SlideShare una empresa de Scribd logo

domain names management whitepaper

VAYTON
VAYTON
Marketing
1 de 12
Descargar para leer sin conexión
Protect your Brand Capital: Strategies for your domain name management Effective branding strategies (from name creation to brand protection and valuation) are essential to launch, grow and protect your business. “Protect Your Brand Capital” is one of several whitepapers produced by VAYTON. Brand Capital. The aim is to provide up-to-date background information, trends, and implications for your business in a digital, global marketplace. In this whitepaper, seven best practices are presented for protecting and optimizing the value of your Domain Name portfolio. But first, you should be aware of current and emerging threats to fully protect your brand capital. The winds of change have dramatically altered the business and marketing landscape. Whether you are a local business or a multinational corporation, you will not be able to attract and sustain a healthy customer-base without a strong, protected brand presence on the Internet. Paul Twomey (president of ICANN – Internet Corporation for Assigned Names and Numbers) called the new developments a “transformative revolution” and cited 1.4 billion current Internet users with a projected 1.5 billion in the next two to three years. Eurostat, the Statistical Office of the European Communities, reported that in 2009 one person in two in the EU27 used the Internet daily. Those countries with the highest proportion of daily access and use (three-quarters or more) were Netherlands (90%), Luxembourg (87%), Sweden (86%), Denmark (83%), Germany (79%), Finland (78%) and United Kingdom (77%) - Eurostat news release, Dec. 8, 2009. 1 Page Copyright 2011 NTLUX S.A. VAYTON Brand Capital - www.vayton.com
In the not too distant past, a company just starting up would go through the process of creating a name and registering a trademark to launch and market its business enterprise. Acquiring an Internet address came next, though often as an afterthought. The company would scramble to find a domain name (DN) that matched the brand name. The next step would be to register and periodically update the DN account information. There seemed to be no other considerations. The DN was secured and the company went live on the web. Unfortunately, many companies failed to anticipate threats posed by cybercriminals and neglected to protect their brand capital with a robust Domain Name management strategy. Without a rigorous DN management strategy and without cutting-edge technology to thwart cyber attacks, a company places itself at risk. Loss of revenue, a damaged reputation, and security compromises (for the business and the customer) are three of the most severe consequences. New communication technologies bring new marketing opportunities—and new threats The Internet has pushed the marketplace into a global arena. The innovations altering the landscape of business and marketing (such mobile Internet and social networking) are at the same time ushering in vulnerabilities. Multinational corporations are forced into registering hundreds of DNs to prevent interruption of business and brand dilution. Cybersquatters have registered hundreds and thousands of DNs with the malicious intent of “domain hijacking” or strong-arming a company into buying at an exorbitant price brand-linked domain names. Internet traffic to a company’s website risks being redirected to a malicious site. Worse, the cybercriminal can solicit private customer information under the pretense of being the authentic website. Prospective consumers are using the Internet not only to shop for products and services but to assess the brand promise. Brand dilution happens when customers are redirected to malicious sites seeking to damage the company’s reputation. It may take just one mistyped letter when entering an Internet address to be redirected to a bogus site. No one who has an Internet presence is exempt: including celebrities, writers, and politicians. Immediately after the State of the Union Address by U.S. President Barack Obama (January 2010), the official websites of the 2 members of Congress were attacked and defaced with anti-Obama Page Copyright 2011 NTLUX S.A. VAYTON Brand Capital - www.vayton.com
messages. The creator of Bridget Jones, British author Helen Fielding, the fashion house Chanel and the Reuters news company all won cybersquatting cases recently (Reuters News, March 15, 2009). Chanel won against an entity using the DN chanelfashion.com and chanelstore.com in bad faith. A cybersquatter case can be won if an entity has registered a DN that contains a company’s brand name or a variation on the brand name and uses that DN in “bad faith.” Complaints are filed under the Uniform Domain Name Dispute Resolution Policy (UDRP), a quick and cost-effective dispute resolution procedure administered by the WIPO Arbitration and Mediation Center. According to WIPO, the top five sectors filing cases in 2009 were biotechnology and pharmaceuticals, banking and finance, Internet and IT, retail, and food, beverages and restaurants. THE NAT URE AND M AG NIT UDE O F T HE T HRE AT S The Internet Corporation for Assigned Names and Numbers (ICANN) is an international non-profit entity whose mission is to regulate Domain Name registration and monitor domain abuse. The magnitude and severity of the threat to a company is summed up by the ICANN Security and Stability Advisory Committee (SSAC): “Domain hijacking can disrupt or severely impact the business and operations of a registrant [company], including … denial and theft of electronic mail services, unauthorized disclosure of information through phishing web sites and traffic inspection (eavesdropping), and damage to the registrant’s reputation and brand through web site defacement.” These threats are possible because of vulnerabilities in the DN registration system. The Domain Name System (DNS) works like an automated telephone directory but substitutes the numeric Internet Protocol (IP) addresses with a unique name (usually the brand name). Registrars require all prospective Web site registrants (DN “owner”) to provide contact information, which is then made available to the public on the Internet through a service called 3 Page Whois. Each top-level domain or TLD (.com or .eu for instance) has a registry Copyright 2011 NTLUX S.A. VAYTON Brand Capital - www.vayton.com
responsible for managing Domain Names and setting policy for the domain. The registrant is responsible for keeping the Whois information current. An expired registration for a DN means it can be bought by a third party with “bad intent,” potentially harming the company or product. The recent availability of new generic TLDs (21 to date) has increased the chances of a company’s brand name being hijacked by a cybersquatter who  acquires a company’s Domain Names that have expired and tries to re-sell the names at a high price;  registers a company’s brand/trademark with a different top-level name taking consumers to a counterfeit site; and,  registers Domain Names identical to a company’s DN but with one letter altered (known as typo-squatting). The Anti-Phishing Working Group (AWG) monitors phishing attacks around the globe. Phishers attempt to obtain private information (such as passwords and credit card numbers) primarily through emails and social networking sites. A Phisher will redirect the Internet user to a fake site that mimics the design of an authentic site. When using the search engine, a user may be fooled into accessing a site that mimics the authentic site. TrendMicro, a security company, is already reporting in 2010 the risks of users trying to find information about the new Apple iPad but being directed to phising sites. The phisher will use a domain name that has one altered letter in the Internet address or that mimics a brand-linked address. Social engineering seems the preferred technique. The Internet user is tricked into voluntarily providing private information. AWG recently published Global Phishing Survey: Trends and Domain Name Use 1H2009. Major findings from the AWG report with implications for domain name protection and management are cited here: 1. In 1H2009, the average uptime of all phishing attacks was noticeably shorter than in 2H2008. This is an encouraging improvement, most likely reflecting efforts by providers and responders. 4 2. The Avalanche phishing kit accounted for a whopping 24% of all Page phishing attacks launched in 1H2009. This criminal operation is one of Copyright 2011 NTLUX S.A. VAYTON Brand Capital - www.vayton.com
the most sophisticated and damaging on the Internet, and targets vulnerable or non-responsive registrars and registries. 3. The great majority of phishing is also concentrated in certain namespaces – just five TLDs 4. The amount of Internet domain names and numbers used for phishing has remained fairly steady over the past two years. 5. Anti-phishing programs implemented by domain name registries can reduce the up-times of phishing attacks, and can reduce the number of malicious registrations made in those TLDs. 6. The unique characteristics of Internationalized Domain Names (IDNs) are not being used to facilitate phishing, and there are factors that may perpetuate this trend in the future. 7. Phishers continue to use subdomain services to host and manage their phishing sites. Phishers used such services more often than they registered domain names via regular registrars. This trend shows phishers using services that cannot be taken down by domain registrars or registry operators. The AWG report further noted that “Of the maliciously registered domains, 1,098 contained a relevant brand name, variation, or misspelling thereof. This represents 25% of maliciously registered domains, and just 3.6% of all domains that were used for phishing. Placing brand names or variations thereof in the domain name itself is not a favored tactic, since brand owners are proactively scanning Internet zone files for such names. … Instead, phishers almost always place brand names in subdomains or subdirectories. This puts the misleading string somewhere in the URL, where potential victims may see it and be fooled. Internet users are rarely knowledgeable enough to be able to pick out the “base” or true domain name being used in a URL.” The ICANN Security and Stability Advisory Committee (SSAC) posted a study based on a series of incidents occurring from May 2008 through April 2009. 5 Page Copyright 2011 NTLUX S.A. VAYTON Brand Capital - www.vayton.com
