Cybersquatting trends and strategies that brand owners need to know

The Internet has transformed a number of sectors and has provided many opportunities for users. At the same time, it has become a hunting ground for hackers and criminals looking to target people and businesses. For the past 30 years, cybersquatting has been one of the most common forms of fraudulent online activity. This takes various forms – one of the most common being when a person registers a domain name that contains a protected brand in order to take advantage of the brand's reputation.

In 1999 the UDRP, led by WIPO, was introduced as a tool to help brand owners tackle cybersquatting. Unfortunately, more than 20 years later, not only is domain squatting still prescient, but other forms of cybersquatting have continued to grow dramatically over the years.

Easy access to the Internet has allowed squatters to register more and more domain names in order to exploit brand owners. Since the launch of the UDRP, WIPO has dealt with more than 50,000 cases and more than 91,000 domain names. Case filings increase every year, with 4,204 cases in 2020 alone. WIPO has attributed much of this rise in fraud – including phishing, counterfeit sales and other forms of online trademark abuse – to the covid-19 pandemic.

At one stage or another, all global brands (eg, Dell, Coca-Cola, Microsoft and LEGO) – with Lego being the top UDRP filer with more than 850 cases filed to date – have had to fight against cybersquatters infringing on their protected trademarks or service marks.

Cybersquatting trends

Trends in cybersquatting have evolved over the years. In the early days of the Internet, infringers registered domain names to gain profit through ad revenue. Now, pay-per-click pages are no longer the driver of domain name registrations. Cybersquatters have adopted other tactics to gain profit from domain registrations.

For example, the main trend seen in the past couple of years has been a surge in phishing attacks. Phishing often takes the form of emails targeting clients or employees of a brand owner in order to obtain sensitive information, including passwords, names, email addresses and bank details. A phishing attack starts with someone registering a domain name that is similar enough to the original brand that the victim will fail to see the difference at first glance.

Phishing can have disastrous consequences for brand owners. It not only affects their business operations, but also has a long-term impact on their reputation.

Further, the covid-19 pandemic has encouraged cybercriminals to conduct more malicious activities, resulting in a sharp rise in spam and malware. Brand owners have also experienced a spike in counterfeit goods being sold online. With physical stores remaining closed in most parts of the world, consumers are looking to buy the same products online and are more likely to come across counterfeits.

Strategy is key

The key for brand owners is to ensure that their IP rights are protected. Registering trademarks in jurisdictions where the brand operates will help to enforce protected rights. While the UDRP is the preferred course of action if a company falls victim to cybersquatting, brand owners should consider the following steps before launching a domain dispute:

• Monitoring the brand online will allow for complete digital visibility regarding infringement. Being proactive rather than reactive will help to mitigate threats and anticipate future risks.
• Take preventive measures, including defensive registrations and/or blocking services. While retrieving all infringing domain names can be an effective strategy for some brands, this is often cost-prohibitive. Brand owners now tend to be more selective of their domains to save costs and reduce their portfolio. Blocking services such as Domains Protected Marks List can provide an alternative option for some companies. This allows brand owners to protect their trademarks in more than 240 extensions, preventing anyone from registering those types of domains for a specific period.
• Join the Trademark Clearinghouse database. While this is not a right protection mechanism in itself, it could dissuade future infringers from registering the brand in a domain name and gives brand owners access to the URS. This is an expedited and inexpensive process, which can result in a domain name suspension if found to be a clear-cut case of infringement. 
• Sending cease and desist letters to infringers can help to resolve matters amicably and result in the transfer of the disputed domain name to the brand owner.
• If website content is the main concern, enforcement measures through internet service providers are an effective option. This will remove the content or see the domain name suspended.

Ultimately, enforcing rights through domain arbitration acts as a great deterrent for cybersquatters as all decisions are made public. Enforcement actions also have several benefits for consumers; they increase customer confidence and guarantee a genuine brand experience without the consumer being led astray.

The rise in cybersquatting cases shows that from well-known brands to smaller businesses, no one is spared when it comes to online infringement. A good brand protection strategy will help companies to take appropriate action and enforce their rights when needed.