of UDRPs has definitely increased,” he says. And WIPO cited an 8 per cent jump in dispute filings in 2008, to 2,329 complaints — a new record.

Now, ICANN is preparing to open a potentially unlimited number of new top-level domains (beyond the current .com, .biz, etc.) as early as the first quarter of 2010, and intellectual property holders worry that the cybersquatting problem may be spinning out of control. That has them pushing hard for reforms.

Free ride

Ten years ago, most cybersquatters redirected users to porn sites or tried to sell domain names associated with major brands back to their rightful owners. But today advertising-based “domain-parking” sites are the fastest growing cybersquatting problem.

“Domainers” build portfolios of thousands of domain names and profit by reselling the names or selling advertising on those sites. They may generate revenues by posting pay-per-click ads (where the site owner receives payment every time a visitor clicks on an advertising link) and other advertising content.

Advertising-supported domain-parking sites that exploit trademarked names damage those brands by diverting traffic away from the brand owner’s site — or worse, by linking prospective customers to competitors’ products. InterContinental Hotels Group suffers from both, says Lynn Goodendorf, global head of data privacy at Denham, England-based IHG.

Goodendorf says she doesn’t like domain-parking cybersquatters, but she has to prioritize her activities. IHG will go after cybersquatters when the sites include objectionable content — as Lego did in the case — or if they contain malware or refer visitors to competitors.


  • Cybersquatting: The practice of abusing trademarks within the Internet domain-name system.
  • Typosquatting: The practice of registering domain names that feature common misspellings or typographical errors in trademarked names.
  • Domain parking: The practice of registering domains for potential future development. Parked domains may include pay-per-click advertisements.
  • Domaining: The practice of buying, selling and monetizing domain names.
  • Domainer: A person or business that buys, sells and monetizes domain names for financial gain.
  • Domain tasting: The practice of registering a domain name, then using the ICANN’s five-day free grace period to monitor traffic volumes and determine whether the domain should be dropped based on a cost-benefit analysis.
  • Domain kiting: The process whereby domains are registered and dropped within the five-day ICANN grace period and then registered again for another five days. Kiting a domain lets the registrant gain the benefit of ownership without ever paying for the domain.

Source: MarkMonitor Inc., San Francisco

Although she’s not happy about it, the company doesn’t have the time or resources to pursue cybersquatting domainers whose sites contain more generic advertising, Goodendorf explains.

Even domain-parking sites that don’t include advertising are a problem, contends Verizon’s Deutsche. “Cybersquatters who register and hold onto valuable brands harm trademark owners by taking names the trademark owner could use for itself,” she says.

Domain parking has transformed from a cottage industry to a big business over the past five years, as has cybersquatting activity associated with domain parking, says Doug Isenberg, an attorney at The GigaLaw Firm, an Atlanta-based firm that specializes in domain-name disputes. The reasons are simple: Start-up costs for domainers are low, the potential financial gain is huge, and cybersquatting penalties — the potential loss of the domain name in a UDRP proceeding — are small.

Domainers who register variations on popular trademarked names can drive up site traffic. This increases income — and the value of the domain name, which they can then resell at a premium.

The cost of maintaining a domain can be as little as $6 per year. “If you can make $1 a year on domain traffic, that’s worth keeping,” Isenberg says.

Domainers make a living by keeping thousands — or hundreds of thousands — of domain names. While some domainers are legitimate, most are not, Verizon’s Deutsche contends — and she has sued many of them. “Tens of thousands of variations of our brand are being monetized by domainers — including some accredited registrars,” she says.

Drawing a distinction between domain-name brand abuse (cybersquatting) and domain parking is important, says Jeffrey Eckhaus, general manager at domain registrar eNom Inc. in Bellevue, Wash. “Cybersquatting is illegal in the U.S., while domaining is a legitimate business,” he says. ENom supports domainers with advertising services, but domaining is “not the main focus of eNom’s business,” Eckhaus says.

But domain parking is part of the core business model for some registrars, including Cambridge, Mass.-based LLC, says Steve Metalitz, president of the Intellectual Property Constituency (IPC), an ICANN-sanctioned organization that advocates on behalf of brand owners.

Playing defense

Trademark holders have responded to the problem by buying up “defensive” domain names so that cybersquatters can’t use them, hiring monitoring services, pursuing violators through the UDRP process, and, increasingly, taking cybersquatters to court.

Dealing with the problem is not cheap. IHG has registered 4,200 domain names to protect its seven brands, which include such well-known names as Holiday Inn and Crowne Plaza, Goodendorf says.

