A nonprofit publication of the Kentucky Center for Public Service Journalism

BBB Trends: Is someone trying to cybersquat on your domain? Don’t click on links in suspicious email

Better Business Bureau

What’s in a domain name, really? For small businesses, it’s the best way for customers to find them and for vendors to network with them. But what if a suspicious-looking email appears in your inbox threatening to take over your company’s domain name because it conflicts with a trademark, or the sender has filed a registration ahead of you for the same name? BBB advises to stop and think before sending a response.

The practice is called domain squatting or cybersquatting, and it’s defined as the act of registering, trafficking in or using a domain name in bad faith. It’s been on the uptick for the last decade, as businesses started creating websites and registering their names associated with them.

The trouble started when domain squatters came on the scene to make pricey offers to companies or individuals who own a trademark or name that they wanted for their own. In some situations, the companies owning a registered trademark or brand pursued individuals or other businesses with too-similar names.

That led to price wars to buy a domain name, or lengthy waiting games when the registration for a domain name expires. In some cases, both parties end up in court. Some popular cases include Microsoft and Madonna, where likenesses were used in domain names of unrelated causes.
In Canada, this recently happened with a former Kayak tour operator, Stan Cook. Scammers were using a similar domain name, and took kayak reservations, even though the actual company was out of business. Cook is currently seeking legal action to try and secure his domain.

Cybercriminals got into the mix of domain squatting when they started to mimic a domain name, publish it, and then use it to lend credibility to a cyberthreat. For example, clients would receive an invoice from a company they’ve done business with before, complete with a recognizable logo and updated address, or banking information to use to send invoice payments. What the clients didn’t notice is that they were directed to false a portal owned by cyber thieves.

Lately, scammers have been reported for sending out mass emails, stating they received an application requesting the same domain name or trademark as the recipient. Next, they’ll ask if they can confirm the information, or that they’ve already filed for the name. Once approved, they’ll move forward with registering and taking over the domain name. Links are included in the email for a registry.

If you receive an email from a possible cybersquatter:

• Protect your company’s domain by doing a domain name search for your company’s website and checking the status of the domain registration.
• Avoid selecting any of the links in the email to protect your computer and any other devices connected to the network.

• Research your rights, and learn more about anticybersquatting by visiting ICANN. Another resource available is the Uniform Dispute Resolution Policy (UDRP), a less costly way to pursue cyber squatters and an optional way of consulting professional domain name strategists.

Report this type of phishing email and threat of domain squatting to ic3.gov and BBB Scam Tracker.
In Canada, domain names are protected trademarks under the Canadian Trademarks Act. If you are facing a domain issue, contact a trademark lawyer.

For more than 100 years, the Better Business Bureau has been helping people find businesses, brands, and charities they can trust. In 2018, people turned to BBB more than 173 million times for BBB Business Profiles on nearly 5.4 million businesses and Charity Reports on 11,000 charities, all available for free at bbb.org. There are local, independent BBBs across the United States, Canada, and Mexico, including BBB Serving The Cincinnati Area, Southern Ohio, Northern Kentucky, and Southeast Indiana, which was founded in 1926 and serves 20 counties. 

Related Posts

Leave a Comment