2014-06-05

The release of more than 1,000 new Top Level Domains (TLD) by ICANN (Internet Corporation for Assigned Names and Numbers) this year is being hailed as one of the biggest changes to the internet since its inception, resulting in expanded consumer choice and industry competition.Until this new program, web users could only choose from 22 generic top-level domain names such as .com, .org and .biz. New TLDs signify the next major milestone in the expansion of the Internet and a brand’s digital presence. However, with this opportunity also comes the risk of cybersquatting, identity theft and trademark infringement.

The new generic TLD program (gTLD) offer significant potential to businesses of all sizes. However, cybersquatters who have registered new gTLDs threaten many of the world’s most valuable companies, according to new research from the ICANN assigned Trademark Clearinghouse (TMCH). For example, in January 2014, third-parties with absolutely no relationship to the respective brands registered names such as “Adidas.clothing” and “Burberry.clothing.”

There are a number of scams that domain name owners need to be aware of such as domain name registration scams and domain name renewal scams. For instance, if you own the domain Brooklyn.coffee you might get a renewal notice for a very similar domain, such as broklyn.coffee, from a company that hopes you won’t recognize the difference between the two names. Another fairly common renewal scam is when a domain name owner receives a renewal notice for his or her exact domain name, but the renewal notice is sent from a company that the domain name owner has no relationship with and that is unauthorized to collect renewal fees on behalf of the registrar.

In order for businesses to ensure that their domain name is secure, they should review the following tips:

1)      Understand what country’s privacy laws your domain name operates under.  For example, in 2010 GoDaddy stopped registering domains in China because, in their opinion, the privacy laws were too restrictive. The government policy required individuals and businesses that wished to register a .cn domain name to submit a headshot as well as a serial number identifying their business license in China.

2)      Make sure the domain has built-in registration security. Many registrars offer domain name owners a service that allows the registrant to “lock” the domain name through the admin panel. This helps ensure that your domain name does not get hijacked. Domain name hijacking occurs when an attacker gains unauthorized access to registration data for a domain name, thereby gaining administrative control over the domain that enables them to modify several elements of the domain, including the website to which the domain resolves, or even to change the registered owner of the domain name.

3)      Don’t let your domain name expire and beware of similar domain names. If you forget to renew your domain name after it expires, you’re giving hijackers or anyone else the opportunity to purchase your domain. For this reason, it is also crucial for a company to make sure that the email address used when the domain name was registered is fully functioning, since this is where most registrars send their renewal reminders. Additionally, if you’re a large organization, you need to be aware of similar domain names that people may use to parody your company. For example, in the mid-90s an Austin, Texas computer company named Zero Micro Software registered a domain name at “micros0ft.com.” The contents of this web page were largely aimed at criticizing Microsoft’s president and the company’s products.

4)      Get WHOIS protection. Whois is used to look up records in a Registry database. Whois can provide information about domain and registrar records. This could include your email, phone number and contact address. All this information could be harvested by spammers. WHOIS protection hides this information from the general public.

5)      Use DNSSEC technology. DNNSEC is a technology that was developed to protect against DNS (domain name system) poisoning. By enabling DNSSEC for your live domain name you can reduce the risk of DNS poisoning to a minimum.

6)      Register your trademark in the TMCH database. A valid registration of your trademark in the database will result in notification when a domain name that matches your trademark is registered. A record in the TMCH also gives you the possibility to be pro-active and register your trademark in the new gTLD namespace.

Today’s businesses must have an online presence in order to reach their full potential, yet at the same time Internet security is becoming increasingly complex. A stolen domain name can be incredibly costly and result in significant brand reputation damage.It is essential for businesses of all sizes to be aware of the potential threats that come with having a web presence and take steps to prevent domain name vulnerabilities.

Show more