Verizon has registered more than 10,000 domain names, mostly to protect its three most visible brands: Verizon, VZ and FiOS. “It’s extremely costly,” Deutsche says.

As costly as maintaining thousands of defensive registrations might be, paying $6 per year to maintain a domain name is far cheaper than the $1,500 fee to file a UDRP case with WIPO, especially when a business has hundreds, or thousands, of complaints to address, Isenberg says.

UDRP at a glance

  • Cost to file a Uniform Domain Name Dispute Resolution Policy complaint: $1,500
  • Complainant success rate in UDRP process: 85 per cent
  • Average time to decision: 60-70 days
  • Cybersquatting complaints filed with WIPO in 2008: 2,329
  • Increase over previous year: 8 per cent

Most UDRP filings by industry

1. Biotech and pharmaceuticals

2. Banking and finance

3. Internet and IT

4. Retail

5. Food, beverage and restaurants

Sources: WIPO, ICANN

But even if it pays for thousands of defensive registrations, a company can’t rest easy. Goodendorf describes the problem: Cybersquatters continue to register new variations of IHG’s brand names, often in combination with other words, such as a city name, and many of these sites take visitors to competitors’ properties or other travel industry Web sites.

“We cannot possibly buy every conceivable combination,” she says. The company has prioritized which cybersquatters to go after based on factors such as the offending site’s name, content and amount of traffic diverted from IHG properties. “We have to figure out where the most serious harm is — and what is actionable,” Goodendorf says. Many cybersquatters go unchallenged.

Monitoring services offered by companies like MarkMonitor or Arlington, Va.-based Cyveillance Inc. can alert the business to the existence of cybersquatters. But the services cost thousands of dollars per year, and the business still needs to review each case.

“Small to medium-size businesses are screwed,” Feldman says. “They can’t afford our services. They can’t afford lawyers. Consumers and small businesses get harmed the most.”IHG uses Cyveillance’s monitoring services and receives daily alerts. “I have a person who does nothing but sort through those alerts and decide which to pursue. That’s her full-time job,” Goodendorf says.

Fighting back

Once a company has determined that it wants to pursue a cybersquatter, it must decide what action to take. It might start by paying a brand-protection service provider like MarkMonitor to contact the domain-name registrant and registrar and ask to have the site taken down. If the registrant is unresponsive, the brand owner has several other options.

Intellectual property owners can sue cybersquatters under the federal Anticybersquatting Consumer Protection Act, but that is expensive and limits damages to $100,000; they can try to shut down sites containing copyrighted content under provisions of the Digital Millennium Copyright Act; and in some cases they may be able to pursue violators for trademark abuse under statutes of the Lanham Act.

The least expensive approach is to file a UDRP complaint with a dispute-resolution provider such as WIPO or the National Arbitration Forum. But even when the complainant wins, which according to WIPO happens 85 per cent of the time, that’s not always the end of it. Cybersquatters can delay the transfer by challenging it in court.

Some registrars can be uncooperative, too, failing to complete domain-name transfers within the specified 10 days, Isenberg says. ICANN hasn’t done enough to deal with complaints about such registrars, he adds. “They get a slap on the wrist and then it happens again,” he says.

While IHG uses UDRP, Verizon has passed on that approach because, Deutsche says, a separate complaint must be filed for every domain-name infringement. With tens of thousands of cases to prosecute, the company decided to declare all-out war on cybersquatters. “We’ve brought high-profile lawsuits against some of them, and there’s been a noticeable drop in the last couple of years in [Verizon-related] cybersquatting,” Deutsche says.

“A lot of times you’ll go out and find 100 brand infringements, and 30 or 40 are coming from the same entity,” says James Brooks, director of product management at Cyveillance. Aggressively pursuing those firms, as Verizon has done, may cause them to look for “softer targets,” he says.

ICANN by the numbers

  • Generic top-level domains (GTLD) contracted through ICANN: 16
  • ICANN-accredited domain registrars: 952
  • Domain-name registrations of ICANN GTLDs: 109 million

But more cases pile up on the docket every day. For example, Deutsche only recently learned of, a Web site that includes affiliate advertising. The owners of such sites get paid a few cents whenever visitors view ads on the site or click on advertising affiliate links.

In some cases, ads refer potential visitors to competitors’ sites. In others, Google ads may refer the visitor back to Verizon. “We end up paying Google, who pays the cybersquatter,” Deutsche says.


Many intellectual property holders, already overwhelmed by cybersquatting activities, fear the problem will become untenable when ICANN makes a potentially unlimited number of new generic top-level domains (GTLD) available in early 2010. Currently, ICANN supports 16 domains, including .com.