Below are several common characteristics SSAC listed in their review of domain name abuse incidents. (Key points have been highlighted.) 1. Many organizations have domain name registration accounts that contain high-value or business-critical names, domain names that could be as valuable to the organization as any tangible asset, trademark or intellectual property right the organization possesses. 2. Many registration service providers operate with consumer-focused service objectives; i.e., the registration service is highly automated and focused on serving very large numbers of registrants at a high rate of transaction. Automation is extremely important in any business endeavor that attempts to provide service in a timely and scalable manner. Our study revealed that attackers have familiarized themselves with registrar behavior and will exploit certain aspects of automation; for example, knowing that electronic mail is the preferred method of notifying registrants of contact and configuration changes, renewals, etc., attackers often attempt to disrupt delivery to email addresses by modifying DNS configurations. 3. Among the incidents we studied, the victims were frequently customers with business critical domain accounts operated by registration service providers with consumer focused service objectives. In some cases, customers did not adequately assess the risk associated with the possible loss of control or access to their domain registration account until they were victimized; in other cases, the internal policies and monitoring activities in place prior to the incident were not sufficient to detect or block the attack. 6 Page Copyright 2011 NTLUX S.A. VAYTON Brand Capital - www.vayton.com
ATTACKERS ARE CLEVER AND TECH-SAVVY According to “Measures to Protect Domain Registration Services Against Exploitation or Misuse,” (SSAC Report [English]; [French]), DN attackers apply a variety of methods to hijack and maliciously use domain name account information. SAMPLE CASES REPORTED BY SSAC – ICANN was victimized by a group of hackers accessing ICANN’s domain registration account at Register.com. ICANN described the attack as “sophisticated, combining both social and technological techniques.” The attackers altered the DNS configurations of several domains (icann.net iana-servers.com, icann.com, and iana.com). Visitor traffic was rerouted to a defacement web site. CheckFree (now FIServ), the leading global provider of information management and electronic commerce systems for the financial services industry suffered a DN attack. The attacker gained control of CheckFree’s domain registration account and modified the DNS configuration of several domains, including checkfree.com and mycheckfree.com. Customers logging onto their accounts to make online bill payments were “redirected to an impersonation web server in the Ukraine that attempted to install a malicious code that contained an Adobe Reader exploit.” “Registrars have been and will continue to be targets for attackers. Just as customers of financial institutions may be victimized by attacks against an online banking portal, so may domain name registrants be victimized by attacks against registrar domain administration pages.” 7 Page Copyright 2011 NTLUX S.A. VAYTON Brand Capital - www.vayton.com
The SSAC report cited vulnerabilities that registrars, registrants and resellers of DNs should address: 1. All an attacker needs to gain control of an organization’s entire domain name portfolio (and to hamper authorized access to that portfolio) is a user account and password. 2. Attackers need only guess, phish, or apply social engineering techniques on a single point of contact to gain control of a domain registration account. 3. Attackers scan domain account registration and administration portals for web application vulnerabilities (e.g., SQL injection). A successful exploit of vulnerable application code can result in the disclosure of account credentials for many domain accounts. 4. Email is the preferred and often the only method by which some registrars attempt to notify a registrant of account activity. 5. Attackers can block delivery of email notifications to targeted registrants by altering DNS configuration information so that email notifications will not be to any recipient in the domains the attacker controls through a compromised account (e.g., registrant’s identified administrative or technical contact email addresses hosted in the domain). 6. Access to and the ability to modify contact and DNS configuration information for all the domains in a registration account is commonly granted through a single user account and password. 7. Even when unauthorized modification of DNS information is discovered quickly, the process of restoring DNS information to correct for a malicious configuration can be a lengthy one that is inherent in the distributed nature of the DNS and related to time to live (TTL) values. 8 Page Copyright 2011 NTLUX S.A. VAYTON Brand Capital - www.vayton.com
From the business point of view, the nature of the threats to Domain Name security must be thoroughly understood to determine what actions should be taken to prevent disruption and damage to the company, product or service. VAYTON. Brand Capital offers the following recommendations:  The company should be informed about best practices in managing Domain Name portfolios for optimal brand protection and valuation.  This should be followed by an assessment of the current Domain Name portfolio management system benchmarked against best practices.  Finally, a corporation should decide whether it has onboard the necessary expertise and resources to manage effectively and proactively its DN portfolio. 9 Page Copyright 2011 NTLUX S.A. VAYTON Brand Capital - www.vayton.com
SEVEN BEST PRACTICES FOR DOMAIN NAME MANAGEMENT “Best practices applied in provisioning management seek to assure that these operations are performed in proper sequence, by authorized parties, in a timely and auditable manner, with low probability of omission, intrusion or error.” - ICANN, SSAC Report, 2009 Once a business understands current and emerging threats to its brand, a robust portfolio management system should be seriously considered. VAYTON has identified the following seven best practices for protecting and optimizing your brand capital. The practices cited below are based on published literature on domain name management strategies, case studies by Internet policymakers and VAYTON’s own experience developing and managing domain name portfolios for a variety of clients in Europe. View Your Domain Names as a Corporate Asset Is the management of your Domain Name portfolio an integral part of your total business management strategy? Is domain portfolio management in sync with your corporate objectives and goals? If the answers are no, this is your first clue that your company has failed to see your DN portfolio as a valuable corporate asset to be protected and valorized. The risks are too great not to have a comprehensive domain management strategy. And, the opportunities to valorize this asset are too numerous to be ignored. Centralize Domain Name Management Choose a single, accredited registrar for your DNs to reduce costs and risks and have a single-point of contact (corporate administrative contact). As new top level domains become available and as the company builds its e- commerce for products and services, the necessity of continuously acquiring new Domain Names can result in too many opportunities to miss renewal deadlines. You should not only have an effective management system but a comprehensive strategy to protect and optimize your brands and trademarks. 10 Page Copyright 2011 NTLUX S.A. VAYTON Brand Capital - www.vayton.com
Perform Systematic DN Portfolio Audits Audit all your Domain Names immediately. Do managers in different areas of the company who control Domain Names have the same policies for renewals and management? After an enterprise-wise audit is performed, you should develop policies and procedures for systematic renewals and acquisition of new domains. Audit and Centralize Your Trademark Portfolio at the Same Time Many countries require a new trademark or a local company to also register a domain name. This is true for France. So, audit and centralize your trademark portfolio at the same time you centralize your DN portfolio. Monitor Domain Registration Information for Guaranteed Renewals Take steps to ensure you have the resources and technology for guaranteed domain renewals and control over the process. Failure to update Whois can result in losing DNs to cybersquatters who will try to resell the DNs to you at exorbitant prices or redirect Internet traffic to a bogus or counterfeit Web site. Renewing your DNs for periods longer than the usual two years will ease the administrative burden. However, with large portfolios, having different initial registration dates for DNs, managing renewals can be an administrative hassle leading to mismanagement of this valuable asset. Stay Informed About New Threats Do not wait until the crisis (the counterfeiting, the disruption of services, or unauthorized access to company and consumer information) occurs to take action. Devote resources to monitoring the threats on the horizon, assessing the potential harm, developing a plan and taking action to protect your DN portfolio asset. Monetize Domain Names The commercial and marketing use of domain names is a key element for brand valuation; a well managed domain name portfolio can reduce the advertising costs by several thousand Euros. This can largely compensate the 11 expenses of new domain names and the domain name management expenditures. Page Copyright 2011 NTLUX S.A. VAYTON Brand Capital - www.vayton.com
RIGOROUS DOMAIN NAME MANAGEMENT FOR OPTIMAL BRAND PROTECTION AND VALUATION ICANN recommends that registrars “provide security measures to safeguard against the non renewal of the customer’s domain names due to technical errors or oversight, to protect the customer from domain name hijacking through unauthorized modification of registration records, and to prevent unauthorized, malicious DNS configuration. The business model for these registrars is focused on handling individual transactions with a very low probability of error. VAYTON. Brand Capital has the expertise and cutting-edge technology for managing your Domain Name (DN) portfolio and optimizing your brand asset. We offer personalized, customized DN management services to protect your intangible property—your brand value and integrity. E X P E R T I S E - Outsourcing DN portfolio management to VAYTON may be the wise choice for your company. A dedicated team of experts can ease the burden of DN portfolio management at all levels: administrative, technical and strategic. C O M P R E H E N S I V E S E R V I C E S - You can count on a comprehensive suite of services necessary to prevent brand devaluation and security compromises. We will audit, monitor, centralize, renew and recover your domain names. C U T T I N G - E D G E T E C H N O L O G Y - We have developed technologies and platforms to audit, monitor and centralize domain names. These technologies are customized to answer decision makers’ as well as technical team requirements. 3A boul ev ard du P ri nc e H enri , L - 1724 L ux em bour g 12 t el . +352. 26. 44. 17 . 93 f ax . +352. 26. 44. 18. 4 3 Cont ac t : Ni c ol as V A N B E EK Page c ont ac t @v ay t on. c om Copyright 2011 NTLUX S.A. VAYTON Brand Capital - www.vayton.com

