Posted by Shanna Gordon on Tue, Feb 02, 2010
If someone was breaking into your house every night while you slept and was taking money from your piggy bank….wouldn’t you try to stop it? So why aren’t large corporations not doing more to stop perpetrators from continuously stealing revenue from their bottom line? Through traffic diversion schemes,
selling of counterfeit goods, unauthorized associations, identity theft attacks and defamatory social media discussion, brands are being violated, reputations tarnished and significant revenues lost.
Traffic diversion schemes include domain cyber squatting (i.e.www.fasebook.com), and many various tactics to direct traffic away from your site (sometimes to competitors sites or even pornography).
Why spend thousands or even millions of dollars on a marketing budget just to have the benefits diluted and revenue stolen from you through various traffic diversion schemes. CMO’s need to start paying attention to this and start protecting their brands.
Wouldn’t you also want to know if someone was saying they were a partner of yours? Think it’s not important? Take for example a financial organization down south….we recently found a “hate group” site claiming on their website that they conduct all their banking at this organization. If one influential blogger/tweeter comes across this post, the banks reputation can be tarnished in days or even hours through social media.
Which brings me to my next point….Marketers also need to continuously monitor social media sites for potentially damaging situations. It only takes minutes for once again an influential blogger to say something slanderous, someone to make a negative video or a disgruntled employee to post confidential information and the word spreads like wild fire. Free tools can provide some minimal coverage but the time it takes to weed through the junk is prohibitive. Prioritizing what’s relevant and emotionally charged to mitigate negative impact on your brand is necessary.
I think some of the hesitation in the past for marketing departments not leveraging brand protection services is that they didn’t know what they would do with these “issues” once they were uncovered. They also strongly hesitated getting their legal departments involved in these situations, for obvious reasons (very expensive!)…..so why not just ignore it? That is where cease and desist capabilities can help manage these situations in a very cost effective way and help r
emove the vast majority of the threats uncovered. Not to toot our horn, but BrandProtect’s track record for getting infractions removed via cease and desist methods alone is approximately 70-80%.
So once again, I ask the question…..if someone was breaking into your piggy bank every night, wouldn’t you try to stop it?
Posted by Rosemary Brkopac on Thu, Jan 28, 2010
2010 will be an exciting year for me because as the new decade kicks off so does another volunteer term on the INTA bulletin committee. Thousands of INTA members spend countless hours volunteering their time and talents contributing to INTA, but I think working on the Bulletin must be one of the most rewarding and instantly gratifying ways to be involved in the Association. Close to 30,000 INTA members receive the Bulletin every two weeks, with each issue being much anticipated as receiving the publication was voted the most important benefit of INTA membership – even over the annual meeting!
Over the past two years my role on the committee has afforded me the privilege of reporting on cutting edge trademark conferences as well conducting Member Spotlight interviews with the most respected trademark attorneys in the world. If I had to pick one highlight of my last term it would be covering the Trademark Law and the Internet forum held last year in San Francisco. The conference featured one of the founders of the Internet, Google Evangelist Dr. Vint Cerf, as a keynote speaker. To be in the same room with him and hear him speak about topics such as Interplanetary Internet and the introduction of IPv6 was a truly phenomenal experience. I enjoyed writing the article and sharing information gleaned from the conference with clients and colleagues alike. When doing a Member Spotlight interview the one question I ask each person without fail is “What do you see as the most serious issue today concerning trademark infractions on the Internet?” The responses I get back vary from person to person, and I (and my clients here at BrandProtect) benefit from their responses.
I always learn something new and often get a different perspective on the issues that are important to all of us in the brand protection field.
Though we are still in the early days of 2010, the members of the INTA Bulletin committee are hard at work preparing stories for upcoming issues. Please look out for my Member Spotlight focusing on Nancy Lutz appearing next month. Nancy is an IP attorney and a partner of Kelley Drye & Warren LLP, in Washington D.C. I’m currently working on articles focusing on J. Scott Evans, Senior Legal Director, Global Brand and Trademarks - Yahoo! Inc. (who is heavily involved with ICANN, advocating the protection of rights holders interests with the introduction of the new gTLDs) and Vincent Martell, Intellectual Property Manager at CKX (American Idol, Elvis Presley Enterprises, Muhammad Ali, the Beckhams). I always appreciate feedback, so after reading my articles please drop me a line and let me know your thoughts!
Posted by Jamila Hunte on Mon, Jan 18, 2010
We live in an age where there is a need to have information right at our finger tips. Not only do we need to have information that is easily accessible we also need to be mobile.