Verizon’s Deutsche questions the need for new TLDs, given the limited success other new domains have had relative to the .com domain. Nearly three quarters of all domain-name registrations under ICANN’s administration are in the .com domain, and 92 per cent are in the .com, .net and .org domains. She alleges that the primary motive, driven by registrars, is to sell more defensive domain names to intellectual property holders.

Paul Levins, vice president of corporate affairs at ICANN, calls Deutsche’s assertion “mischief making.” Use of the newest GTLDs, such as .tel and .mobi, is growing, he says. Plus, two ICANN-commissioned economic impact reports, published in March 2009, show that increased competition would benefit consumers, adds Levins, noting that intellectual property concerns “can be addressed through existing legal mechanisms and appropriately designed ICANN procedures for protecting intellectual property.”

But without additional protections, businesses worry that it will be impossible to protect their brand names online in an expanded GTLD universe. Goodendorf, for instance, frets that IHG will be forced to buy the same set of defensive domain names for each new top-level domain. “That will run up our costs even more, [and] it’s going to become more confusing for people to find what they’re trying to find.”

Intellectual property owners complained loudly to ICANN through the IPC, one of several advisory groups to the ICANN board. In response to those concerns, ICANN asked the IPC to come up with recommendations.

It formed the Implementation Recommendation Team, which on May 29 issued a report to ICANN listing suggestions for dealing with the new top-level domains. These include the establishment of a list of trademarked names that can’t be sold in the new GTLDs, a provision for rapid takedowns of sites that blatantly violate trademarks, disablement of offending domains instead of transferring ownership and requiring the complainant to pay for their registration, and a complaint mechanism to deal with registrars that don’t cooperate with UDRP decisions (see sidebar).

IRT recommendations

On May 29, the IPC’s Implementation Recommendation Team issued a report with recommendations on how to protect trademark owners as new generic top-level domains (GTLD) are introduced through ICANN. Here’s a summary of a few key points.

  • The establishment of a centralized IP clearinghouse where brand holders can register trademarked names. Registrars would refer to this list before issuing domain names in a new GTLD.
  • A uniform rapid suspension system that would allow immediate takedown of sites that clearly are abusive to a brand, even before the UDRP process has run its course. Instead of turning these domain names over to complainants and requiring them to pay a yearly subscription fee for each cybersquatting domain, the offending domain names would be disabled. The system would be optimized to deal with domainers who purchase large blocks of abusive registrations.
  • A post-delegation dispute mechanism that allows a brand holder to complain directly to ICANN when a registry or registrar is violating its contract with ICANN in a way that negatively affects the complainant’s brand. It would also require a deadline by which ICANN must formally acknowledge, investigate and respond to complaints.
  • A requirement that all new GTLDs contain at least as much detail on each registrant as is collected for registrants in the existing GTLDs. “Under ICANN’s current proposal, the Whois [data] publicly available from new GTLDs would contain almost no information about the registrant,” Metalitz says.
  • The development of a central Whois repository, to be managed by ICANN. Currently one has to figure out which registrar issued a given domain name, identify the registry operator and search that operator’s Whois database.

A decision on the report’s recommendations is expected, possibly as early as September, following a period of public comment and discussions this summer. It’s unclear how many of the report’s recommendations will be adopted, but IPC President Steve Metalitz says ICANN has done a good job so far in responding to the concerns of intellectual property holders.

“The board recognized that there is a problem. They won’t roll out the new GTLDs until that problem is resolved,” he says.

Unfortunately, the proposal applies only to new GTLDs when it’s the existing ones that cause the biggest problems, Metalitz says. Even if every recommendation is adopted for the new GTLDs, getting the same rules applied to existing domains like .com will be tough, he adds. “The problem is, you have entrenched interests that are resistant to change,” he says.

However, ICANN may be able to apply the new rules as existing registrar contracts expire, Levins says. “We may be able to retrofit the features that are in the new GTLD agreements to address abuse.”

Meanwhile, the cybersquatting pandemic shows no signs of abating. While ICANN has made strides in improving oversight through its audits of registrars, the potential financial gains from cybersquatting remain too high and penalties too small to stop the growth in domain-name brand abuse, let alone deter the practice. That’s why the IRT recommendations, even if applied to existing top-level domains, aren’t likely to completely solve the underlying problem.

But the GTLD issue has intensified the focus on trademark abuse in domain names, and the matter now has ICANN’s full attention. So the GTLD proposals could be a catalyst for change — eventually. For Metalitz and the intellectual property owners he represents at the IPC, those recommendations represent one small step in the right direction.

Source: Computerworld

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs