December 5, 2006

More and more today, protecting your company’s reputation and name now means going beyond the physical world and into the digital one. In the Internet world, an organization’s domain name is the key to its Web presence.

Protecting that name is becoming ever more critical as domain name phishers continue to spoof users by utilizing domains that very closely looks like popular corporate domains.

Many of these "fraudster domains" are available for sale on some domain name registrar sites such as Sedo.com and Moniker.com, according to Mikko Hypponen, chief research officer at Helsinki-based Internet security firm F-Secure Corp.

These sites often act as a middleman for people who have registered these domains, only to put them up for sale to the highest bidder.

“There is nothing wrong in reselling cool domains like tractors.com, filmlist.com or 4fares.com to anyone who wants to buy them,” wrote Hypponen on his F-Secure blog. “But how about reselling domains that obviously belong to banks or other financial institutions?”

Internet domain names such as citi-bank.info, americanexpresscredicard.com and visacard.us were just some of the domains being resold at Sedo.com, and there's a lot more...

The more obvious purpose for buying such domains, said Hypponen, is to conduct phishing scheems that trick users into believing that these are legitimate sites of their financial institutions.

This practice is easy to carry out, since the domain registration process doesn’t usually include stringent background checks.

Whether the person or entity registering a domain can pay for it is frequently the only criteria involved, explained the F-Secure executive in an interview with ComputerWorld Canada.

The process is different with top-level domains such as .gov or .mil, however, which usually involves background checking and verification of legitimacy before any such domain extension can be granted, said Hypponen.

Firms such as Sedo.com and Moniker.com of Pampano, Fla., operate in an industry that brings in an estimated US $1 billion in registration fees annually. The registration price is usually US $10 but some names can easily resell for over six times that amount, such as Cameras.com which Moniker sold for US$1.69 million a few months ago.

While the potential for fraud exists, it isn't the job of domain resellers to go after phishing operators, according to Monte Cahn, president and CEO of Moniker.com.

The firm handles some 1.5 million domain names. “It’s not our job to police the industry,” he said.

The domain reseller, however, said they have policies in place to ensure that complaints against spam and fraud are investigated. “If we receive a complaint we investigate, and if evidence warrants, point out the site to authorities.”

F-Secure’s Hypponen suggests that organizations, especially financial institutions that have an online presence, should remain vigilant on the Web.

“One way to safeguard (your company) is to try to monitor the list of newly registered domains or domains that are being resold (on the Web), for example, searching your own company name at a site like Sedo.com. And if you see these things being sold, buy them,” said Hypponen.

This may not be the most ideal solution, but it can be a short-term remediation to the problem, he added. The price for second-hand domains sold on reseller sites range from $100 to several thousand dollars.

As always, user education is vital to maintaining your business’s online integrity and the more informed your customers are about the risks of phishing attacks, the smarter they will be about their Internet transactions.

“Make sure that [your users] know the right URL and…not to follow links from e-mails,” said Hypponen, noting that banks today are “doing a pretty good job” in educating their customers.

There are also some legal remedies that Canadian organizations can resort to if they believe their name is illegitimately being used for unscrupulous deeds on the Internet, according to Toronto lawyer Jason Young, an associate at Deeth Williams Wall LLP.

The dispute resolution process of the Canadian Internet Registration Authority can be an avenue for companies to file complaints against individuals or entities trying to imitate their names on the Web, Young said.

Firms bringing the complaint must be able to prove three things: that the domain in question is “confusingly similar to the complainant’s mark;” that the registrant in question was acting in bad faith at the time of registration, such as whether he or she registered the domain with the purpose of selling it; and that the registrant has no rights in Canada.

“If the registrant has a legitimate reason for registering that domain name, they still may, in the end, be successful in keeping it,” Young explained. For instance, by using a company’s acronyms in its domain name, such as CIBC for the Canadian Imperial Bank of Commerce and BMO for Bank of Montreal, there’s a good chance these firms will have a similar domain name as another legitimate organization with the same acronym.

Many of the complaints in Canada, however, end up getting settled before they go into the formal dispute resolution process to save both parties time and money, said Young.

Source: IT World Canada

Save Internet Security.ca's URL to the list of your favorite web sites in your Web browser by clicking here.

Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.

You can link to the Internet Security web site as much as you like. Read our section on how your company can participate in our reciprocal link exchange program and increase your rankings in the major search engines such as
Google and all the others.