Industry News

News > May 2007


Brands, Phishing And Domain Kiting

A report has revealed cybersquattings increasing threats to brands, phishing and domain kiting, with financial services and media companies being the main targets.

MarkMonitor®, (the global leader in enterprise brand protection), released the first Brandjacking Index™on April 30 2007 (a quarterly report measuring effect of online threats to brands). The report investigates trends, including a drilled-down analysis of how popular brands are abused online and industries facing the most damage. It examines adaptive tactics of brandjackers (e.g_cybersquatting, false association, pay-per-click (PPC) fraud, domain name kiting, objectionable content, unauthorized sales channels and phishing).

The Brandjacking Index tracks the first 25 brands from the 2006 Top 100 Interbrand study and additional Interbrand ranked companies for business segment analysis. The cornerstone is the volume of public data analysed by MarkMonitor using proprietary algorithms; no customer data or proprietary customer information was used. MarkMonitor searches around 134 million public records a day for brand abuse in domain data and U.S. and international Patent and Trademark Office data.

The phishing data MarkMonitor analyses is based upon feeds and fraud broadcasting from leading global Internet Service Providers (ISPs), e-mail providers and other alliance partners. Since 2004, the company has scanned billions of Web pages and processes 16 million phishing e-mails per day. MarkMonitor capture and analysed weekly data samples in March 2006. Insights are based on average weekly incident samples.

"Fraud, counterfeiting and other abuses against brands are increasing in intensity and numbers as brands and businesses move online. Protecting brand reputations, customer relationships and revenues from online abuses is becoming as important to enterprises as securing their networks, data and systems from Internet-borne threats." said Rose Ryan, Research Analyst, IDC.

Weekly samples reveal an excess of 300,000 incidents. Cybersquatting, (the unauthorized use of brands in a domain), is the most frequent form of abuse (more than 275,000 instances were recorded). Cybersquatting is often combined with another form of abuse such as e-commerce, pay-per-click fraud or kiting.

"Brand holders face a double whammy – not only is the volume of these abuses significant, but abusers are becoming alarmingly savvy marketers,” “Brand abusers are employing online marketing techniques such as search engine optimization to siphon traffic from reputable sites. Our analysis identifies cybersquatting as a driver leading to other abuses that further degrade brand value, customer loyalty and revenues." says Frederick Felman, chief marketing officer for MarkMonitor.

Analysis of eight industry segments has revealed 40 percent of brand abuse is usually directed at media companies, (traditional and Internet-based). ComScore have found that media Web sites represent 10 of the 15 most trafficked sites, validating most trafficked brands attract more abuse. The next most popular segments targeted include automotive, consumer electronics, high tech and financial service, representing between 11 percent and 16 percent.

A four-week average of financial kiting targets has revealed over 980 kited sites targeting financial brands, more than double of any other segment. "Domain kiting, which is the practice of using the ICANN five-day grace period in a serial fashion, can be used to test the marketability of domains, so abusers utilize this technique to test traffic-diversion sites. Kiting is very attractive to brandjackers as an inexpensive means to launch pay-per-click scams that trick customers and erode the strength of legitimate brands." says Felman.

Phishing incidents rose in Q1 2007 by 104 percent compared to Q1 2006, indicating the adaptive nature of phishers. MarkMonitor attributes the rise in incidents to advances in phishing technology designed to frustrate phish-blocking browsers and other consumer-protection technology. One-time use and unique URL attacks are traditional techniques for phish-blocking. The number of brands phished each month reached 229 in March due to optimized phishing operations and methodology, mature technology and greater economic efficiencies. Feltman mentions "Botnets and phish kites have reduced the technology requirements and resources needed to execute attacks. Phishers are adopting direct marketing methodologies to experiment with brands, evaluate efficiencies and exploit lax enforcement."

Phishing attacks against financial services companies, include large banks and credit unions, (representing 41 percent of all phishing attacks in Q1 2007, compared to 29.4 percent in Q1 2006). Online auction brand attacks fell below those against financial institutions for the first time, (representing 38 percent in Q1 2007).

"This rise in attacks on financial institutions is not surprising. The yield for online banking credentials is incredibly high for phishers. They are taking advantage of the large number of mergers and acquisitions as well as the ongoing shift from brick-and-mortar to online banking. Customers are confused and the phishers are capitalizing on it." explains Felman.

"Criminals have learned the rules of online marketing and how to exploit the system to attack the brands, revenue streams, channels and reputations of legitimate companies faster than businesses have migrated from physical security models to the cyberworld. Brandjackers are adaptive, security savvy and opportunistic. By issuing our quarterly Brandjacking Index, it is our goal to raise awareness and arm brand holders with key information needed to protect their brands and stakeholders from the latest online threats." stated Irfan Salim, (president and chief executive officer of MarkMonitor).