Online Brand Protection: Fighting Domain Name Typosquatting, Website Spoofing, and Phishing
They say that becoming a cybercrime victim is, in this day and age, a matter of “when” and not “if.” But that doesn’t mean you should let fate determine your company’s future. Focus instead on enhancing your business’s security posture by protecting your brand from all sorts of online threats. A great means to safeguard your digital assets is through Brand Monitor — a specialized online brand protection component of the WhoisXML API Domain Research Suite.
This white paper will tell you how Brand Monitor can help your company combat specific cyber threats like domain name typosquatting, website spoofing, and phishing.
Table of contents
- What’s in a Domain Name and Why It’s Important to Protect It
- How Cybercriminals Take Advantage of Your Brand
- 3 Steps to Achieve Online brand protection
- The Benefits That Brand Monitor Provides
- Concluding Thoughts
What’s in a Domain Name and Why It’s Important to Protect It
Domain names identify Internet resources such as computers, networks, and services with text-based labels that are easier to remember than the numerical addresses used in IPs. They establish their owners’ unique identity. As such, organizations typically choose domain names that correspond to their brands, helping Internet users reach them easily.
Every domain name needs to be registered before a company can use it for, say, its website. Note though that individuals or organizations can own as many domain names as they like. Domain name registrants are required by law to provide the following information, which ends up on their WHOIS records:
- Registrant’s name and contact details;
- Registrar’s name and contact details;
- Registration date;
- Name servers;
- Date when the domain was last updated;
- Expiration date;
- Administrative, billing, and technical contacts’ name and details (In most cases, these are the same as the registrant’s name and details.)
No domain owner is allowed to use fake information in his WHOIS record. Anyone who violates this rule can get their domain rights revoked. Registrants can, however, opt for private registration where the registrar’s representative provides his contact details in lieu of the actual domain owner’s for a fee, of course. Typical reasons for choosing this option include maintaining privacy and avoiding unwanted solicitation via spam.
In a nutshell, your domain name represents your online identity. Its misuse and abuse can be likened to destroying your brand’s reputation.
How Cybercriminals Take Advantage of Your Brand
Cybercriminals make a living by taking advantage of the lack of awareness or just plain recklessness of many Internet users. They are infamous for creating fake versions of legitimate websites laced with keyloggers that siphon users’ log-in credentials when they sign in or drop malware that automatically execute onto their computers. Next thing they know is they’re missing funds from their accounts, inadvertently spamming people, or worse.
Three of the most common cyber threats that can adversely affect companies’ brands today are domain name typosquatting, website spoofing, and phishing. Let’s take a look at each in greater detail.
Domain Name Typosquatting
Domain name typosquatting, also known as “URL hijacking,” is a form of cybersquatting—the process of piggybacking on sites under someone else’s brand or copyright. Typosquatting targets Internet users who incorrectly type website addresses into their browsers. An example of this would be keying in “www.miicrosoft.com” instead of “www.microsoft.com.” Cybercriminals have been known to rely on Internet users’ proneness to making typographical errors while conducting online searches. That’s why they create alternatives of popular websites with domain names that look very similar to the ones they mimic.
Typosquatting has become an age-old Internet challenge that, unfortunately, even the biggest companies have succumbed to. A lot of reasons have been cited for committing typosquatting, ranging from the sarcastic — poking fun at a website’s content — as in the case of “godhatesfigs.com,” a parody of the Westboro Baptist Church’s “godhatesfags.com” site, to the downright malicious as in the case where John Zuccarini led a target website’s visitors to adult content sites instead.
Website spoofing is the act of creating a “shadow copy” of a popular web page to obtain visitors’ sensitive information. Spoofed websites typically use cloaked URLs that use domain forwarding or inserting control characters to appear genuine while concealing their real address. Site spoofing has often been accomplished by using URL shorteners or via site redirection.
Online banking and shopping websites are some of the most-spoofed and it is fairly easy to imagine why. Planting a keylogger into a fake online banking page will, after all, give its creators instant access to the victims’ wallets.
Phishing is a social engineering tactic that cybercriminals use to obtain sensitive information such as usernames, passwords, and financial details from Internet users in the guise of a trustworthy entity in any kind of electronic communication. Typically via email or instant messaging, victims are asked to type their personal information into a form on a fake version of a legitimate website so this would land in the hands of ever-wily cybercriminals.
We’ve seen new phishing tactics over the years, the most recent being business email compromise or BEC scams. A BEC scammer usually pretends to be a C-level executive of their target company who asks employees with access to its funds to transfer huge sums to their own bank accounts. This tactic seems to be working as by the end of 2018, companies have lost US $1.2 billion to BEC perpetrators.
That doesn’t include the losses that companies incur from other spearphishing or targeted phishing attacks. Unlike regular phishing attacks, spearphishing makes use of people the target actually knows (a family member or friend) or be in contact with (not necessarily an executive in the company he works for like in BEC scams). This assures the cybercriminals of better results. In fact, 2018 data revealed that an organization that earns around US $100 million per year can end up losing more than US $7 million should it succumb to a spearphishing attack.