With the introduction of mobile devices like the iPhone, users are able to have the best of both worlds. Apps are all the rage. You can make your shopping list, check the weather, see your new friend request on Facebook, play your favourite video game and read your favourite book and these are just the tip of the iceberg.
Recently, a new app had found its way to Google’s Android market, an apps store maintained for its mobile services. This new application appeared to offer a feature that would allow the user to gain access to
their bank’s website through this shortcut. It is now believed that this app and 50 similar apps were harnessing malicious activity – activity that could lead to phishing attempts. A recent article in computerworld.com
provides more information on this app created by a developer only known as “09Droid”.
This android app was brought to my attention and was a concern for one of my clients. We were concerned that this app could have been downloaded by their customers who were innocently looking for an easy way to access their bank account.
Luckily we were able to make contact with one of the sites that were advertising the app and since then it has been removed. There was still a concern, however, that there could be other sites that provide this app. According to a recent article in willhall.ca
droid apps have been removed by Google.
We have been put at ease, at least for now…
There could be another android app lurking around out there, but the word is getting out and banks and credit unions are beginning to make their customers aware that what may appear to be a handy shortcut, could get them in a world of trouble. So buyer BEWARE!!!
Posted by Kevin Joy on Mon, Jan 04, 2010
“Lies, damned lies, and statistics”
For quite some time now, we have increasingly
encountered a question when talking to potential clients: “What is your average takedown time?” This is a completely logical question to ask
– cutting the lifetime of phishing sites is the whole point of employing a
takedown service such as ourselves - but the question is a dangerous one.
First and foremost, there is no average phishing attack. Each has different characteristics, sources
and impact, and therefore the notion of an average takedown time is very
misleading. Simple attacks can be taken
down in a matter of minutes, while some of the more sophisticated attacks,
particularly those hosted on a fast-flux bot net, can take several hours or
even days to resolve despite continuous efforts by the takedown provider. Since
there is no caveat that smaller organizations will be targeted less, and rarely
in a fast-flux attack, the average takedown time is almost completely
irrelevant.
Vendors also have different definitions of what
exactly constitutes an incident. Some of our competitors consider every
distinct URL an incident, whereas BrandProtect has special guidelines for
grouping similar URLs into one incident. This diversity amongst providers makes
calculation of the average takedown time inconsistent, despite the unfortunate cases
that some of our competitors are trying to lay claim to having the fastest
average takedown times.
Somewhat unsurprisingly, if BrandProtect were to
play that game, our data suggests that our takedown times would equate to being
significantly faster than those for our nearest competitor. But BrandProtect doesn’t play that game. We don’t claim to have the fastest takedowns
in the industry; we claim to be the best. Being the best is more than getting sites
disabled quickly (which we do quite well, thankyouverymuch!), but also
providing our customers with above-and-beyond service.
Success in
dealing with identity theft attacks cannot be measured by something as variable
as takedown time – success is a function of detection, takedown, and
communication effectiveness, all of which have a significant bearing on the
overall time in which a phishing attack can cause damage. Collaborating with clients and other partners to improve every aspect
of our offering – detection, analysis, customer education programs, our client
portal, reporting processes, etc. – is the only way to ensure the utmost client
confidence that our response to an attack will result in minimal damage.
Posted by Minal Pithia on Mon, Dec 21, 2009
Marshall McLuhan's 1962 prediction of the "global village" is manifested today in the form of the internet, a self-governing community without borders involving the integration of different cultures. Worldwide communication is instantaneous and the internet is becoming more global and accessible. Did you know that the first official domain name in non-Latin characters will appear in 2010? The Bulgarian government is one of the first to register internet domains in
Cyrillic. It will be interesting to see the impact this will have on the internet.
Recently, the Internet Corporation for Assigned Names and Numbers (ICANN) approved a fast-track process for implementing non-Latin domain names by early to mid 2010. As Latin characters dominated the internet, a switch to non-Latin characters will allow people from all over the world to register domains in Arabic, Mandarin, Japanese and Russian to name a few. With this new implementation it may become problematic in controlling spammers and phishers. Peter Wood, member of ISACA's Conference Committee and founder of First Base Technologies states, "While we understand the interest in expanding the 
characters offered in other languages, we are concerned that an increase in web site characters could lead to greater security risks and consumer fraud," As, most modern scripts have a similarity to Cyrillic scripts, many experts predict an increase in spoof URL's that confuse users into distinguishing a fraudulent site from an authentic one. For example, here is a list of characters in Cyrillic that look like Latin characters: y, k, e, x, b, a, p, o, c and g. Characters that look alike are known as homographs. The scope for homograph attacks widens, as IDN's allow for the use of full Unicode character set. One could see the implications of this as it's possible to create domains like "bank" using the lower case Cyrillic ‘a'.
