recorded webinar


Protecting your intellectual property (IP) is important to brands across the globe. When fraudsters impersonate or use a company’s brand name and logo, they not only infringe on a brand’s IP rights, but also devalue and dilute the brand and cut revenue.

Join CSC’s senior brand analyst, Chris Lincoln, for this recorded webinar that will delve into key measures and best practices to protect your IP.



Request information from CSC

Maximum characters: 250

In Protecting Your Intellectual Property from Domain, Brand, and Logo Infringements, Chris will address:

  • The importance of domain monitoring to your brand protection strategy

  • Brand and logo abuse, and why brands should care

  • What trends experts are seeing at the moment, and what it means for your brand

  • Solutions to these issues, and their impact

Chris is joined by CSC’s subject matter experts Dr. David Barnett (brand monitoring) and Lan Huang (domain enforcement).


Disclaimer: Please be advised that this recorded webinar has been edited from its original format, which may have included a product demo. To set up a live demo or to request more information, please complete the form to the right. Or if you are currently not on CSC Global, there's a link to the website in the description of this video. Thank you.

James: Hello, everyone, and welcome to today's webinar "Protecting Your IP from Domain, Brand and Logo Infringements." My name is James Weir, and I will be your moderator. Joining us today are Chris Lincoln, David Barnett, Lan Huang.

Chris: Hello, and welcome all to those tuning in to listen and watch. Whether you're working in the industry, a brand owner, a fellow colleague, or someone just interested in the world of brand protection, we have some interesting things to share with you today. And so I'd like to introduce myself and our guests.

My name is Chris Lincoln. I'm a Senior Brand Protection Analyst with CSC. I've been working in the industry for four and a half years. Over that time, I've worked with numerous brands across various industries to find, analyze, and report potential IP infringements.

Joined with me, I'm overjoyed to have a renowned expert in the BP world. He built and originally led up the Brand Protection team with NetNames. As a veteran in the industry, he has had a significant influence on the approach to analysis and investigation methodologies. He has experience with providing expert consultancy to some of the world's biggest banks and has recently become recognized at CSC's brand monitoring subject matter expert after 15 years of working in the industry. He literally wrote the book on brand protection. Thank you for coming along Dr. David Barnett. How are you, DB?

Dr. Barnett: Thanks very much. Good for you, Chris. Very happy to be here.

Chris: Good. Good. And what would an IP webinar be without an enforcement expert? Also joined with us we have a special guest, who initially started as a Chinese-speaking analyst, later became a domain name enforcement guru and whose research and activities gradually expanded domain enforcement into a globally recognized service of the company. Experienced as a key speaker in numerous industry workshops held by CSC in Munich, Paris, Stockholm, Helsinki and London. Co-hosted numerous webinars with other CSC experts, and has presented as a panelist at the IACC conference to talk about website enforcement in China and the best practice, our very own domain enforcement subject matter expert, Lan Huang. How are you, Lan?

Lan: Thank you. I'm very well. Thank you, Chris. That's an epic intro.

Chris: Thank you. So we have a few topics that I want to talk about today. Firstly, we will be talking briefly about domain management and how domain monitoring can be the perfect accompaniment to management of your portfolio. Right off the bat, we'll walk through some key benefits of brand and logo monitoring by taking a look at different types of IP abuse in these areas. We'll be providing insight on the kinds of things that we've been seeing with a couple of examples broken down, followed with a walkthrough of what we can do about them. And then we can answer some questions. So without further ado, let's get started.

Now we know that there are a range of important concepts to a brand owner when it comes to considering their IP, and among many of those that we talk to seek out experts or want to know how they can protect their brand. So here we have three areas that I've found to be important when it comes to the brand owners I've worked with.

So the first one is establishing your brand. So this really boils down to your reach and representation in the desired territories. Then there's maintaining your corporate image. When we think of this, it essentially means that a brand's IP is being used in the right way, at a high standard and not in the wrong places. And finally, protection from infringement, which is ensuring things are in place and taking certain measures to prevent and remove infringement of a brand's IP online.