Notice that all three threats take advantage of a brand’s popularity or reputation. The more popular a brand is, the more likely cybercriminals will target it. Any company that wishes to stay out of muddy waters needs to make sure that its brand is not being abused by threat actors. That’s easier said than done though, especially since around 380 new websites are created per minute, which amounts to more than half a million websites a day! Then how could you keep track of fraudsters who may be trailing their sights on your website? The short answer: Let Brand Monitor do the hard work for you.
3 Steps to Achieve Online brand protection
Brand protection entails looking out for any and every threat that could harm your company’s reputation. That means making sure that no one is using your brand name for malicious activities. Here are three ways that can help you protect your brand online:
1. Stick to the guidelines
Today’s branding guidelines should look beyond the physical environment and use of your company’s logos and imagery. They should include specific online rules for both your internal and external audiences—content, domain name registration, and social media behavior.
Identify who should create assets, who will be responsible for approving them, and where these will be stored. Limit the people who are authorized to register and have full access to domains and social media profiles. If at all possible, keep them within the company, don’t rely on third parties for such tasks to avoid compromise. Educate employees who are known ambassadors of your brand on what they should and shouldn’t say on social media as this could have detrimental effects on your business.
Limit third-party access to your network. Monitor how partners, vendors, distributors, affiliates, and other third parties use your brand to ensure they’re not sending the wrong message. Make sure they don’t preempt upcoming product launches via social media or other platforms as well.
2. Monitor the Web
Proactively monitor for brand abuse, customer issues, and negative sentiments that you need to deal with. Look out for rogue or fake sites selling your products, employee abuse, malicious links on your pages, and fake customer and partner profiles. Use tools like Brand Monitor to streamline this process for you.
3. Secure your digital assets
Consider everything from apps to social media, even those that are relatively new. Though doing business requires registering on various sites in different regions, do so with discretion. That means:
- Protecting your domain, including its records, against breaches and other forms of cybercrime;
- Extending your registration time for mission-critical domains to as long as possible;
- Reviewing user accounts, especially those linked to employees who have left the company or changed roles;
- Using multifactor authentication when accessing domain infrastructure;
- Looking closely at your domain portfolio and reducing the number of unnecessary domains.
Safeguarding your company’s online presence is a tedious process. It requires a lot of sifting through tons of new information on the Internet, which is physically impossible to do without the aid of technology. And that’s where Brand Monitor and similar tools can come in handy.
The Benefits That Brand Monitor Provides
Brand Monitor helps companies stay abreast of domain names that exactly match or slightly vary in spelling from theirs to safeguard their brand and affiliated trademarks online. With a database of more than 5 billion WHOIS records that span thousands of TLDs (both ccTLDs and gTLDs), it gives comprehensive lists of domains that you may wish to keep an eye on. It not only tracks newly registered domains, but also those whose registrations have expired.
|6+ B historic WHOIS records||582+ M domains||2,864+ TLDs||10+ years data crawling|
Brand Monitor specifically allows you to:
- Use certain keywords linked to your brand or trademark or even that of a competitor to keep track of what’s happening in the market;
- Utilize the “Typos” option to automatically generate and add misspellings to your search terms as an add-on anti-phishing mechanism to protect your brand’s reputation;
- Get daily updates on all newly registered and recently expired domains that you may be interested in, especially if you’ve got your heart set on getting one for your own use;
- Never miss anything by receiving alert emails and notifications based on your preferences, which lets you keep up with all brand-related updates.
Brand Monitor also gives you the lowdown on anything and everything that will help you boost your company’s reputation or protect your good name from nasty cyber threats.
|Available Information from Brand Monitor||What You Can Do with It|
|Domain names associated with a particular brand||
|Possible misspelled domain name variations||
|Newly registered domain names||
|Recently expired domain names||
Brand Monitor lets you stay ahead of the curve no matter how dynamic and fast-paced the online market changes in real time in just three steps.
With Brand Monitor, you’ll never have to miss out on being the first to go to market. You can enjoy swimming in the big blue ocean of untapped opportunities.
If your foremost concern, however, is ensuring your brand’s safety in the vast array of cyber threats today, see how Brand Monitor can help you.
|Brand Protection Challenge||How Brand Monitor Can Help|
|Domain Name Typosquatting
Typosquatters typically add or delete a character from or replace it with another in a company’s domain name to bait unaware Internet users into a trap. Examples of usual character replacements would be lowercase L (l) for uppercase I (I) and zero (0) for capital O (O), among many others.
|Using the Brand Monitor Typos option, you can track events of misspelled versions of your domain name without the need to manually generate possibilities. It saves you precious time that you’d otherwise be using to think of possible misspellings and searching for them one by one.|
Fake websites mimic the look and feel of their targets by copying pretty much all of their content. To site spoofers, looks are more important than the actual domain name though so they normally just mask their URLs by using shorteners or redirects.
|Brand Monitor lets you safeguard your intellectual property and spot potential trademark or copyright infringements by providing a list of similar, duplicate, or even copycat domain names, regardless of their extension (e.g., .com, .uk, .xyz, etc.). This is also a great way to keep tabs on cybersquatters who may be using your domain for malicious activities.|
Domain name typosquatting and website spoofing are both popular tactics employed by phishers to get their hands on as many sets of credentials or personally identifiable information or PII as possible. The more convincing a fake website is, after all, the more likely victims would be caught unaware.
|Brand Monitor can beef up your email security by identifying phishing websites and known spam senders that you can then add to your list of sites or addresses to block.|
Want to go a step further toward online brand protection? Try out our other monitoring tools that work hand-in-hand with Brand Monitor to guarantee your domain’s security:
- Domain Monitor: Lets you stay on top of all changes made to domain information on a WHOIS record. Used in tandem with Brand Monitor, which keeps you updated on what your competitors are up to. You can get hints on upcoming product or service launches every time a new domain is registered, for instance.