There is a defense mechanism for this; Firefox has an add-on which "Puts a little flag in the status bar that tells you whether you are visiting a Traditional Domain Name (green TDN) or an International Domain Name (UN-blue IDN with translation to Punycode)". It is also important to educate yourself about various phishing attacks and to never click on suspicious links in an email. When in doubt, it would be good to get into the habit of typing URL's directly into browsers.
The borderless world of the internet provides many oppo
rtunities for companies to create a global online presence. The introduction of IDN's increases the potential for more online business, since it allows companies to effectively target larger audiences and widen their scope on the internet. Protecting brands and reputation online has never been more important than it is today, in the ever evolving world of the internet.
Posted by Michael Kiefer on Tue, Dec 15, 2009
Almost every state now has their own bill. Now the House and Senate have two bills which need to go to one. It is kind of like every state has their own gas fuel mixture requirements. It is costing taxpayers billions to have our government regulat
e, both at a state and federal level and business to comply to all these State and Federal bills, that are different. The new House bill looks like it only pertains to FTC regulated companies. Being in DC this week, I could not happen to notice the number of overhead cranes. Building out for the next 100,000 government workers to over regulate us!
____________________________________________________
US House Passes Data Accountability and Trust Act (DATA)
On December 8, 2009, the Data Accountability and Trust Act -- HR 2221(DATA) moved one step closer to law by passing the House of Representatives. DATA is sponsored by Congressman Bobby Rush (D-IL). The DATA in Congress has similar elements as Senator Leahy's S. 1490, the Personal Data Privacy and Security Act, including not only breach notice obligations, but also information security policy requirements.
Both the Leahy and Rush bills also impose increased obligations on "information brokers," defined as follows in the Rush bill:
(6) INFORMATION BROKER- The term `information broker'--
(A) means a commercial entity whose business is to collect, assemble, or maintain personal information concerning individuals who are not current or former customers of such entity in order to sell such information or provide access to such information to any nonaffiliated third party in exchange for consideration, whether such collection, assembly, or maintenance of personal information is performed by the information broker directly, or by contract or subcontract with any other entity; and
(B) does not include a commercial entity to the extent that such entity processes information collected by and received from a nonaffiliated third party concerning individuals who are current or former customers or employees of such third party to enable such third party to (1) provide benefits for its employees or (2) directly transact business with its customers.
(the Leahy bill uses the term "data broker", but has a similar definition). Information brokers would be required to submit their security policies to the FTC in the event their breach notice obligations where triggered. Moreover, the DATA imposes obligations on information brokers concerning data accuracy, data access and disputed data. Information brokers would also be required to maintain audit logs or similar measures "which facilitate the auditing or retracing of any internal or external access to, or transmissions of, any data containing personal information collected, assembled, or maintained by such information broker."
Posted by Dylan Sachs on Fri, Dec 04, 2009
It has been well known for some time - at least, amongst those in the industry and by those with coverage - that having a solid takedown service is essential to limiting the exposure you and your customers face as a result of phishing attacks. Studies have shown - consistently - that brands who have a well-defined takedown process (including a third-party takedown company) experience significant reductions in the lifetimes of phishing sites targeting their customer base.
Recently, there has been a spike in fast-flux, high-volume phishing activity. Previously, this was known as "Rock Phish" activity; however that can be considered version 1.0 - domains, hosted on a botnet, targeting multiple financial brands and their customers via phis
hing sites. Version 2.0 - known as Avalanche or ZBOT - is particularly troubling as they have evolved to include a malware payload, and broadened their target base by including social networking sites, government agencies, and even spoofing the email recipient's domain. While complete fraud-loss and malware infection rates are difficult to come by, Damballa research found that the Zeus Trojan - the malware payload included in the Avalanche attacks - has infected 3.6 million systems in the U.S. alone.
In addition to giving up their banking credentials, hundreds - possibly thousands - of users are unknowingly becoming infected daily with one of the most difficult-to-detect pieces of malware ever seen. Zeus makes up 44% of all finance-related malware, and provides the fraudsters with complete access to the infected host, allowing them to upload keylogging software, automatically steal login credentials, even route legitimate domains to phishing pages. Even those systems with up-to-date anti-virus software aren't immune from infection by Zeus - Trusteer found that up to 77% of infected systems had up-to-date AV definitions (and that across all AV software, there was only a 23% detection rate of Zeus). Earlier, I mentioned that the Avalanche attacks were targeting social networking sites - the same social networking sites that have been used as command-and-control centres for other pieces of malware.
