• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar

McCarter & English Logo

  • People
  • Services
  • Insights
  • Our Firm
    • Leadership Team
    • Social Justice
    • Diversity & Inclusion
    • Pro Bono
    • Client Service Values
  • Join Us
    • Lawyers
    • Summer Associates
    • Patent Professionals
    • Professional Staff
    • Job Openings
  • Locations
    • Boston
    • Philadelphia
    • East Brunswick
    • Indianapolis
    • Stamford
    • Hartford
    • Trenton
    • Miami
    • Washington, DC
    • New York
    • Wilmington
    • Newark
  • Share

Share

Browse Alphabetically:

  • A
  • B
  • C
  • D
  • E
  • F
  • G
  • H
  • I
  • J
  • K
  • L
  • M
  • N
  • O
  • P
  • Q
  • R
  • S
  • T
  • U
  • V
  • W
  • X
  • Y
  • Z
  • All
Bankruptcy, Restructuring & Litigation
Business Litigation
Labor & Employment
Blockchain, Smart Contracts & Digital Currencies
Coronavirus Resource Center
Cannabis
Corporate
Tax & Employee Benefits
Insurance Recovery, Litigation & Counseling
Government Investigations & White Collar Defense
Crisis Management
Intellectual Property
Cybersecurity & Data Privacy
Delaware Corporate, LLC & Partnership Law
Design, Fashion & Luxury
E-Discovery & Records Management
Environment & Energy
Financial Institutions
Government Affairs
Government Contracts & Global Trade
Healthcare
Food & Beverage
Immigration
Impact Investing
Life Sciences
Manufacturing
Products Liability, Mass Torts & Consumer Class Actions
Proptech
Public Finance
Real Estate
Renewable Energy
Sports & Entertainment
Technology Transactions
Transportation, Logistics & Supply Chain Management
Trusts, Estates & Private Clients
Energy & Utilities
Venture Capital & Emerging Growth Companies
  • Broadcasts
  • Events
  • News
  • Publications
  • View All Insights
Search By:
Insights News SmartPhone1
Main image for 1F Y0U CAN R3AD TH15—Security and Scam Alert
Publications|Alert

1F Y0U CAN R3AD TH15—Security and Scam Alert

Intellectual Property Alert

6.23.2015

You may think there is no value in chasing domain name squatters because customers find your website through search engines, but consider squatters as internal and external security risks. A constantly evolving threat, there are new variations on old domain name scams.

Spear-Phishing Among Your Employees

Most of us have received phishing emails in which a victim is asked to give a real password to (unknowingly) enter a fake site, or is asked to send money. You may have learned to check the sender’s address for validity. But what happens when after a quick review, the address looks valid and the email also looks like it has come from another employee? These malicious emails can provide hackers with a back door into company systems and get people to ignore established procedures.

This is “spear-phishing” at its most dangerous. It happened in 2014 to the then-controller of a company in Omaha who wired over $17 million to offshore accounts on the strength of emails he believed to be from his CEO. The email address looked similar enough, and included instructions that made sense at the time. Detailed article here.

Some companies are fortunate enough to have employees who recognize the malicious emails. Sometimes the company may bring immediate action in court, or it can choose the much less expensive UDRP option (its clunky full name: Uniform Domain-Name Dispute Resolution Policy). The UDRP enables the company to get an administrative Order of Transfer of domain names which have been registered and are used in bad faith. (There is also a Uniform Rapid Suspension System Policy, or URS, which enables a company to suspend some squatted domains rather than seize them).

In one such recent case, the controller of Thornburg Investment Management (Thornburg.com) received emails purportedly from the CEO, requesting wire transfers. The sending email address came from a @Thomburg.com domain name. Did you notice the “r” and “n” are replaced with an “m”? This controller did notice, but in a fast paced business environment, some executives may not be so lucky. UDRP decision here.

In yet another case, customers were lured into transferring virtual game credits to scam artists with addresses from typosquatted domains. The scam artists piggy backed on a real company promotion. Detailed article here.

Vigilance and proactive measures are still required to prevent hackers and scam artists from hurting you and your customers. It is impossible to proactively register all possible variants, so domain name watch services should be employed with an eye to security as well as protection of the trademarks. Registered marks are the easiest to enforce, so be sure your company name and key brand names are registered in all key markets.

New Variation on Another Old Registration Scam

Most company CEOs, general counsel and Security personnel have by now received multiple inquiries from fake domain name registrars telling them that “ABC wants to register YourBrand.CN, YourBrand.TW, etc., but we (the fake-domain name registrar) noticed that YourBrand belongs to you, and should we let this go through?”

Recipients routinely and safely ignore these emails and register domains of interest through normal channels. However, there is now a new variant. A “brand authentication service” sends an email to you allegedly having received an application from a stranger, in which the service claims the stranger has applied for the registration and authentication of “YourBrand” as an official brand website. In some cases, there is a website at the address of the “brand authentication service” which looks pretty convincing. However, this is just a slightly more sophisticated variant of the same scam we have been seeing for many years.

Lawyers at McCarter & English, LLP, routinely advise clients on trademark and domain name registration and enforcement of rights. We give our thanks to summer associate, Cristián Ossa, for his assistance with this client alert.

If you would like additional information on this topic, please contact a member of the Intellectual Property practice or your lawyer at McCarter & English, LLP.

sidebar

pdfemail

Related People

Media item: Susan Okin Goldsmith
Susan Okin Goldsmith

Partner

Related Services

Intellectual Property
Subscribe to our Insights
McCarter & English, LLP
Copyright © 2022 McCarter & English, LLP. All Rights Reserved.
  • Login
  • Attorney Advertising
  • Privacy
  • Awards Methodology
  • Contact
  • Subscribe
  • Sitemap

The McCarter & English, LLP website is for informational purposes only. We do not provide legal advice on this website. We can provide legal advice only to our clients in specific inquiries that they address to us. If you are interested in becoming a client, please contact us, but do not send any information about your specific legal question. We cannot serve as your lawyers until we establish an attorney-client relationship, which can occur only after we follow procedures within our firm and after we agree to the terms of the representation.

Accept Cancel