The DomainTools Blog recently reported the following information concerning Neiman Marcus’ success in protecting its trademarks from cybersquatters using the Anti-cybersquatting Protection Act.
Name.com and its sister company, Spot Domains LLC, have been accused of violating the anit-cybersquating act by registering over 40 domain typos using the Neiman Marcus trademark. Neiman Marcus is seeking over $4,000,000+ in damages and also injunctive relief. Neiman Marcus just settled its earlier case with Dotster and it appears they are looking for more domain tasters to sink their teeth into. In the filings in U.S. District Court in Denver, they asked for $100,000 per domain. In our own research, it appears that Domain Tasters in 2002 were looking for generic words or phrases that they could monetize, but since then most of the viable words and phrases that could be monitized have been registered. Domain Tasters of 2007 aren’t finding a lot of generic words and phrases any more, however they are finding typos of famous brands that are monetizing well. For example, Well Fargo Bank.com was registered by a Domain Taster yesterday.
As part of the settlement with Dotster, they agree to stop registering names similar to Neiman Marcus. Dotster also agreed to suspended Domain Tasting, and I bet that Name.com will have to suspend Domain Tasting as part of its settlement too. At any given time, more then 5 million domains are tied up in Domain Tasting, however lawsuits have been bringing those numbers down. Maltuzi located in California is another Domain Taster that just got sued by Microsoft. The registrar for Maltuzi is Name King, and upon the Microsoft lawsuit, Name King suspended Domain Tasting for all its clients. Name King had facilated Domain Tasting for a few select customers.
Many Domain Tasters have been masking their whois or using shell companies to reduce their liability, but as we have seen in the Microsoft lawsuit, they name the defendants as unknown "John Does." Lawyers use this type of lawsuits to obtain identities through subpoenas and then can sue the people they find.
Finjan Inc., a web security company, has released reports today on hackers and cyber-criminals using typosquatted domain names to infect visitors to legitimate websites and increase the lifecycle of cyber-attacks. Leveraging the similarity to legitimate and frequently used domain names is successfully enabling these attackers to go unnoticed by webmasters and security solution providers.
From the report: “The abuse of trusted domain names attack vector was spotted during October by Finjan’s Malicious Code Research Center (MCRC) when searching for popular services with a slight change of the top level domain. When Finjan’s MCRC investigated http://go*gle-stat******.org (where * has obscured some of the characters of the domain) it was found that it took advantage of a domain name similar to a legitimate popular service, which contains malicious code that is designed to download and execute a Trojan on the visitor’s machine. The malicious code itself is located on the abused domain name.” Further research on the location of the domain name hosting the malicious site, also revealed another interesting finding: “The code was located on a trusted controlled IP address”.
Posted by: TypoSquatting | 11/21/2007 at 14:19