Recomendados

Wilhelm research paper
Wilhelm research paperWilhelm research paper
Wilhelm research paperwennwilhelm
 
Databreach forecast
Databreach forecastDatabreach forecast
Databreach forecastSuresh Kesavan
 
Typo squatting
Typo squattingTypo squatting
Typo squattingJoey Hernandez
 
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the BoardroomCritical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the BoardroomStanford GSB Corporate Governance Research Initiative
 
Phish market protocol
Phish market protocolPhish market protocol
Phish market protocolingenioustech
 
Online Brand Protection: Fighting Domain Name Typosquatting, Website Spoofing...
Online Brand Protection: Fighting Domain Name Typosquatting, Website Spoofing...Online Brand Protection: Fighting Domain Name Typosquatting, Website Spoofing...
Online Brand Protection: Fighting Domain Name Typosquatting, Website Spoofing...WhoisXML API
 
Social media legislation
Social media legislationSocial media legislation
Social media legislationyayayaya76
 
Ip issues in social media
Ip issues in social mediaIp issues in social media
Ip issues in social mediaAltacit Global
 

Recomendados

Wilhelm research paper
Wilhelm research paperWilhelm research paper
Wilhelm research paperwennwilhelm
 
Databreach forecast
Databreach forecastDatabreach forecast
Databreach forecastSuresh Kesavan
 
Typo squatting
Typo squattingTypo squatting
Typo squattingJoey Hernandez
 
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the BoardroomCritical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the BoardroomStanford GSB Corporate Governance Research Initiative
 
Phish market protocol
Phish market protocolPhish market protocol
Phish market protocolingenioustech
 
Online Brand Protection: Fighting Domain Name Typosquatting, Website Spoofing...
Online Brand Protection: Fighting Domain Name Typosquatting, Website Spoofing...Online Brand Protection: Fighting Domain Name Typosquatting, Website Spoofing...
Online Brand Protection: Fighting Domain Name Typosquatting, Website Spoofing...WhoisXML API
 
Social media legislation
Social media legislationSocial media legislation
Social media legislationyayayaya76
 
Ip issues in social media
Ip issues in social mediaIp issues in social media
Ip issues in social mediaAltacit Global
 
Unearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet FraudUnearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet FraudInternet Law Center
 
Digital Ad Fraud Is Not Illegal Yet
Digital Ad Fraud Is Not Illegal YetDigital Ad Fraud Is Not Illegal Yet
Digital Ad Fraud Is Not Illegal YetDr. Augustine Fou - Independent Ad Fraud Researcher
 
2010q1 Threats Report
2010q1 Threats Report2010q1 Threats Report
2010q1 Threats ReportMcafeeCareers
 
IBM X-Force Threat Intelligence Report 2016
IBM X-Force Threat Intelligence Report 2016IBM X-Force Threat Intelligence Report 2016
IBM X-Force Threat Intelligence Report 2016thinkASG
 
Revenue sources-for-copyright-infringing-sites-in-eu-march-2015
Revenue sources-for-copyright-infringing-sites-in-eu-march-2015Revenue sources-for-copyright-infringing-sites-in-eu-march-2015
Revenue sources-for-copyright-infringing-sites-in-eu-march-2015Raffaella Natale
 
2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)
2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)
2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)Kate Dalakova
 
Online privacy concerns (and what we can do about it)
Online privacy concerns (and what we can do about it)Online privacy concerns (and what we can do about it)
Online privacy concerns (and what we can do about it)Phil Cryer
 
Cybercrime - View and perceptions from EU citizens
Cybercrime - View and perceptions from EU citizensCybercrime - View and perceptions from EU citizens
Cybercrime - View and perceptions from EU citizensGabriella Bergaglio
 
Burson-Marsteller China Digital Trends for 2011
Burson-Marsteller China Digital Trends for 2011 Burson-Marsteller China Digital Trends for 2011
Burson-Marsteller China Digital Trends for 2011 Burson-Marsteller China
 
Social media in china
Social media in chinaSocial media in china
Social media in chinaTekir Oy
 
Fraud & Abuse Report 2020 by Arkose LabsFraud report q1 2020
Fraud & Abuse Report 2020 by Arkose LabsFraud report q1 2020Fraud & Abuse Report 2020 by Arkose LabsFraud report q1 2020
Fraud & Abuse Report 2020 by Arkose LabsFraud report q1 2020Jeff Martinez
 
IDC Globalization Report
IDC Globalization ReportIDC Globalization Report
IDC Globalization ReportElizabeth Lupfer
 
Cinch local mobile_overview
Cinch local mobile_overviewCinch local mobile_overview
Cinch local mobile_overviewJason Schultz
 
UK online fraud 2010
UK online fraud 2010UK online fraud 2010
UK online fraud 2010CPPGroup Plc
 
Digital ad fraud superheroes the good guys by augustine fou
Digital ad fraud superheroes the good guys by augustine fouDigital ad fraud superheroes the good guys by augustine fou
Digital ad fraud superheroes the good guys by augustine fouDr. Augustine Fou - Independent Ad Fraud Researcher
 
The Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats
The Murky Waters of the Internet: Anatomy of Malvertising and Other e-ThreatsThe Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats
The Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats- Mark - Fullbright
 
GDPR by Identity Methods
GDPR by Identity MethodsGDPR by Identity Methods
GDPR by Identity MethodsEduard Lazar
 
Driving Payment Innovation - Know Your Enemy
Driving Payment Innovation - Know Your EnemyDriving Payment Innovation - Know Your Enemy
Driving Payment Innovation - Know Your EnemyFirst Atlantic Commerce
 
Quiz 4 Ppt
Quiz 4 PptQuiz 4 Ppt
Quiz 4 Pptsarabobara311
 
Iron Mountain Training 3
Iron Mountain Training 3Iron Mountain Training 3
Iron Mountain Training 3Al Ewers
 
Are There Any Domains Impersonating Your Company For Phishing?
Are There Any Domains Impersonating Your Company For Phishing?Are There Any Domains Impersonating Your Company For Phishing?
Are There Any Domains Impersonating Your Company For Phishing?NormShield
 
DotBrand (08/2011) - VAYTON
DotBrand (08/2011) - VAYTONDotBrand (08/2011) - VAYTON
DotBrand (08/2011) - VAYTONVAYTON
 

Más contenido relacionado

La actualidad más candente

Unearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet FraudUnearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet FraudInternet Law Center
 
2010q1 Threats Report
2010q1 Threats Report2010q1 Threats Report
2010q1 Threats ReportMcafeeCareers
 
