Domain monitoring for brand protection
By Connie Hon, Domain Product and New gTLD manager Share this post
In our earlier installments, we discussed domain registrations and blocking as tools for brand owners to protect their online brand. This third installment will focus on the domain monitoring as a catch all technique for when it’s impossible for brands to protect through registrations and blocks alone.
How can I protect my brand in the rest of the 67%?
For 67% of the new generic top-level domains (gTLDs) that are not covered by domain blocks, brand owners should defensively register their core brands and primary corporate marks in new gTLDs that are relevant to their industry vertical.
For the rest of the new gTLDs and even legacy gTLDs such as .COM, brand owners should track third-party domain registrations for any potential infringements to act on them before any major damage is done.
How can brand owners track third party domain registrations?
Trademark Clearing House notifications: alerts on matching registrations and activations
The Trademark Clearinghouse (TMCH) was introduced by the Internet Corporation for Assigned Names and Numbers (ICANN) in 2012 to act as a central repository for all national and international registered trademarks. Once verified and accepted into the TMCH, signed mark data (SMD) files are issued per trademark and brand owners are then able to make use of the SMD file in new gTLD priority Sunrise registrations—as well as be notified if any domain name that matches the trademark was registered or activated in any of the new gTLDs.
The prerequisite to any new gTLD domain block is an active trademark record with the TMCH, so domain block owners will receive these notifications from TMCH. While these notifications are helpful for alerting brand owners very soon after a domain name matching the trademark is registered or activated, it’s the brand owner’s job to collate and track these notifications, continuously monitor the domain names, and take enforcement action if they are later found to be infringing.
Domain monitoring: a catch all technique
Brand owners typically subscribe to a domain monitoring service to complement TMCH notifications.
A good domain monitoring service should provide ongoing coverage, showing newly registered domain names that match an onboarded brand. Matches include exact matches, typos, homoglyphs, domains that include the brand in a larger string (e.g., brand.com, barnd.com, bԻand.com, onebrand.com, etc.)—all the variations that a cyber criminal would use to create an email or website to dupe customers into thinking they are dealing with the actual brand rather than a fraudster.
Brand owners should request results prioritized according to their preferences for how similar or exact a domain string matches their brand, the category assigned based on the content on the page, and geographic region.
- Is it an exact match, typo, misspelling, etc.? Brands may deal with these differently depending on industry, experience, and attitude to risk.
- Is the extension in a country the brand does business?
- What is the content? Pay per click advertising will be low risk compared to a copycat website.
- Is there an email address linked to the domain name?
Having human analysts review and categorize the web content for each result can help better prioritize critical cases that might warrant enforcement action, rather than a data dump of results. Brand owners should have the option to review historic results and have the ability within the monitoring system to track domain results for changes. This enables brand owners to track changes to the domain names, such as when they’re activated.
Enforcement action can be performed as required if phishing, fraud, or brand infringement is detected. For those where there is no immediate activity, continued monitoring can track if any of the digital footprint categorizations like content or active email changes, and highlight when a reassessment of what enforcement action is needed.
In the next installment, the last of our four-part series, we discuss how domain monitoring is often forgotten as a tool for cyber security as well.