In order to have these three things, there are a number of standard approaches that companies should be taking to ensure that their brand is correctly represented and protected. The methodologies that we use to monitor and enforce will help with those. And today we're going to go through our experiences and provide you with some insight on these areas.

Okay, so let's talk domains. Home is where the domain is. If you have your domain names managed by CSC, then you are probably already working with a strategic account manager, who are the experts when it comes to consultancy with the main portfolio management. They will also be a key person to assist with helping to make sure you're set up with the right security measures in place, which is a really hot topic right now. But we're going to be focusing a little bit more on the third point.

I know that some of the contacts I've worked with their primary responsibility in their role is to look after their brand's domains. And generally speaking, you're going to have your essential dot-coms and relevant ccTLDs. But with around 200 ccTLDs and a massive growth, almost an explosion in TLDs in the recent years, including industry and brand-specific TLDs, there's an awful lot of options to consider. This is where domain monitoring comes in handy. And domain monitoring fits nicely into balancing your portfolio when considering defensive registrations, right?

Dr. Barnett: Yeah, absolutely. So Chris raises a good point there. So obviously, as a brand owner, you're going to want to register the core domains that you want to be using day-to-day, the ones you're using for your main customer-facing website and so on. And generally speaking, you also want to have some defensive registrations, so those registrations which either relate to things you may want to use in the future, or the sorts of things that an infringer may look to register if they're looking to sort of pass themselves off as being you.

So, you know, if you're a bank, for example, if you're a UK bank, for example, you might want to register You might also want to register things like,, and a few variations.

But obviously, you can never possibly second guess every possible variant that an infringer might hope to use. So there's always a balance between sort of registering enough domains to kind of keep your kind of core portfolio secure, but then having some proactive monitoring on top of that to catch the other things that people may be registering to try and infringe on your brand.

Chris: So I guess that's kind of the point is getting that perfect balance of registrations and having that monitoring to kind of support what you wouldn't necessarily want to register, what you'd want to keep [inaudible 00:06:30], right?

Dr. Barnett: Exactly. You don't want to spend too much money registering every possible permutation. So it's always a balance between kind of registering the ones that are kind of core and sort of core defensive registrations and then monitoring for the rest.

Chris: Exactly. So moving on from that, we're using our in-house technology to monitor for brands domains. We look at thousands of registrations every day to provide a preventative and reactive measure against infringes. DB, you've been with the company a long time, and you've seen how our technology has developed. There's definitely some useful stuff going on behind the scenes.

Dr. Barnett: Yeah, absolutely. So I'm just going to talk a little bit about sort of the technical and the data sources we use throughout domain monitoring.

One of the main sources of information we have are what's called zone files. Now, these are kind of documents or files that are published every day by the operators of each of the TLD registries out there. So each registry, each tld, .com, .net, and so on, they will be operated by a registry company. And every day, that company will publish a list of all of the domains that are currently kind of registered across that TLD. We can download and we can inspect those zone files to look for domains, and by essentially comparing today's zone file, when we get today's zone files, we can look for new registrations.

So that will allow us to have pretty comprehensive coverage across most of those TLDs when the zone files are available, and that's most of the gTLDs, the global TLDs, and most of the new gTLDs that have been launched over the last few years.

For some of the country-specific ccTLDs, zone file access is not always granted by the registry. So in those cases, we fill in some of the gaps by doing what we call parallel look-up. So if we find a domain through a zone file look-up, we can do an equivalent look-up to see if the same equivalently named domain exists across those other ccTLDs, so things like .uk, .de, .fr, and so on.

Beyond that, there will still be kind of gaps that we don't find through those roots. So in those cases, what we'll do is we will augment those searches by some internet meta-searching. So that's using sort of brand-related search queries, sending those out to search engines and finding the pages that come back and looking for relevant domains within that.

