Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

3/17/2009
03:20 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

U.N. Agency: Cybersquatting On The Rise

New data from the World Intellectual Property Organization, as well as from MarkMonitor, highlights problem of brand abuse online

The number of cybersquatting reports rose nearly 10 percent last year, according to a United Nations agency charged with protecting intellectual property worldwide.

The World Intellectual Property Organization (WIPO) said on Monday that a record-breaking 2,329 complaints of cybersquatting were filed with the agency in 2008 -- an 8 percent increase from 2007. Nearly half of the complaints came from U.S. organizations.

Among the industries hit most by cybersquatting were biotechnology and pharmaceuticals, which accounted for 9.9 percent of the complaints to WIPO; banking and finance, 9.4 percent; Internet and IT, 8.8 percent; retail, 8.1 percent; food, beverage, and restaurants, 7.2 percent; entertainment, 6.5 percent; media and publishing, 6.3 percent; fashion, 6.0 percent; and hotels and travel, 6.0 percent.

"Cybersquatting remains a serious issue for trademark holders. Supported especially by registrar and registry stakeholders, the sale and broad expansion of new top level domains in the open market, if not properly managed, will provide abundant opportunities for cybersquatters to seize old ground in new domains," said Francis Gurry, WIPO director general, in a statement.

WIPO's report jibes with a recently released study by MarkMonitor, which examined abuse of the top 30 brands and found that most of the same ones still get spoofed online. In its Annual Brandjacking Index for 2008, MarkMonitor found 80 percent of sites it first discovered in the first quarter of 2007 abusing brands were still alive and well in 2008. The abuse ranges from using a famous brand name just to drive traffic to the misrepresented site, to infecting visitors, according to MarkMonitor.

The WIPO report only scratches the surface of all of the ongoing abuse, according to MarkMonitor. "The rise in [WIPO] filings highlights how online brand abuse is a growth industry. However, the 2,300 UDRP [Uniform Domain Name Dispute Resolution Policy] filings in 2008 [to WIPO] are only a drop in the bucket when compared to the real scope of the problem of cybersquatting and other abuses of the domain name system," says Te Smith, vice president of communications for MarkMonitor. "In our latest Brandjacking Index, we saw on average 15,000 abuses per brand."

According to MarkMonitor's findings, the fourth quarter saw more than 440,000 cybersquatting incidents, 86,837 cases of false association, and 33,614 cases of pay-per-click abuse. And blended-abuse attacks, where cybersquatting is combined with malware and other abuses, are on the rise.

"In addition to the brand [abuse] component is a really scary component of...shoving brand names in metatags to [raise search engine optimization standings of a malicious] Web page to draw users there and get them infected," says Blake Hayward, vice president of product marketing for MarkMonitor.

Both the WIPO and MarkMonitor reports indicate that English-speaking countries are the biggest target of abuse. "While we didn't track the language being used on the abuse Web sites, the Brandjacking Index did note that English-speaking countries account for almost 80 percent of the top 15 countries hosting abuse sites, with the U.S. at 69 percent, the U.K. at 4 percent, Canada at 3 percent, and Australia at 2 percent," MarkMonitor's Smith says. "However, this could be a function of a robust Internet infrastructure in these countries."

Meanwhile, well-known brand names remain prime targets of abuse due to their familiarity and ability to drive traffic. "Ultimately, consumers pay the price for online brand abuse, as they are misled to sites that range from the annoying to the truly dangerous, with counterfeit goods, identity theft scams, or malware downloads," Smith says.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/27/2020
Chinese Attackers' Favorite Flaws Prove Global Threats, Research Shows
Kelly Sheridan, Staff Editor, Dark Reading,  10/27/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27652
PUBLISHED: 2020-10-29
Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.
CVE-2020-27653
PUBLISHED: 2020-10-29
Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.
CVE-2020-27654
PUBLISHED: 2020-10-29
Improper access control vulnerability in lbd in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to execute arbitrary commands via port (1) 7786/tcp or (2) 7787/tcp.
CVE-2020-27655
PUBLISHED: 2020-10-29
Improper access control vulnerability in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to access restricted resources via inbound QuickConnect traffic.
CVE-2020-27656
PUBLISHED: 2020-10-29
Cleartext transmission of sensitive information vulnerability in DDNS in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors.