Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

03:20 PM
Connect Directly

U.N. Agency: Cybersquatting On The Rise

New data from the World Intellectual Property Organization, as well as from MarkMonitor, highlights problem of brand abuse online

The number of cybersquatting reports rose nearly 10 percent last year, according to a United Nations agency charged with protecting intellectual property worldwide.

The World Intellectual Property Organization (WIPO) said on Monday that a record-breaking 2,329 complaints of cybersquatting were filed with the agency in 2008 -- an 8 percent increase from 2007. Nearly half of the complaints came from U.S. organizations.

Among the industries hit most by cybersquatting were biotechnology and pharmaceuticals, which accounted for 9.9 percent of the complaints to WIPO; banking and finance, 9.4 percent; Internet and IT, 8.8 percent; retail, 8.1 percent; food, beverage, and restaurants, 7.2 percent; entertainment, 6.5 percent; media and publishing, 6.3 percent; fashion, 6.0 percent; and hotels and travel, 6.0 percent.

"Cybersquatting remains a serious issue for trademark holders. Supported especially by registrar and registry stakeholders, the sale and broad expansion of new top level domains in the open market, if not properly managed, will provide abundant opportunities for cybersquatters to seize old ground in new domains," said Francis Gurry, WIPO director general, in a statement.

WIPO's report jibes with a recently released study by MarkMonitor, which examined abuse of the top 30 brands and found that most of the same ones still get spoofed online. In its Annual Brandjacking Index for 2008, MarkMonitor found 80 percent of sites it first discovered in the first quarter of 2007 abusing brands were still alive and well in 2008. The abuse ranges from using a famous brand name just to drive traffic to the misrepresented site, to infecting visitors, according to MarkMonitor.

The WIPO report only scratches the surface of all of the ongoing abuse, according to MarkMonitor. "The rise in [WIPO] filings highlights how online brand abuse is a growth industry. However, the 2,300 UDRP [Uniform Domain Name Dispute Resolution Policy] filings in 2008 [to WIPO] are only a drop in the bucket when compared to the real scope of the problem of cybersquatting and other abuses of the domain name system," says Te Smith, vice president of communications for MarkMonitor. "In our latest Brandjacking Index, we saw on average 15,000 abuses per brand."

According to MarkMonitor's findings, the fourth quarter saw more than 440,000 cybersquatting incidents, 86,837 cases of false association, and 33,614 cases of pay-per-click abuse. And blended-abuse attacks, where cybersquatting is combined with malware and other abuses, are on the rise.

"In addition to the brand [abuse] component is a really scary component of...shoving brand names in metatags to [raise search engine optimization standings of a malicious] Web page to draw users there and get them infected," says Blake Hayward, vice president of product marketing for MarkMonitor.

Both the WIPO and MarkMonitor reports indicate that English-speaking countries are the biggest target of abuse. "While we didn't track the language being used on the abuse Web sites, the Brandjacking Index did note that English-speaking countries account for almost 80 percent of the top 15 countries hosting abuse sites, with the U.S. at 69 percent, the U.K. at 4 percent, Canada at 3 percent, and Australia at 2 percent," MarkMonitor's Smith says. "However, this could be a function of a robust Internet infrastructure in these countries."

Meanwhile, well-known brand names remain prime targets of abuse due to their familiarity and ability to drive traffic. "Ultimately, consumers pay the price for online brand abuse, as they are misled to sites that range from the annoying to the truly dangerous, with counterfeit goods, identity theft scams, or malware downloads," Smith says.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message Kelly Jackson Higgins is Executive Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
US Turning Up the Heat on North Korea's Cyber Threat Operations
Jai Vijayan, Contributing Writer,  9/16/2019
MITRE Releases 2019 List of Top 25 Software Weaknesses
Kelly Sheridan, Staff Editor, Dark Reading,  9/17/2019
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "He's too shy to invite me out face to face!"
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2019-09-20
The wp-piwik plugin before 1.0.5 for WordPress has XSS.
PUBLISHED: 2019-09-20
The xpinner-lite plugin through 2.2 for WordPress has xpinner-lite.php XSS.
PUBLISHED: 2019-09-20
The xpinner-lite plugin through 2.2 for WordPress has wp-admin/options-general.php CSRF with resultant XSS.
PUBLISHED: 2019-09-20
On DrayTek Vigor2925 devices with firmware, Incorrect Access Control exists in loginset.htm, and can be used to trigger XSS. NOTE: this is an end-of-life product.
PUBLISHED: 2019-09-20
On DrayTek Vigor2925 devices with firmware, XSS exists via a crafted WAN name on the General Setup screen. NOTE: this is an end-of-life product.