So we kind of use a variety of sources to try and give us comprehensive coverage as we can get. And in so doing, we're looking not just for domains containing the brand name, but we also look for variations and typos. So our domain monitoring tool can use things like wildcard characters to look for some variations, the sorts of things that might be used by an infringer. And infringers will use and abuse domain names in a variety of ways, which we'll come on to in the next slide, so I won't talk about that too much now.

The other sort of really kind of key point to note about domain monitoring is, obviously, if you're looking for a particular type of infringement, you could get the same type of infringement on a branded domain name as you could get on a regular kind of web page that doesn't necessarily have the brand and domain name. But obviously, the branded domain infringements tend to be the ones that are kind of the highest risk, if you like. They tend to be highly visible in terms of being more highly ranked in search engines. They're clear abuses of IP. And then everything else being equal, there tends to be more enforcement options available for a branded domain than for a sort of general branded website. And again, Lan will talk a little bit about that later on [inaudible 00:09:44], so yeah.

Chris: Thanks, DB. So there's a lot of different things an infringer can do with a brand's domain, as we've mentioned. And we've seen some pretty interesting stuff from fake sites to competition scams to username and password phishing.

Dr. Barnett: Yeah, absolutely. So yeah, actually, I mean, if a third-party is going to be registering a branded domain, there can, in general terms, be a number of different things they're planning to do with that. I guess one of the highest risk things is where they're trying to sort of pass themselves off as being or representing the brand. You know, you can think of things like fraudulent or phishing sites, sites that are using official branding to sell counterfeit goods. In those cases, they're kind of using the brand in the domain name kind of to pretend to be that brand if you like.

Chris: To pass off.

Dr. Barnett: Yeah, exactly. But we do see a range of different types of infringement, and some of those are kind of suggested by the kind of keywords on the slide here. And there can be a range of things. So things like traffic misdirection, so someone who's using a branded domain name, but actually, when you go to the website, it actually redirects you, for example, to a third-party site. So that's kind of like a brand seeding type issue.

There may be issues of things like potential brand confusion. So those may be, you know, two or more companies actually that are legitimately using the brand name, that are maybe coexisting, and there, there may be issues to do with trademark coverage as to whether that actually constitutes an infringement or not.

There may be sites that are using a branded domain name to imply some sort of claim or affiliation. There maybe someone claiming to be a service provider for a particular kind of category of branded goods and so on.

Chris: Yeah.

Dr. Barnett: Beyond that, you know, we often find that there are lots of branded domain names we pick up where there is actually no live content at the moment. And again, they can be kind of still misused in a number of ways. Even when there's no kind of live content on the site, sometimes we find that an infringer will actually monetize that site by putting on sponsored ads or pay-per-click ads. So actually, even while there's no kind of active content, they're still generating revenue through that site, and that can be particularly concerning where those pay-per-click ads actually direct maybe to competitor websites.

I guess probably one of the sort of most sort of sinister things, if you like, that we do sometimes also see is when there's apparently no live content at all, but actually someone has registered that domain name to actually use it as the from address in an email. So again, that's often associated with kind of phishing or advance fee fraud. So in those cases, we can look for things like the presence of an MX record to see whether the domain has been activated as far as email functionality.

Chris: Yeah, okay. Yes, I mean, that we've seen really interesting patterns with what infringers are doing. And one particular brand that I worked with that we actually identified cross industry was where they were taking the brand names, they were putting numbers in a domain, and they were promoting themselves in an undesired region. And what we did was we took the keywords and the number pattern that they were using in the domain and put that into our monitoring so that we were looking for that. We've also had challenges with brands who would use just acronyms in their brand. And so they're more difficult to kind of just look for because, obviously, there's going to be thousands of variations, right?

Dr. Barnett: So that's actually a really nice example where actually, once the brand monitoring service gets going, we actually use the intelligence derived from that to actually proactively sort of evolve the monitoring to look for the types of infringements that we know the criminals out there are actually using.

Chris: Yeah, exactly. And that's a big part of what we do in domain monitoring that you can't really do for just portfolio management. And when we came across the infringement that we've been talking about, it's all about kind of implementing that into the scanning and looking for those types of infringement, identifying what the trends are, looking at, you know, different methodologies that they're using so that we can keep our monitoring fluid and provide, you know, support in those areas.