IBM X-Force Threat Intelligence Report 2016
IBM X-Force Threat Intelligence Report 2016IBM X-Force Threat Intelligence Report 2016
IBM X-Force Threat Intelligence Report 2016thinkASG
 
Revenue sources-for-copyright-infringing-sites-in-eu-march-2015
Revenue sources-for-copyright-infringing-sites-in-eu-march-2015Revenue sources-for-copyright-infringing-sites-in-eu-march-2015
Revenue sources-for-copyright-infringing-sites-in-eu-march-2015Raffaella Natale
 
2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)
2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)
2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)Kate Dalakova
 
Online privacy concerns (and what we can do about it)
Online privacy concerns (and what we can do about it)Online privacy concerns (and what we can do about it)
Online privacy concerns (and what we can do about it)Phil Cryer
 
Cybercrime - View and perceptions from EU citizens
Cybercrime - View and perceptions from EU citizensCybercrime - View and perceptions from EU citizens
Cybercrime - View and perceptions from EU citizensGabriella Bergaglio
 
Burson-Marsteller China Digital Trends for 2011
Burson-Marsteller China Digital Trends for 2011 Burson-Marsteller China Digital Trends for 2011
Burson-Marsteller China Digital Trends for 2011 Burson-Marsteller China
 
Social media in china
Social media in chinaSocial media in china
Social media in chinaTekir Oy
 
Fraud & Abuse Report 2020 by Arkose LabsFraud report q1 2020
Fraud & Abuse Report 2020 by Arkose LabsFraud report q1 2020Fraud & Abuse Report 2020 by Arkose LabsFraud report q1 2020
Fraud & Abuse Report 2020 by Arkose LabsFraud report q1 2020Jeff Martinez
 
Cinch local mobile_overview
Cinch local mobile_overviewCinch local mobile_overview
Cinch local mobile_overviewJason Schultz
 
UK online fraud 2010
UK online fraud 2010UK online fraud 2010
UK online fraud 2010CPPGroup Plc
 
The Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats
The Murky Waters of the Internet: Anatomy of Malvertising and Other e-ThreatsThe Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats
The Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats- Mark - Fullbright
 
GDPR by Identity Methods
GDPR by Identity MethodsGDPR by Identity Methods
GDPR by Identity MethodsEduard Lazar
 
Driving Payment Innovation - Know Your Enemy
Driving Payment Innovation - Know Your EnemyDriving Payment Innovation - Know Your Enemy
Driving Payment Innovation - Know Your EnemyFirst Atlantic Commerce
 

La actualidad más candente (19)

Unearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet FraudUnearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet Fraud
 
Digital Ad Fraud Is Not Illegal Yet
Digital Ad Fraud Is Not Illegal YetDigital Ad Fraud Is Not Illegal Yet
Digital Ad Fraud Is Not Illegal Yet
 
2010q1 Threats Report
2010q1 Threats Report2010q1 Threats Report
2010q1 Threats Report
 
IBM X-Force Threat Intelligence Report 2016
IBM X-Force Threat Intelligence Report 2016IBM X-Force Threat Intelligence Report 2016
IBM X-Force Threat Intelligence Report 2016
 
Revenue sources-for-copyright-infringing-sites-in-eu-march-2015
Revenue sources-for-copyright-infringing-sites-in-eu-march-2015Revenue sources-for-copyright-infringing-sites-in-eu-march-2015
Revenue sources-for-copyright-infringing-sites-in-eu-march-2015
 
2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)
2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)
2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)
 
Online privacy concerns (and what we can do about it)
Online privacy concerns (and what we can do about it)Online privacy concerns (and what we can do about it)
Online privacy concerns (and what we can do about it)
 
Cybercrime - View and perceptions from EU citizens
Cybercrime - View and perceptions from EU citizensCybercrime - View and perceptions from EU citizens
Cybercrime - View and perceptions from EU citizens
 
Burson-Marsteller China Digital Trends for 2011
Burson-Marsteller China Digital Trends for 2011 Burson-Marsteller China Digital Trends for 2011
Burson-Marsteller China Digital Trends for 2011
 
Social media in china
Social media in chinaSocial media in china
Social media in china
 
Fraud & Abuse Report 2020 by Arkose LabsFraud report q1 2020
Fraud & Abuse Report 2020 by Arkose LabsFraud report q1 2020Fraud & Abuse Report 2020 by Arkose LabsFraud report q1 2020
Fraud & Abuse Report 2020 by Arkose LabsFraud report q1 2020
 
IDC Globalization Report
IDC Globalization ReportIDC Globalization Report
IDC Globalization Report
 
Cinch local mobile_overview
Cinch local mobile_overviewCinch local mobile_overview
Cinch local mobile_overview
 
UK online fraud 2010
UK online fraud 2010UK online fraud 2010
UK online fraud 2010
 
Digital ad fraud superheroes the good guys by augustine fou
Digital ad fraud superheroes the good guys by augustine fouDigital ad fraud superheroes the good guys by augustine fou
Digital ad fraud superheroes the good guys by augustine fou
 
The Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats
The Murky Waters of the Internet: Anatomy of Malvertising and Other e-ThreatsThe Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats
The Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats
 
GDPR by Identity Methods
GDPR by Identity MethodsGDPR by Identity Methods
GDPR by Identity Methods
 
Driving Payment Innovation - Know Your Enemy
Driving Payment Innovation - Know Your EnemyDriving Payment Innovation - Know Your Enemy
Driving Payment Innovation - Know Your Enemy
 
Quiz 4 Ppt
Quiz 4 PptQuiz 4 Ppt
Quiz 4 Ppt
 

Similar a domain names management whitepaper

Iron Mountain Training 3
Iron Mountain Training 3Iron Mountain Training 3
Iron Mountain Training 3Al Ewers
 
Are There Any Domains Impersonating Your Company For Phishing?
Are There Any Domains Impersonating Your Company For Phishing?Are There Any Domains Impersonating Your Company For Phishing?
Are There Any Domains Impersonating Your Company For Phishing?NormShield
 
DotBrand (08/2011) - VAYTON
DotBrand (08/2011) - VAYTONDotBrand (08/2011) - VAYTON
DotBrand (08/2011) - VAYTONVAYTON
 
Impact of counterfeits on electronics companies
Impact of counterfeits on electronics companiesImpact of counterfeits on electronics companies
Impact of counterfeits on electronics companiesNEW Momentum
 
Impact of counterfeits on electronics companies
Impact of counterfeits on electronics companiesImpact of counterfeits on electronics companies
Impact of counterfeits on electronics companiesNEW Momentum
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Erik Ginalick
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threatsReadWrite
 
Sustainable Brands - MARQUES
Sustainable Brands - MARQUESSustainable Brands - MARQUES
Sustainable Brands - MARQUESDavid Green
 
Spam and Phishing Report - Marzo 2010
Spam and Phishing Report - Marzo 2010Spam and Phishing Report - Marzo 2010
Spam and Phishing Report - Marzo 2010Symantec Italia
 
Don’t let your organization be in the headlines for the wrong reasons
Don’t let your organization be in the headlines for the wrong reasons Don’t let your organization be in the headlines for the wrong reasons
Don’t let your organization be in the headlines for the wrong reasonsIBM Security
 
Your brand, your market
Your brand, your marketYour brand, your market
Your brand, your marketVAYTON
 
The Anticybersquatting Consumer Protection Act and the Uniform Domain Name Di...
The Anticybersquatting Consumer Protection Act and the Uniform Domain Name Di...The Anticybersquatting Consumer Protection Act and the Uniform Domain Name Di...
The Anticybersquatting Consumer Protection Act and the Uniform Domain Name Di...tenesa
 
Security in e-commerce
Security in e-commerceSecurity in e-commerce
Security in e-commerceSensePost
 
THE WORLD’S LARGEST BRANDING REVOLUTION STARTS JANUARY 2012
THE WORLD’S LARGEST BRANDING REVOLUTION STARTS JANUARY 2012THE WORLD’S LARGEST BRANDING REVOLUTION STARTS JANUARY 2012
THE WORLD’S LARGEST BRANDING REVOLUTION STARTS JANUARY 2012Ivonne Kinser
 
Chapter 1 introduction and basic definitions
Chapter 1 introduction and basic definitionsChapter 1 introduction and basic definitions
Chapter 1 introduction and basic definitionsDr. Ankit Kesharwani
 
Internet & Social Media issues for brand owners
Internet & Social Media issues for brand ownersInternet & Social Media issues for brand owners
Internet & Social Media issues for brand ownersDavid Green
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsBen Graybar
 
Domain name and trade dispute
Domain name and trade disputeDomain name and trade dispute
Domain name and trade disputeSaravanan A
 

Similar a domain names management whitepaper (20)

Iron Mountain Training 3
Iron Mountain Training 3Iron Mountain Training 3
Iron Mountain Training 3
 
Are There Any Domains Impersonating Your Company For Phishing?
Are There Any Domains Impersonating Your Company For Phishing?Are There Any Domains Impersonating Your Company For Phishing?
Are There Any Domains Impersonating Your Company For Phishing?
 
DotBrand (08/2011) - VAYTON
DotBrand (08/2011) - VAYTONDotBrand (08/2011) - VAYTON
DotBrand (08/2011) - VAYTON
 
Impact of counterfeits on electronics companies
Impact of counterfeits on electronics companiesImpact of counterfeits on electronics companies
Impact of counterfeits on electronics companies
 
Impact of counterfeits on electronics companies
Impact of counterfeits on electronics companiesImpact of counterfeits on electronics companies
Impact of counterfeits on electronics companies
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threats
 
Sustainable Brands - MARQUES
Sustainable Brands - MARQUESSustainable Brands - MARQUES
Sustainable Brands - MARQUES
 
Spam and Phishing Report - Marzo 2010
Spam and Phishing Report - Marzo 2010Spam and Phishing Report - Marzo 2010
Spam and Phishing Report - Marzo 2010
 
Don’t let your organization be in the headlines for the wrong reasons
Don’t let your organization be in the headlines for the wrong reasons Don’t let your organization be in the headlines for the wrong reasons
Don’t let your organization be in the headlines for the wrong reasons
 
Your brand, your market
Your brand, your marketYour brand, your market
Your brand, your market
 
The Anticybersquatting Consumer Protection Act and the Uniform Domain Name Di...
The Anticybersquatting Consumer Protection Act and the Uniform Domain Name Di...The Anticybersquatting Consumer Protection Act and the Uniform Domain Name Di...
The Anticybersquatting Consumer Protection Act and the Uniform Domain Name Di...
 
Security in e-commerce
Security in e-commerceSecurity in e-commerce
Security in e-commerce
 
Group Project_WCMDMTJT
Group Project_WCMDMTJTGroup Project_WCMDMTJT
Group Project_WCMDMTJT
 
THE WORLD’S LARGEST BRANDING REVOLUTION STARTS JANUARY 2012
THE WORLD’S LARGEST BRANDING REVOLUTION STARTS JANUARY 2012THE WORLD’S LARGEST BRANDING REVOLUTION STARTS JANUARY 2012
THE WORLD’S LARGEST BRANDING REVOLUTION STARTS JANUARY 2012
 
Chapter 1 introduction and basic definitions
Chapter 1 introduction and basic definitionsChapter 1 introduction and basic definitions
Chapter 1 introduction and basic definitions
 
digital
digitaldigital
digital
 
Internet & Social Media issues for brand owners
Internet & Social Media issues for brand ownersInternet & Social Media issues for brand owners
Internet & Social Media issues for brand owners
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools Tactics
 
Domain name and trade dispute
Domain name and trade disputeDomain name and trade dispute
Domain name and trade dispute
 

Último

The Ultimate Guide to Financial Advertising Strategies.pdf
The Ultimate Guide to Financial Advertising Strategies.pdfThe Ultimate Guide to Financial Advertising Strategies.pdf
The Ultimate Guide to Financial Advertising Strategies.pdfFinance Advertising Network
 
HAGAN_Katalog_Saison23-24_Overview_Preview
HAGAN_Katalog_Saison23-24_Overview_PreviewHAGAN_Katalog_Saison23-24_Overview_Preview
HAGAN_Katalog_Saison23-24_Overview_PreviewEsteller
 
2024 WTF - what's working in mobile user acquisition
2024 WTF - what's working in mobile user acquisition2024 WTF - what's working in mobile user acquisition
2024 WTF - what's working in mobile user acquisitionJohn Koetsier
 
TAM Sports-IPL 17 Advertising Report- M01 - M15.xlsx - IPL 17 FCT (Commercial...
TAM Sports-IPL 17 Advertising Report- M01 - M15.xlsx - IPL 17 FCT (Commercial...TAM Sports-IPL 17 Advertising Report- M01 - M15.xlsx - IPL 17 FCT (Commercial...
TAM Sports-IPL 17 Advertising Report- M01 - M15.xlsx - IPL 17 FCT (Commercial...Social Samosa
 
20 Top Social Media Tips for Peer Specialists
20 Top Social Media Tips for Peer Specialists20 Top Social Media Tips for Peer Specialists
20 Top Social Media Tips for Peer Specialistsmlicam615
 
Make Your Message Go Viral with Nugget Global's Press Release Distribution Se...
Make Your Message Go Viral with Nugget Global's Press Release Distribution Se...Make Your Message Go Viral with Nugget Global's Press Release Distribution Se...
Make Your Message Go Viral with Nugget Global's Press Release Distribution Se...Nugget Global
 
Paul Russell Confidential Resume for Fahlo.pdf
Paul Russell Confidential Resume for Fahlo.pdfPaul Russell Confidential Resume for Fahlo.pdf
Paul Russell Confidential Resume for Fahlo.pdfpaul8402
 
The Fall of Social Media Marketing :- Global brand magazine
The Fall of Social Media Marketing :- Global brand magazineThe Fall of Social Media Marketing :- Global brand magazine
The Fall of Social Media Marketing :- Global brand magazineglobalbrandmagazines1
 
Digital Marketing complete introduction.
Digital Marketing complete introduction.Digital Marketing complete introduction.
Digital Marketing complete introduction.Kashish Bindra
 
Social Media Marketing Lecture for Advanced Digital & Social Media Strategy a...
Social Media Marketing Lecture for Advanced Digital & Social Media Strategy a...Social Media Marketing Lecture for Advanced Digital & Social Media Strategy a...
Social Media Marketing Lecture for Advanced Digital & Social Media Strategy a...Valters Lauzums
 
Lesotho-Botswana Water Project Brand Manual developed with new logo
Lesotho-Botswana Water Project Brand Manual developed with new logoLesotho-Botswana Water Project Brand Manual developed with new logo
Lesotho-Botswana Water Project Brand Manual developed with new logonelaohaimbodi
 
Krisantec Digital Marketing Services.pdf
Krisantec Digital Marketing Services.pdfKrisantec Digital Marketing Services.pdf
Krisantec Digital Marketing Services.pdfkrisantecsolutions
 
Llanai Buyer Persona & Segmentation Strategy
Llanai Buyer Persona & Segmentation StrategyLlanai Buyer Persona & Segmentation Strategy
Llanai Buyer Persona & Segmentation StrategyMarianna Nakou
 
5 TH SEM BBA DIGITAL MARKETING NOTES.docx
5 TH SEM BBA DIGITAL MARKETING NOTES.docx5 TH SEM BBA DIGITAL MARKETING NOTES.docx
5 TH SEM BBA DIGITAL MARKETING NOTES.docxmskarthik1435
 
AMAZON Copywriting Portfolio by Cielo Evangelista
AMAZON Copywriting Portfolio by Cielo EvangelistaAMAZON Copywriting Portfolio by Cielo Evangelista
AMAZON Copywriting Portfolio by Cielo Evangelistacrevangelista
 
Dave Cousin TW-BERT Good for Users, Good for SEOsBrighton SEO Deck
Dave Cousin TW-BERT Good for Users, Good for SEOsBrighton SEO DeckDave Cousin TW-BERT Good for Users, Good for SEOsBrighton SEO Deck
Dave Cousin TW-BERT Good for Users, Good for SEOsBrighton SEO DeckOban International
 
Catálogo Sea To Summit 2024 gama compelta
Catálogo Sea To Summit 2024 gama compeltaCatálogo Sea To Summit 2024 gama compelta
Catálogo Sea To Summit 2024 gama compeltaEsteller
 
Catálogo HYD 2024 gama completa Hydrapak
Catálogo HYD 2024 gama completa HydrapakCatálogo HYD 2024 gama completa Hydrapak
Catálogo HYD 2024 gama completa HydrapakEsteller
 
Master the art of Social Selling to increase sales by fostering relationships...
Master the art of Social Selling to increase sales by fostering relationships...Master the art of Social Selling to increase sales by fostering relationships...
Master the art of Social Selling to increase sales by fostering relationships...VereigenMedia1
 
Professional Sales Representative by Sahil Srivastava.pptx
Professional Sales Representative by Sahil Srivastava.pptxProfessional Sales Representative by Sahil Srivastava.pptx
Professional Sales Representative by Sahil Srivastava.pptxSahil Srivastava
 

Último (20)

The Ultimate Guide to Financial Advertising Strategies.pdf
The Ultimate Guide to Financial Advertising Strategies.pdfThe Ultimate Guide to Financial Advertising Strategies.pdf
The Ultimate Guide to Financial Advertising Strategies.pdf
 
HAGAN_Katalog_Saison23-24_Overview_Preview
HAGAN_Katalog_Saison23-24_Overview_PreviewHAGAN_Katalog_Saison23-24_Overview_Preview
HAGAN_Katalog_Saison23-24_Overview_Preview
 
2024 WTF - what's working in mobile user acquisition
2024 WTF - what's working in mobile user acquisition2024 WTF - what's working in mobile user acquisition
2024 WTF - what's working in mobile user acquisition
 
TAM Sports-IPL 17 Advertising Report- M01 - M15.xlsx - IPL 17 FCT (Commercial...
TAM Sports-IPL 17 Advertising Report- M01 - M15.xlsx - IPL 17 FCT (Commercial...TAM Sports-IPL 17 Advertising Report- M01 - M15.xlsx - IPL 17 FCT (Commercial...
TAM Sports-IPL 17 Advertising Report- M01 - M15.xlsx - IPL 17 FCT (Commercial...
 
20 Top Social Media Tips for Peer Specialists
20 Top Social Media Tips for Peer Specialists20 Top Social Media Tips for Peer Specialists
20 Top Social Media Tips for Peer Specialists
 
Make Your Message Go Viral with Nugget Global's Press Release Distribution Se...
Make Your Message Go Viral with Nugget Global's Press Release Distribution Se...Make Your Message Go Viral with Nugget Global's Press Release Distribution Se...
Make Your Message Go Viral with Nugget Global's Press Release Distribution Se...
 
Paul Russell Confidential Resume for Fahlo.pdf
Paul Russell Confidential Resume for Fahlo.pdfPaul Russell Confidential Resume for Fahlo.pdf
Paul Russell Confidential Resume for Fahlo.pdf
 
The Fall of Social Media Marketing :- Global brand magazine
The Fall of Social Media Marketing :- Global brand magazineThe Fall of Social Media Marketing :- Global brand magazine
The Fall of Social Media Marketing :- Global brand magazine
 
Digital Marketing complete introduction.
Digital Marketing complete introduction.Digital Marketing complete introduction.
Digital Marketing complete introduction.
 
Social Media Marketing Lecture for Advanced Digital & Social Media Strategy a...
Social Media Marketing Lecture for Advanced Digital & Social Media Strategy a...Social Media Marketing Lecture for Advanced Digital & Social Media Strategy a...
Social Media Marketing Lecture for Advanced Digital & Social Media Strategy a...
 
Lesotho-Botswana Water Project Brand Manual developed with new logo
Lesotho-Botswana Water Project Brand Manual developed with new logoLesotho-Botswana Water Project Brand Manual developed with new logo
Lesotho-Botswana Water Project Brand Manual developed with new logo
 
Krisantec Digital Marketing Services.pdf
Krisantec Digital Marketing Services.pdfKrisantec Digital Marketing Services.pdf
Krisantec Digital Marketing Services.pdf
 
Llanai Buyer Persona & Segmentation Strategy
Llanai Buyer Persona & Segmentation StrategyLlanai Buyer Persona & Segmentation Strategy
Llanai Buyer Persona & Segmentation Strategy
 
5 TH SEM BBA DIGITAL MARKETING NOTES.docx
5 TH SEM BBA DIGITAL MARKETING NOTES.docx5 TH SEM BBA DIGITAL MARKETING NOTES.docx
5 TH SEM BBA DIGITAL MARKETING NOTES.docx
 
AMAZON Copywriting Portfolio by Cielo Evangelista
AMAZON Copywriting Portfolio by Cielo EvangelistaAMAZON Copywriting Portfolio by Cielo Evangelista
AMAZON Copywriting Portfolio by Cielo Evangelista
 
Dave Cousin TW-BERT Good for Users, Good for SEOsBrighton SEO Deck
Dave Cousin TW-BERT Good for Users, Good for SEOsBrighton SEO DeckDave Cousin TW-BERT Good for Users, Good for SEOsBrighton SEO Deck
Dave Cousin TW-BERT Good for Users, Good for SEOsBrighton SEO Deck
 
Catálogo Sea To Summit 2024 gama compelta
Catálogo Sea To Summit 2024 gama compeltaCatálogo Sea To Summit 2024 gama compelta
Catálogo Sea To Summit 2024 gama compelta
 
Catálogo HYD 2024 gama completa Hydrapak
Catálogo HYD 2024 gama completa HydrapakCatálogo HYD 2024 gama completa Hydrapak
Catálogo HYD 2024 gama completa Hydrapak
 
Master the art of Social Selling to increase sales by fostering relationships...
Master the art of Social Selling to increase sales by fostering relationships...Master the art of Social Selling to increase sales by fostering relationships...
Master the art of Social Selling to increase sales by fostering relationships...
 
Professional Sales Representative by Sahil Srivastava.pptx
Professional Sales Representative by Sahil Srivastava.pptxProfessional Sales Representative by Sahil Srivastava.pptx
Professional Sales Representative by Sahil Srivastava.pptx
 

domain names management whitepaper

  • 1. Protect your Brand Capital: Strategies for your domain name management Effective branding strategies (from name creation to brand protection and valuation) are essential to launch, grow and protect your business. “Protect Your Brand Capital” is one of several whitepapers produced by VAYTON. Brand Capital. The aim is to provide up-to-date background information, trends, and implications for your business in a digital, global marketplace. In this whitepaper, seven best practices are presented for protecting and optimizing the value of your Domain Name portfolio. But first, you should be aware of current and emerging threats to fully protect your brand capital. The winds of change have dramatically altered the business and marketing landscape. Whether you are a local business or a multinational corporation, you will not be able to attract and sustain a healthy customer-base without a strong, protected brand presence on the Internet. Paul Twomey (president of ICANN – Internet Corporation for Assigned Names and Numbers) called the new developments a “transformative revolution” and cited 1.4 billion current Internet users with a projected 1.5 billion in the next two to three years. Eurostat, the Statistical Office of the European Communities, reported that in 2009 one person in two in the EU27 used the Internet daily. Those countries with the highest proportion of daily access and use (three-quarters or more) were Netherlands (90%), Luxembourg (87%), Sweden (86%), Denmark (83%), Germany (79%), Finland (78%) and United Kingdom (77%) - Eurostat news release, Dec. 8, 2009. 1 Page Copyright 2011 NTLUX S.A. VAYTON Brand Capital - www.vayton.com
  • 2. In the not too distant past, a company just starting up would go through the process of creating a name and registering a trademark to launch and market its business enterprise. Acquiring an Internet address came next, though often as an afterthought. The company would scramble to find a domain name (DN) that matched the brand name. The next step would be to register and periodically update the DN account information. There seemed to be no other considerations. The DN was secured and the company went live on the web. Unfortunately, many companies failed to anticipate threats posed by cybercriminals and neglected to protect their brand capital with a robust Domain Name management strategy. Without a rigorous DN management strategy and without cutting-edge technology to thwart cyber attacks, a company places itself at risk. Loss of revenue, a damaged reputation, and security compromises (for the business and the customer) are three of the most severe consequences. New communication technologies bring new marketing opportunities—and new threats The Internet has pushed the marketplace into a global arena. The innovations altering the landscape of business and marketing (such mobile Internet and social networking) are at the same time ushering in vulnerabilities. Multinational corporations are forced into registering hundreds of DNs to prevent interruption of business and brand dilution. Cybersquatters have registered hundreds and thousands of DNs with the malicious intent of “domain hijacking” or strong-arming a company into buying at an exorbitant price brand-linked domain names. Internet traffic to a company’s website risks being redirected to a malicious site. Worse, the cybercriminal can solicit private customer information under the pretense of being the authentic website. Prospective consumers are using the Internet not only to shop for products and services but to assess the brand promise. Brand dilution happens when customers are redirected to malicious sites seeking to damage the company’s reputation. It may take just one mistyped letter when entering an Internet address to be redirected to a bogus site. No one who has an Internet presence is exempt: including celebrities, writers, and politicians. Immediately after the State of the Union Address by U.S. President Barack Obama (January 2010), the official websites of the 2 members of Congress were attacked and defaced with anti-Obama Page Copyright 2011 NTLUX S.A. VAYTON Brand Capital - www.vayton.com
  • 3. messages. The creator of Bridget Jones, British author Helen Fielding, the fashion house Chanel and the Reuters news company all won cybersquatting cases recently (Reuters News, March 15, 2009). Chanel won against an entity using the DN chanelfashion.com and chanelstore.com in bad faith. A cybersquatter case can be won if an entity has registered a DN that contains a company’s brand name or a variation on the brand name and uses that DN in “bad faith.” Complaints are filed under the Uniform Domain Name Dispute Resolution Policy (UDRP), a quick and cost-effective dispute resolution procedure administered by the WIPO Arbitration and Mediation Center. According to WIPO, the top five sectors filing cases in 2009 were biotechnology and pharmaceuticals, banking and finance, Internet and IT, retail, and food, beverages and restaurants. THE NAT URE AND M AG NIT UDE O F T HE T HRE AT S The Internet Corporation for Assigned Names and Numbers (ICANN) is an international non-profit entity whose mission is to regulate Domain Name registration and monitor domain abuse. The magnitude and severity of the threat to a company is summed up by the ICANN Security and Stability Advisory Committee (SSAC): “Domain hijacking can disrupt or severely impact the business and operations of a registrant [company], including … denial and theft of electronic mail services, unauthorized disclosure of information through phishing web sites and traffic inspection (eavesdropping), and damage to the registrant’s reputation and brand through web site defacement.” These threats are possible because of vulnerabilities in the DN registration system. The Domain Name System (DNS) works like an automated telephone directory but substitutes the numeric Internet Protocol (IP) addresses with a unique name (usually the brand name). Registrars require all prospective Web site registrants (DN “owner”) to provide contact information, which is then made available to the public on the Internet through a service called 3 Page Whois. Each top-level domain or TLD (.com or .eu for instance) has a registry Copyright 2011 NTLUX S.A. VAYTON Brand Capital - www.vayton.com
  • 4. responsible for managing Domain Names and setting policy for the domain. The registrant is responsible for keeping the Whois information current. An expired registration for a DN means it can be bought by a third party with “bad intent,” potentially harming the company or product. The recent availability of new generic TLDs (21 to date) has increased the chances of a company’s brand name being hijacked by a cybersquatter who  acquires a company’s Domain Names that have expired and tries to re-sell the names at a high price;  registers a company’s brand/trademark with a different top-level name taking consumers to a counterfeit site; and,  registers Domain Names identical to a company’s DN but with one letter altered (known as typo-squatting). The Anti-Phishing Working Group (AWG) monitors phishing attacks around the globe. Phishers attempt to obtain private information (such as passwords and credit card numbers) primarily through emails and social networking sites. A Phisher will redirect the Internet user to a fake site that mimics the design of an authentic site. When using the search engine, a user may be fooled into accessing a site that mimics the authentic site. TrendMicro, a security company, is already reporting in 2010 the risks of users trying to find information about the new Apple iPad but being directed to phising sites. The phisher will use a domain name that has one altered letter in the Internet address or that mimics a brand-linked address. Social engineering seems the preferred technique. The Internet user is tricked into voluntarily providing private information. AWG recently published Global Phishing Survey: Trends and Domain Name Use 1H2009. Major findings from the AWG report with implications for domain name protection and management are cited here: 1. In 1H2009, the average uptime of all phishing attacks was noticeably shorter than in 2H2008. This is an encouraging improvement, most likely reflecting efforts by providers and responders. 4 2. The Avalanche phishing kit accounted for a whopping 24% of all Page phishing attacks launched in 1H2009. This criminal operation is one of Copyright 2011 NTLUX S.A. VAYTON Brand Capital - www.vayton.com
  • 5. the most sophisticated and damaging on the Internet, and targets vulnerable or non-responsive registrars and registries. 3. The great majority of phishing is also concentrated in certain namespaces – just five TLDs 4. The amount of Internet domain names and numbers used for phishing has remained fairly steady over the past two years. 5. Anti-phishing programs implemented by domain name registries can reduce the up-times of phishing attacks, and can reduce the number of malicious registrations made in those TLDs. 6. The unique characteristics of Internationalized Domain Names (IDNs) are not being used to facilitate phishing, and there are factors that may perpetuate this trend in the future. 7. Phishers continue to use subdomain services to host and manage their phishing sites. Phishers used such services more often than they registered domain names via regular registrars. This trend shows phishers using services that cannot be taken down by domain registrars or registry operators. The AWG report further noted that “Of the maliciously registered domains, 1,098 contained a relevant brand name, variation, or misspelling thereof. This represents 25% of maliciously registered domains, and just 3.6% of all domains that were used for phishing. Placing brand names or variations thereof in the domain name itself is not a favored tactic, since brand owners are proactively scanning Internet zone files for such names. … Instead, phishers almost always place brand names in subdomains or subdirectories. This puts the misleading string somewhere in the URL, where potential victims may see it and be fooled. Internet users are rarely knowledgeable enough to be able to pick out the “base” or true domain name being used in a URL.” The ICANN Security and Stability Advisory Committee (SSAC) posted a study based on a series of incidents occurring from May 2008 through April 2009. 5 Page Copyright 2011 NTLUX S.A. VAYTON Brand Capital - www.vayton.com
