Domain fraud is a form of cyber crime. Unauthorized persons or groups exploit the identity of brands and websites for their own advantage. Domain fraud is mainly used to harm competitors, steal data or to conduct sales under the guise of another name.
Banks, airlines, online shops and other companies with business-critical websites in particular can experience enormous damage from domain fraud. Find out how you can protect yourself and your company from fraudulent intentions by cyber criminals in this blog post.
The usual practice of domain fraudsters
With domain fraud, external and unauthorized persons buy a domain name that is very close to the actual domain of a company or brand to be damaged. An example: XY Bank appears on the Internet under the domain XYBank.com. Domain fraudsters are now trying to register similar domains such as XY-Bank.com or XYBank24.com and use them to deceive the customers of XY Bank and lure them to their own fake website.
Often, complete copies of the original website are simply downloaded and then uploaded to the fake domain (in this example XY-Bank.com). Due to the identical or similar design of the fake website, careless customers do not notice anything and fall into the trap.
All of this is possible without much technical effort and even has the potential to cause damage going into millions of dollars. Even if you as a company will most likely not have to pay for the damage caused to your customers by fake websites, your brand image can still suffer considerably from such incidents.
Potential lucrative targets for domain fraud
- Premium brand online stores
- Internet presences of banks and other finance services (especially online banking and customer accounts)
- Booking websites (flights, hotels, etc.)
- Insurance websites
- Many other companies that offer something for sale or are working with sensitive customer data
The intentions behind domain fraud
In general, the intentions of domain fraudsters can be very different. Most cybercriminals arguably have financial intentions. Domain fraudsters could, for example, steal login or credit card data and then misuse them for their own purposes.
It would also be conceivable that fraudsters could replicate the online shop of a well-known company and cheerfully sell things under the fake domain. Especially in the field of electronic items and gadgets, fraud damage can quickly accumulate in considerable amounts. Another conceivable intention behind domain fraud could be to deliberately damage the competitors’ reputation.
No matter what the intent behind domain fraud is, in the end the victims often suffer protracted damage to their image and business reputation.
Preventing domain fraud – acting quickly is the top priority!
First of all: you can never eliminate domain fraud completely. Fact is that anyone can download and copy your website easily and without much technical understanding. The registration of domains only slightly regulated and so it is actually possible to commit fraud with well-known domains without much effort. Often cyber criminals are located in distant countries and a police or civil law solution is either not possible or takes a lot of time.
For this reason, you should definitely take the protection of your website into your own hands. This way, you cannot completely prevent attempted fraud, but you can considerably reduce the period of time in which your good name or prodcut is misused.
Many of our customers were totally unaware that similar domains of their company were in circulation. All the greater was the surprise or anger about lost income or the damage to the company’s image. Most large businesses around this globe are affected by domain fraud.
Here are some stats about our clients:
- 76% found “lookalike” domains posing as their brand
- 96% found exact matches of their brand-owned domain with a different TLD (e.g., “.net” vs. “.com”)
- 85% of retail brands found domains selling counterfeit goods
This is how you can take action against fraud at domain level
In order to protect yourself against fraudulent intent at domain level, it is extremely important that you constantly monitor the domain market. Domainspace.io has developed its own protection mechanisms for this purpose, which can help you to detect domain fraud quickly and reliably. Here you can find some of our most effective services against domain fraud.
Scan existing domains for violations
With well over 1,000 TLDs, fraudsters have plenty of choice to copy your domain name. For example, if you are using the domain xy.com, fraudsters still have xy.de, xy.net, xy.org. and many other domain extensions as an option. Resourceful entrepreneurs may now pursue the strategy of simply registering all domain extensions with their brand names. But this is generally not a good idea.
With more than 1,000 TLDs available, the costs quickly run to over $15,000 per year. Even if you made that investment, you would still not be fully protected! Domain fraudsters like to use brand names in combination with prefixes and suffixes or special characters. Here are some examples what kind of domains cyber criminals are mainly targeting: xy24.com, x-y.com, buyxy.com, xyshop.com… As you can see, there is a seemingly endless possibility of combinations to misuse domain names.
So it is much better to permanently monitor the domain market. This is where Domainspace comes into play with two specially developed products.
Zone Scan to identify threads
Our Zone Scan checks once after the order has been placed whether your brand / keyword is currently used in a TLD. We include combinations of more than 3.5 million prefixes and suffixes. We can also cover so-called typo domains, i.e. domains with spelling errors (prominent examples are Googel.com, Goggle.com etc.) with our trademark zone scan. Following the scan, you will receive a full report with all domains that are currently using your brand name. If, based on our report, you discover fraudulent intent, you can take appropriate action against it.
If you wish, we can also evaluate the results for you and explain in detail where you are currently at risk of falling victim to domain fraud. We are also happy to help you take countermeasures or identify the fraudsters for further legal actions.
Permanent monitoring at domain level
Our Zone Scan is just a one-time check and only shows the current situation. Therefore you should also set up permanent monitoring. Our domain monitoring service constantly monitors your brand / keyword. If there are changes on the domain market a notification will be sent to you within 24 hours. This way you can easily identify newly registered domains containing your brand name or keyword. With our monitoring service you have the ability to counteract as soon as someone is trying to use your brand name on the Internet.
The Domain Trademark Protection service for registered trademarks
Our Domain Trademark Protection is another product that can protect you from domain fraud. Unfortunately, this service is only available to registered trademarks.
The Trademark Protection actively prevents the use of your brand name in domains by unauthorized persons. We will store your trademark ownership data in a central database. If someone tries to register a domain with your brand name, a warning message is issued stating that this term is already protected. If the registration process continues despite this warning, you will immediately receive a message with the registrant’s details. Legal steps are thus significantly simplified!
In addition, the Domain Trademark Protection offers privileged access to new registrations. All new registries must offer a “sunrise phase” during the introduction of a new “open” gTLD in order to protect the rights of the trademark owners. In this phase, trademark owners can – depending on the guidelines of the respective registry – register their trademark domains before anyone else.
If you are striving for comprehensive domain protection and have a registered trademark, then we recommend our complete Security Packages. This way you can protect your brand in the most efficient manner. If you have any questions about our domain security solutions we are looking forward to get in touch with you. You can contact our domain security experts here…
As you have now learned in this blog post, domain fraud is a serious matter from which you should definitely protect your company. With our tools you have every at your fingertips to protect your online presence against domain fraud. We wish you every success with your website and maximum protection for your business.