Dr. Barnett: Absolutely. I mean, it's a process we tend to call tuning for live services, making sure that the service remains focused, is kept up-to-date with the types of things we're actually seeing out there in the wild.

Chris: Exactly. So I think that phishing is usually at the top of a brand owners' priority simply because of the impact on the customers as well as the brand's reputation. And there's a lot of sensitivity around customer data to consider, especially since the developments of the GDPR.

Dr. Barnett: Yeah.

So we've got a number of things that are pretty concerning about this particular issue. We've got a branded domain that's requesting personal details. It's got corporate branding, and there's a brand logo and brand name being used in the content of the website itself. This is where we begin to think about action.

Lan: Absolutely, this is where we should look into the enforcement action. Even like the domain name, it does have the brand name in, it actually puts personal information, and also it makes use of the corporate branding and also the brand logo and brand name. It's a highly risky domain name. Therefore, we do need to kind of consider really heavy handed. As, you know, like the domain is very, like very unique and also like it does attract attention from the visitors assuming that's actually a legitimate domain name. That's why we wanted to hit it with a registrar action.

So a registrar action is normally most applicable when the domain name involve both fraud and phishing. Obviously, we do need to do a very thorough investigation to ensure the domain name is not compromised and the registrant of the domain is not a victim themselves. So we naturally carry out all the investigation where we can. And if we are absolutely sure everything is created for just a phishing purpose, we will hit a registrar.

Obviously, as DB already suggested earlier, that the domain name itself doesn't have to resort to any active content. It can actually be used to send fake emails. Typically, they can be used for advance fee email and then like recruitment scam emails. Various kinds of emails can be sent from those, like a fake domain. That's why we do also, you know, like, for example, investigating email header information, so we then can approach the registrar and confirming the domain name itself is actually being used for fraud.

Chris: Like we're essentially providing evidence to them?

Lan: Absolutely. So apart from the registrar action, what else we do? Of course, there will be something we can do, it will be the host action. It normally applies when a registrar is non-compliant or when we suspect a domain name has been actually compromised by a third-party, unknown individual, or a criminal.

And quite often, it also comes into the form of the malware issues, or sometimes it can be document download that actually does consist of a malware, and that's where we do go to the host actually, because we want to ensure like everything on the server can also be removed as well.

Sometimes we also go to the host for phishing issues, as we mentioned before, because the registrar is non-compliant or the website we suspect has been compromised. That also kind of suggests like a registrar might not have been aware of like a breach of their backend security. So it's, you know, like an ethical organization, we all do want to make sure, you know, they are aware of the issue fully.

Chris: Okay, so thank you, Lan. Let's move on to brand and logo abuse. We're going to be talking about the kinds of things we've been seeing and break down some examples too.

Now there's a vast amount of different types of brand and logo abuse online. And we've seen all kinds of weird and not so wonderful IP issues in this area. There's going to be standard logo abuse for most brands across the board, but some will be unique and to their industry and some will just be [inaudible 00:18:47]. DB, I know you discuss these kinds of examples and concern that was in your book that you broke down quite well.

Dr. Barnett: Yeah. So I mean, in sort of in general terms, I guess what we've got here is this sort of range of different types of infringement you can find in general internet content. And I guess it's no kind of coincidence that a lot of these are the same as we've seen in the previous section on domains. Essentially, domain abuse is just a sort of subset of general internet abuse.

Chris: Exactly.

Dr. Barnett: But here we've got things like, you know, brand seeding or traffic misdirection, which is where a brand name is used on a website that actually relates to a third-party, for example, and that could be associated with all sorts of different types of content. It could be driving traffic to a competitor. It could be a part of a claim of affiliation. It could be on a site which is providing an undesirable brand association, so a brand's association with gambling or pornography, things like that.