  • 6. Below are several common characteristics SSAC listed in their review of domain name abuse incidents. (Key points have been highlighted.) 1. Many organizations have domain name registration accounts that contain high-value or business-critical names, domain names that could be as valuable to the organization as any tangible asset, trademark or intellectual property right the organization possesses. 2. Many registration service providers operate with consumer-focused service objectives; i.e., the registration service is highly automated and focused on serving very large numbers of registrants at a high rate of transaction. Automation is extremely important in any business endeavor that attempts to provide service in a timely and scalable manner. Our study revealed that attackers have familiarized themselves with registrar behavior and will exploit certain aspects of automation; for example, knowing that electronic mail is the preferred method of notifying registrants of contact and configuration changes, renewals, etc., attackers often attempt to disrupt delivery to email addresses by modifying DNS configurations. 3. Among the incidents we studied, the victims were frequently customers with business critical domain accounts operated by registration service providers with consumer focused service objectives. In some cases, customers did not adequately assess the risk associated with the possible loss of control or access to their domain registration account until they were victimized; in other cases, the internal policies and monitoring activities in place prior to the incident were not sufficient to detect or block the attack. 6 Page Copyright 2011 NTLUX S.A. VAYTON Brand Capital - www.vayton.com
  • 7. ATTACKERS ARE CLEVER AND TECH-SAVVY According to “Measures to Protect Domain Registration Services Against Exploitation or Misuse,” (SSAC Report [English]; [French]), DN attackers apply a variety of methods to hijack and maliciously use domain name account information. SAMPLE CASES REPORTED BY SSAC – ICANN was victimized by a group of hackers accessing ICANN’s domain registration account at Register.com. ICANN described the attack as “sophisticated, combining both social and technological techniques.” The attackers altered the DNS configurations of several domains (icann.net iana-servers.com, icann.com, and iana.com). Visitor traffic was rerouted to a defacement web site. CheckFree (now FIServ), the leading global provider of information management and electronic commerce systems for the financial services industry suffered a DN attack. The attacker gained control of CheckFree’s domain registration account and modified the DNS configuration of several domains, including checkfree.com and mycheckfree.com. Customers logging onto their accounts to make online bill payments were “redirected to an impersonation web server in the Ukraine that attempted to install a malicious code that contained an Adobe Reader exploit.” “Registrars have been and will continue to be targets for attackers. Just as customers of financial institutions may be victimized by attacks against an online banking portal, so may domain name registrants be victimized by attacks against registrar domain administration pages.” 7 Page Copyright 2011 NTLUX S.A. VAYTON Brand Capital - www.vayton.com
  • 8. The SSAC report cited vulnerabilities that registrars, registrants and resellers of DNs should address: 1. All an attacker needs to gain control of an organization’s entire domain name portfolio (and to hamper authorized access to that portfolio) is a user account and password. 2. Attackers need only guess, phish, or apply social engineering techniques on a single point of contact to gain control of a domain registration account. 3. Attackers scan domain account registration and administration portals for web application vulnerabilities (e.g., SQL injection). A successful exploit of vulnerable application code can result in the disclosure of account credentials for many domain accounts. 4. Email is the preferred and often the only method by which some registrars attempt to notify a registrant of account activity. 5. Attackers can block delivery of email notifications to targeted registrants by altering DNS configuration information so that email notifications will not be to any recipient in the domains the attacker controls through a compromised account (e.g., registrant’s identified administrative or technical contact email addresses hosted in the domain). 6. Access to and the ability to modify contact and DNS configuration information for all the domains in a registration account is commonly granted through a single user account and password. 7. Even when unauthorized modification of DNS information is discovered quickly, the process of restoring DNS information to correct for a malicious configuration can be a lengthy one that is inherent in the distributed nature of the DNS and related to time to live (TTL) values. 8 Page Copyright 2011 NTLUX S.A. VAYTON Brand Capital - www.vayton.com
  • 9. From the business point of view, the nature of the threats to Domain Name security must be thoroughly understood to determine what actions should be taken to prevent disruption and damage to the company, product or service. VAYTON. Brand Capital offers the following recommendations:  The company should be informed about best practices in managing Domain Name portfolios for optimal brand protection and valuation.  This should be followed by an assessment of the current Domain Name portfolio management system benchmarked against best practices.  Finally, a corporation should decide whether it has onboard the necessary expertise and resources to manage effectively and proactively its DN portfolio. 9 Page Copyright 2011 NTLUX S.A. VAYTON Brand Capital - www.vayton.com
  • 10. SEVEN BEST PRACTICES FOR DOMAIN NAME MANAGEMENT “Best practices applied in provisioning management seek to assure that these operations are performed in proper sequence, by authorized parties, in a timely and auditable manner, with low probability of omission, intrusion or error.” - ICANN, SSAC Report, 2009 Once a business understands current and emerging threats to its brand, a robust portfolio management system should be seriously considered. VAYTON has identified the following seven best practices for protecting and optimizing your brand capital. The practices cited below are based on published literature on domain name management strategies, case studies by Internet policymakers and VAYTON’s own experience developing and managing domain name portfolios for a variety of clients in Europe. View Your Domain Names as a Corporate Asset Is the management of your Domain Name portfolio an integral part of your total business management strategy? Is domain portfolio management in sync with your corporate objectives and goals? If the answers are no, this is your first clue that your company has failed to see your DN portfolio as a valuable corporate asset to be protected and valorized. The risks are too great not to have a comprehensive domain management strategy. And, the opportunities to valorize this asset are too numerous to be ignored. Centralize Domain Name Management Choose a single, accredited registrar for your DNs to reduce costs and risks and have a single-point of contact (corporate administrative contact). As new top level domains become available and as the company builds its e- commerce for products and services, the necessity of continuously acquiring new Domain Names can result in too many opportunities to miss renewal deadlines. You should not only have an effective management system but a comprehensive strategy to protect and optimize your brands and trademarks. 10 Page Copyright 2011 NTLUX S.A. VAYTON Brand Capital - www.vayton.com
  • 11. Perform Systematic DN Portfolio Audits Audit all your Domain Names immediately. Do managers in different areas of the company who control Domain Names have the same policies for renewals and management? After an enterprise-wise audit is performed, you should develop policies and procedures for systematic renewals and acquisition of new domains. Audit and Centralize Your Trademark Portfolio at the Same Time Many countries require a new trademark or a local company to also register a domain name. This is true for France. So, audit and centralize your trademark portfolio at the same time you centralize your DN portfolio. Monitor Domain Registration Information for Guaranteed Renewals Take steps to ensure you have the resources and technology for guaranteed domain renewals and control over the process. Failure to update Whois can result in losing DNs to cybersquatters who will try to resell the DNs to you at exorbitant prices or redirect Internet traffic to a bogus or counterfeit Web site. Renewing your DNs for periods longer than the usual two years will ease the administrative burden. However, with large portfolios, having different initial registration dates for DNs, managing renewals can be an administrative hassle leading to mismanagement of this valuable asset. Stay Informed About New Threats Do not wait until the crisis (the counterfeiting, the disruption of services, or unauthorized access to company and consumer information) occurs to take action. Devote resources to monitoring the threats on the horizon, assessing the potential harm, developing a plan and taking action to protect your DN portfolio asset. Monetize Domain Names The commercial and marketing use of domain names is a key element for brand valuation; a well managed domain name portfolio can reduce the advertising costs by several thousand Euros. This can largely compensate the 11 expenses of new domain names and the domain name management expenditures. Page Copyright 2011 NTLUX S.A. VAYTON Brand Capital - www.vayton.com
  • 12. RIGOROUS DOMAIN NAME MANAGEMENT FOR OPTIMAL BRAND PROTECTION AND VALUATION ICANN recommends that registrars “provide security measures to safeguard against the non renewal of the customer’s domain names due to technical errors or oversight, to protect the customer from domain name hijacking through unauthorized modification of registration records, and to prevent unauthorized, malicious DNS configuration. The business model for these registrars is focused on handling individual transactions with a very low probability of error. VAYTON. Brand Capital has the expertise and cutting-edge technology for managing your Domain Name (DN) portfolio and optimizing your brand asset. We offer personalized, customized DN management services to protect your intangible property—your brand value and integrity. E X P E R T I S E - Outsourcing DN portfolio management to VAYTON may be the wise choice for your company. A dedicated team of experts can ease the burden of DN portfolio management at all levels: administrative, technical and strategic. C O M P R E H E N S I V E S E R V I C E S - You can count on a comprehensive suite of services necessary to prevent brand devaluation and security compromises. We will audit, monitor, centralize, renew and recover your domain names. C U T T I N G - E D G E T E C H N O L O G Y - We have developed technologies and platforms to audit, monitor and centralize domain names. These technologies are customized to answer decision makers’ as well as technical team requirements. 3A boul ev ard du P ri nc e H enri , L - 1724 L ux em bour g 12 t el . +352. 26. 44. 17 . 93 f ax . +352. 26. 44. 18. 4 3 Cont ac t : Ni c ol as V A N B E EK Page c ont ac t @v ay t on. c om Copyright 2011 NTLUX S.A. VAYTON Brand Capital - www.vayton.com