The Rise of Systemic Abuse Networks
It’s no secret brand abuse is on the rise. To get a clearer picture of the nature of this increase, Tracer examined domain enforcement activity from a sample of their clients.
They found that, on average, monthly enforcement activity increased 100% between April 2020 and February 2021. While brand abuse is a year-round problem, their analysts observed spikes in domain enforcement activity in the summer months as well as heading into the holiday shopping season, which was especially busy in 2020.
Enforcement challenges for domain name infringement
A recent study by the Interisle Consulting group illustrates the enforcement challenges for domain name infringement. Prior to the introduction of the General Data Protection Regulation (GDPR) in May of 2018, approximately 75.7% of all WHOIS records contained contact information for domain registrants, while 24.3% of WHOIS records were under privacy/proxy protection.
In response to GDPR, ICANN introduced the ‘temp spec’ for access to WHOIS records. Under this policy, registrars and registries have redacted contact information from 57.3% of all domains according to Interisle’s research. During this period, the researcher found that privacy/proxy protection usage has increased to 29.2% of WHOIS records.
As a result, 86.5% of all WHOIS registrant contact records are not identifiable using WHOIS. In under three years, the availability of WHOIS contact information has drastically declined from 75.7% in 2018 to just above 13% in early 2021.
This wholesale redaction of registrant information has made it exponentially more difficult and expensive for brand holders to act against cybercriminals, cybersquatters, and domain infringers. With ICANN’s decision to allow for contact information to remain largely redacted, bad actors can thrive in virtual anonymity.
To complicate the situation further, registrars routinely deny or ignore requests for redacted domain name registration data. A recent post by the Cybersecurity Tech Accord documented that 55% of requests for redacted registrant data get denied. Another 43% are left unanswered, leaving just 2% of requests for registrant data fulfilled.
The experts at Tracer, who are also powering LexisNexis Intellectual Property Brand Protection solution, have found that obtaining redacted information continues to be a struggle during their enforcement efforts for clients. From September 1, 2020, through February 28, 2021, they submitted over 4,500 requests to 182 ICANN-accredited registrars. Of those individual requests, only 10.1% resulted in responses that included registrant data. Of the 182 registrars to whom we made requests, 61 were completely unresponsive.
The bottom line: while most registrars acknowledge requests for data, they do not provide any data.
The lack of cooperation has resulted in brand holders facing a slow, expensive struggle for domain name dispute resolution. Without proper access to registrant information, it has become increasingly challenging to achieve a nuanced resolution. Historically, many complex domain abuse issues get resolved through dialogue with registrants, an option that is no longer readily available.
Brandholders must now find alternative ways to resolve their issues. This includes requesting hosting providers to block a specific site and filing administrative actions like the Uniform Domain Name Dispute Resolution Policy (UDRP) or initiating civil litigation in some extreme cases.
These solutions come with their own host of issues, including the high costs associated with legal services and filing fees to the slow UDRP process. In addition, this lack of information makes it more difficult for brand holders to uncover related abuse, meaning they may have to repeat these processes multiple times to protect their brand.
Fighting brand abuse networks
Bad actors, aware of the enforcement struggles that brand holders are facing, have turned the situation to their advantage, boldly creating systemic abuse networks that are resilient to traditional mitigation methods.
Malicious actors began using multiple obfuscation layers to make it harder to find and dismantle their operations. These sophisticated networks utilize modern digital marketing strategies and technology to take advantage of consumers by infringing upon trademarks, brand names, hashtags, slogans, and even web page text used by the brands they target.
Traditional brand protection technology relies on scanning to identify the nodes of a network, but these technologies exclude the linkages and, thus, the discovery of related abuse. While brand protection professionals who use these legacy technologies can pursue enforcement for the individual nodes, they cannot identify related abuse, leaving large swaths of criminal operations in place, continuing to profit.
To illustrate this point, consider the following graph. At first glance, the data looks promising, with network percentages decreasing, but a closer examination reveals related abuse continues after enforcement.
In other words, as brand holders using legacy technologies take down an abusive node, new nodes appear to take its place. This phenomenon demonstrates the highly-organized nature of systemic abuse networks.
Dismantling these sophisticated abuse networks requires a fresh approach beyond identifying and taking down individual abuse nodes one by one. Modern brand protection technology uncovers the linkages or connective tissue between the network nodes and maps the network’s scope.
This methodology is crucial since we have found that one in every three enforcements is related to a brand abuse network. LexisNexis Intellectual Solutions Brand Protection is the only brand protection provider that can meet the challenge of systemic abuse networks with our patent-pending Tracer™ technology. By understanding the true scope of a brand abuse network, brand holders who use modern brand protection technology can target the heart of the network abusing their brand.
To learn more about brand abuse and how to become a more resilient brand, download our white paper: Defending Brands—New Realities, New Partnerships.