We've got things like site framing, which we're going to be talking about a little bit later. We've got general claims of affiliations, so things like client claims, partnership claims, sponsorship claims. And again, in those cases, a lot of what we find typically will tend to be legitimate content. But in those cases, we will tend to report those things to the brand owner so that they can check that those relationships are being cited in a compliant way that they're happy with.

And at the center of this, we've got logo abuse, because, you know, we can get all of these types of infringements both with or without the logo. But if the logo is also present, then it tends to give the infringement a greater impact or greater level of significance. We can, of course, also have logo issues in isolation, so things like sites where you can download high quality versions of a logo. So again, those can be [inaudible 00:20:18].

Chris: Competitor sites. Yeah.

Dr. Barnett: Exactly. Those can be of concern because they're, you know, unauthorized distribution of intellectual property. They can be used by criminals trying to create a fake site and so on.

But again, I guess it's kind of taking all things together, infringements where there are logos present can fall into a sort of variety of kind of hierarchies or levels of severities as you mentioned at the beginning. So sort of at the bottom we've got a kind of low-threat content, sort of generic neutral content. So that might be a logo used on a news story that's talking about the brand. So generally, not something that is concerning, not something you want to take action against. And one step up from that, I think you've got the medium brand infringement, so that may be a logo being used in conjunction with a claim of affiliation, an issue of brand seeding, something like that.

And then on top of that, we've got our high-threat kind of categories of content. So those will be things like our passing off sites that are maybe trying to engage in phishing, that are geared towards [seller 00:21:13] counterfeit.

And alongside that we've got other types of infringement that are maybe not so easily actionable, but where maybe, for example, you've got a logo being used in conjunction with negative comment or boycott activity. And sometimes, in those types of cases, what we'll see is sometimes the logo even is modified in such a way so as to sort of promote a negative image of that brand by using kind of negative imagery, negative keywords alongside that.

Chris: Yeah, exactly. And that's kind of an interesting one because we expect to see certain things across the board for a lot of brands. But when we put the monitoring in place and we start working with them, we usually uncover specific or unique infringement to their industry or, you know, sometimes even to the brand itself. So when we've worked with universities, we've seen infringing documentation.

Where we've, you know, worked with betting companies, we've seen Chinese fake sites that are marketed in China. And we've even worked with electronics manufacturer where they had a huge tech support problem where there were these tech support companies or fake tech support companies that were using the brand's logo, they were using the brand name and saying that they could provide tech support services. They were remoting to customer machines, and, you know, there were instances where they were billed thousands of dollars and installing viruses on their computers. And it simply started from a tech support ad.

Dr. Barnett: Absolutely. Then you've got all the issues of security, [inaudible 00:22:39] engineering, all of those types of things tend to be going on as well.

Chris: Exactly. So it just goes to show how you can . . . you know, monitoring can uncover like a small thing that then ends up being a kind of a bit of a rabbit hole, right?

Dr. Barnett: Yeah, absolutely. I mean, I guess, you know, that has always sort of been our mindset and that's why it's so important to have a holistic approach. You kind of look for everything, and it's only kind of when you get into the kind of the meat of a particular service that you know what are the particular issues that are affecting that particular client and that particular industry, because it's not always the same and it's not always what you [inaudible 00:23:07].

Chris: Yeah. Exactly. Yeah. And so we take this approach with our investigation work too, right?

Dr. Barnett: Yeah.

Chris: We look at linguistic analysis, for example, where we take keywords from certain infringers, where they use like a specific kind of weird or unique phrase, and then we can implement that into the monitoring and try and find if they have any other websites. In some cases, we've found where they've taken assets from other official websites that are all legitimate. And there's all kinds of different interesting things that can come out of this kind of monitoring and, you know, it's identified from the logo abuse that we've seen for brands.

Dr. Barnett: This is a bit like what we're talking about earlier. Actually, once you set the service up, you get to know sort of the pattern of the infringers, and you can use that knowledge to actually change the monitoring going forward.

Chris: Exactly, exactly. So, DB, let's take a closer look at framing, because this is one that came up with one of my clients recently, and we provided a piece on where framing came from and how it's used to kind of frame official websites.

Dr. Barnett: Yeah, absolutely. So for those of you folks who have kind of not come across framing before, basically what it is, it's where an official website is sort of displayed in an embedded form on a third-party website, and that's all kind of defined within the HTML source code. There's kind of a number of issues around that, one of which is that the site that's actually doing the framing can impose their own branding using like a border or a header over the official site. So essentially, it's kind of like a dilution of the official branding.

The other kind of really concerning edge to it is that when you're looking at a site that's framed, actually the address you see in the address bar of your browser is actually the URL of the site that's doing the framing, rather than the site that's being framed. So you, as a user, have no real indication what site you're actually interacting with when you're only dealing with the site within the frame. So if you're kind of navigating through that site, you know, the URL potentially is not changing. Actually, all you're seeing is the URL to the site you're kind of interacting through.

So there's all sorts of, you know, issues around with that. There's the possibility that they could be monitoring your traffic in some way. And also, of course, there's no guarantee that the site you think you're actually interacting with is the legitimate site. So if you've gone to, say, an online banking site through some sort of directory that frames that site, you don't actually know whether you're looking at the legitimate site or, you know, a duplicate copycat version of it.

So for all these reasons, we tend to sort of educate and encourage our brand owners to consider framing of their own sites as kind of it's not necessarily infringement, but it's bad practice and we would sort of encourage them to discourage their partners from framing their site in that way.

Chris: So what we should do now is kind of walk you guys through the type of action we can do for something like this. So, Lan, when we've got a framing issue, where there's an unbranded domain that's got competitor links, use of brand logo and sponsored links, what are the options there?

Lan: So obviously, investigation is always going to be the key thing we need to do first. Because like even though it's an unbranded domain name, you still need to be absolutely sure the domain name itself is not created entirely for the purpose of a fraud.

Chris: Okay.

Lan: So there will also be like instances where, like DB suggested earlier, it could be an affiliate actually creating a domain name and framing the official site, and they should be discouraged to do so. So the first step is always to double check what is the registrant background and if there's any way we can verify the information.

Once we have done so, then we can decide whether we hit them really hard with a registrar action, or if we actually identify the sponsored links direct us to, for example, like the other dodgy website, or containing any kind of malicious like a software and all like are directing us to other competitors, then depending on that, we could potentially send a cease and desist to the registrant if we believe the infringement is less serious than like a fraud or like a phishing.

But if it's potentially an affiliate issue, that's when we need to kind of report back to the brand owner, and maybe it is something they need to deal with internally, because this may actually damage their relationship if we take the important action. Obviously, we can be very, very flexible around that. But the first key is always to ensure we do our investigation, identify who's the registrant, what is the background information, and what does the website tell you?

Chris: Awesome. Thanks, Lan. I want to quickly touch on the impact now, because I think this is really important. And this links back to our initial points regarding the three important areas to the brand owners that work with us. We know that there are a lot of ways that an infringer or a scammer can use a brand logo or a domain in ways that will impact the brand. And so, obviously, we talked previously about establishing your brand online and protecting your corporate image and also protecting the brand.

So, you know, to kind of give you guys a bit of an idea as to, you know, how significantly dangerous this can be, we've got a few stats here. So customers are 42% less likely to interact with a brand after being phished or spoofed. Email fraud is up to 45% conversion rate. CEOs scams have cost companies $2.3 billion over the period of around two years, and 97% of people globally can't correctly identify a sophisticated phishing email, which actually kind of makes you think about how they probably aren't very good at identifying sophisticated websites, even with the banner in the domain.

So those are the three areas I think are really important and something that should be considered when looking at your brand and when looking at your portfolio as to, you know, why you might want to have monitoring in place.

Dr. Barnett: I guess that brings up a really interesting point about sort of return on investment as well. I mean, you know, obviously, having a brand protection program in place, you know, it is an expenditure for a brand owner. But, you know, all of the things you've discussed there, Chris, is actually these are the sorts of things that can have direct financial impact on a brand owner. So there is a real cost of not having this type of protection in place.