- Registrant Monitor: Keeps you updated on all new domain registrations, deletions, and other changes. Used alongside Brand Monitor, which lets you know if a competitor has folded, if a product or service is no longer on the market, if a new product or service similar to yours will be launched, or if a domain changes hands, to name a few.
Regardless of your business goal — protecting your entire portfolio of virtual real estate holdings, staying ahead of the competition, or hoping to get your hands on a domain you’re interested in — Brand Monitor can help. Better yet, it can be easily integrated into any of WhoisXML API’s available APIs should you wish to use it in other ways, including but not limited to the following:
- Reverse WHOIS API: You can use the WHOIS reports that Reverse WHOIS API generates to obtain more information on a domain you’ve been monitoring to verify its legitimacy when, say, you’re investigating it for copyright infringement or any fraudulent activity.
- Registrant Alert API: This is a RESTful API version of Registrant Monitor that you can use if you’re more comfortable working offline than online. Used in tandem with Brand Monitor, it lets you keep track of registrant-related changes tied to brands you’re monitoring.
- Brand Alert API: This is a RESTful API version of Brand Monitor that you can use instead if you’re more comfortable working with static information. It offers all the functionality that Brand Monitor does.
- WHOIS History API: If you’re unsure of the reputation of a domain you wish to purchase and want to know its entire history, use WHOIS History API with Brand Monitor. It gives you detailed insights into the domain’s entire life cycle, allowing you to make sure it never had ties to malicious online dealings that could harm your brand.
- Reverse IP/DNS API: Being too thorough in this industry never hurts. If all you know about a brand you wish to monitor is an IP address, use Reverse IP/DNS API to find out who owns it and more. This is a great tool to comb the Internet for all the domains tied to a brand you’ve got your heart set on.
- Reverse MX API: If you wish to know more about a competitor or possible miscreant trying to harm your brand but all you’ve got is an email address, use Reverse MX API along with Brand Monitor. It’s a great means to weed out bad from good email.
- Reverse NS API: Getting a lot of traffic from a specific name server? If you’re worried that a competitor, a disgruntled current or former employee, or a cybercriminal hoping to make a buck could be trying to DDoS your website, use Reverse NS API to get more information. Keep in mind that having your website knocked off the Web could lead to lost opportunities and thus harm your brand.
Brand Monitor is a component of the Domain Research Suite. If you’d like to get the most out of what the tool offers, it may be a good idea to get the entire suite of tools. For more information on the Domain Research Suite, visit its website.
Cybercriminals bank on tried-and-tested tactics like domain name typosquatting, website spoofing, and phishing to line their pockets with a target’s hard-earned money because those tactics work. We don’t see cyber attacks abating anytime soon. And any company that has an online presence, regardless of its size or scale, is a likely target. Because your brand defines your company, it’s your responsibility to secure it from all kinds of threats. Failing to protect it could have serious repercussions, including losing your customers’ trust and paying substantial fines should you suffer a breach and put their personal data at risk. We’ve seen businesses fold after getting hit by a cyberattack, and you won’t have to share their fate if you proactively safeguard your online brand.
Take Brand Monitoring and Protection to a Whole New Level
Don’t become the next cybercriminal prey, use Brand Monitor to take a more proactive stance toward defending your brand and, ultimately, your business. Subscribe to a free account now and get free credits to take it for a spin. If you like the results, take a look at our available packages and choose which works best for you.
|Free||One-Time Purchase||Monthly Subscription||Annual Subscription|
|Get free credits upon sign-up||Best for companies that don’t have a recurring need for Brand Monitoring||Best for businesses that require constant brand monitoring|
|1,000 credits per month||US$190|
|5,000 credits per month||US$490|
|10,000 credits per month||US$790|
|20,000 credits per month||US$1,270|
|50,000 credits per month||US$1,990|
|100,000 credits per month||US$2,790|
|200,000 credits per month||US$4,790|
|500,000 credits per month||US$7,590|
|1 million credits per month||US$11,990|
|1.5 million credits per month||US$14,590|
If you’re looking for more customized plans, feel free to contact WhoisXML API at . Note that the amount of credits you’ll need depends on the operation you require. For example, monitoring one brand costs 10 credits per day, and if you wish to include domain names with typos in your brand tracking, you’ll require 1,000 credits per day. What are you waiting for? Start tracking and cracking with Brand Monitor today.