It’s no secret brand abuse is on the rise. To get a clearer picture of the nature of this increase, we examined domain enforcement activity from a sample of our clients.
We found that, on average, monthly enforcement activity has increased by 100% in the last year. While brand abuse is a year-round problem, our analysts observed spikes in domain enforcement activity in the summer months as well as heading into the holiday shopping season, which was especially busy in 2020.
Enforcement Challenges for Domain Name Infringement
A recent study by the Interisle Consulting group illustrates the enforcement challenges for domain name infringement. Prior to the introduction of GDPR in May of 2018, approximately 75.7% of all WHOIS records contained contact information for domain registrants while 24.3% of WHOIS records were under privacy/proxy protection.
In response to GDPR, ICANN introduced the ‘temp spec’ for access to WHOIS records. Under this policy, registrars and registries have redacted contact information from 57.3% of all domains according to Interisle’s research. During this period, the researcher found that usage of privacy/proxy protection has increased to 29.2% of WHOIS records.
As a result, 86.5% of all WHOIS registrant contact records cannot be identified using WHOIS. In under three years, availability of WHOIS contact information has steeply declined from 75.7% in 2018 to just above 13% in early 2021.
This wholesale redaction of registrant information has made it exponentially more difficult and expensive for brandholders to take action against cybercriminals, cybersquatters, and domain infringers. With ICANN’s decision to allow for contact information to remain largely redacted, bad actors are able to thrive in virtual anonymity.
To complicate the situation further, registrars routinely deny or ignore requests for redacted domain name registration data. A recent post by the Cybersecurity Tech Accord documented that 55% of requests for redacted registrant data are denied, and another 43% are left unanswered, leaving just 2% of requests for registrant data being fulfilled.
At Appdetex, we, too, have found that obtaining redacted information continues to be a struggle during our own enforcement efforts for our clients. During the period September 1, 2020, through February 28, 2021, we submitted over 4,500 requests to 182 ICANN-accredited registrars. Of those individual requests, only 10.1% resulted in responses that included registrant data. Of the 182 registrars to whom we made requests, 61 were completely unresponsive. The bottom line: while the majority of registrars acknowledge requests for data, they do not provide any data.
This lack of cooperation has resulted in brandholders facing a slow, expensive struggle when it comes to domain name dispute resolution. Without proper access to registrant information, it has become increasingly difficult to achieve a nuanced resolution. Historically, many complex domain abuse issues have been resolved through dialogue with registrants, an option that is no longer readily available.
Brandholders must now find alternative ways to resolve their issues; from requesting hosting providers to block a specific site, to filing administrative actions like the Uniform Domain Name Dispute Resolution Policy (UDRP), or in some extreme cases, initiating civil litigation.
These solutions come with their own host of issues including the high costs associated with legal services and filing fees to the slow UDRP process. In addition, this lack of information makes it more difficult for brandholders to uncover related abuse, meaning they may have to repeat these processes multiple times in order to protect their brand.
Fighting Brand Abuse Networks
Bad actors, aware of the enforcement struggles that brandholders are facing, have turned the situation to their advantage, boldly creating systemic abuse networks that are resilient to traditional methods of mitigation.
Malicious actors began using multiple obfuscation layers to make it harder to find and dismantle their operations. These sophisticated networks utilize modern digital marketing strategies and technology to take advantage of consumers by infringing upon the trademarks, brand names, hashtags, slogans, and even web page text used by the brands they target.
Traditional brand protection technology relies on scanning to identify the nodes of a network, but these technologies exclude the linkages and, thus, the discovery of related abuse. While brand protection professionals who use these legacy technologies are able to pursue enforcement for the individual nodes, they are unable to identify related abuse, leaving large swaths of criminal operations in place, continuing to profit.
To illustrate this point, consider the following graph. At first glance, the data looks promising, with network percentages appearing to be decreasing, but a closer examination reveals related abuse continues after enforcement.
In other words, as brandholders using legacy technologies take down an abusive node, new nodes appear to take its place. This phenomenon demonstrates the highly-organized nature of systemic abuse networks.
Dismantling these sophisticated abuse networks requires a fresh approach that goes beyond identifying and taking down individual abuse nodes one-by-one. Modern brand protection technology uncovers the linkages or connective tissue between the network nodes and is able to map the network’s scope.
This is crucial since we have found that one in every three enforcements is related to a brand abuse network. Appdetex is the only brand protection provider that can meet the challenge of systemic abuse networks with our patent-pending Appdetex Tracer® technology. By understanding the true scope of a brand abuse network, brandholders who use modern brand protection technology are able to target the heart of the network abusing their brand.