The simplest solution is often the most effective, and when dealing with hosted malware and phishing sites, the simplest solution to prevent further infections or credential loss is to get the content removed. Anti-Phishing Working Group recently published their 1H2009 Global Phishing Survey, in which they have a section detailing the Avalanche phish. Their findings showed that Avalanche domains had an average lifetime of 18 hours, 45 
minutes from the time the email was sent out to the time the site became unavailable. In the grand scheme of things, this is a fairly short lifespan - the same report outlines the average lifetime of standard phishing sites as being 39 hours, 11 minutes. While this is promising, it still leaves 18 ¾ hours open to steal credentials and infect unwitting users.
BrandProtect first saw our clients being targeted in late June, with three more clients being added to the target list in the following months. In total, 506 domains were launched which had pages (either phishing, malware, or both) targeting our clients. BrandProtect's 24/7 Incident Response Team has a distinct advantage over other takedown providers in that they have team members spanning the globe, able to converse with the registrars of these domains in their native tongue, during their normal business hours. This advantage resulted in an average lifetime of the domains targeting our clients of 7 hours, 48 minutes - or a 60% reduction over the reported industry average. Needless to say, our clients are quite pleased with these results.
Now, if only there was a way to prevent people from clicking links in email messages...
Posted by Michael Kiefer on Thu, Nov 26, 2009
Companies when seeing Internet infractions on their brand need to cache a copy if they really want to go the distance. Recent rulings like SP Techs., LLC v. Garmin Int'l., Inc. have made admissible stored images as evidence. Having a service that stores infraction images and the associated forensics makes cases....
http://www.chicagoiplitigation.com/2009/11/articles/inequitable-conduct/internet-archive-website-is-admissible-evidence/
Internet Archive Website is Admissible Evidence Posted on November 13, 2009 by R. David Donoghue
SP Techs., LLC v. Garmin Int'l., Inc., No. 08 C 3248, Slip Op. (N.D. Ill. Sep. 30, 2009) (Pallmeyer, J.)
Judge Pallmeyer denied defendants' motion for summary judgment of inequitable conduct in this patent infringement case. Plaintiff SP Technologies ("SPT") asserted a patent for a touch screen keyboard that cannot be moved, resized or closed by a user. Defendants argued the patent should be held unenforceable based upon the inventor's alleged failure to disclose to the Patent Office twenty lines of code for disabling a close button allegedly copied from a website and used in the patent, as well as certain alleged prior art Palm Pilot devices.
Intent to Deceive
The Court held there were questions of fact as to the investor's alleged intent to deceive the Patent Office as to both alleged pieces of prior art. With respect to the code, there was evidence that the inventor believed there was no need to submit any evidence about a portion of the code because only the entirety of the code was relevant to patenting. Regarding the Palm devices, the inventor believed he had disclosed the Palm Pilots because they were mentioned in articles submitted to the Patent Office.
Materiality
Regarding the allegedly copied code, the Court noted that few inventors could be considered the sole inventor of every aspect of their invention. Almost all inventions include some known components. And defendants did not prove that the single component of the invention represented by the allegedly copied code was central to patentability. The Court did, however, note that it appeared the code was likely copied as it was identical to that on the website and in other manuals, down to a misspelling. The Court accepted as evidence a printout of a copy of the website at issue from the relevant 1999 date. The copy of this website was maintained by the Internet Archive, or the Way Back Machine. The printout was authenticated by an Internet Archive employee that explained the Internet Archive's process of maintaining historic copies of websites.
Similarly, defendants did not present sufficient evidence of the materiality of the Palm devices. Defendants offered only pictures without proof, such as a manual, that a user could not move, resize or close the keyboard.
Posted by Adrian Sertl on Fri, Nov 20, 2009
I recently
read a very interesting article from the New
York Times by Kevin J. O’Brien titled E.U.
Leaders Bolster Internet Access Protections and it really got me
thinking about how just vital having access to the Internet is in this day and
age, to the point where some government officials are considering it a basic
human right.
To quickly
summarize the piece, on the fifth of this month (which is significant for
reasons that will be explained later on) European lawmakers were able to reach
a ‘middle of the road’ deal between governments that wish to create and
implement harsh laws designed to combat online piracy and advocacy groups that
believe that having access to an Internet connection is a human right. The lynchpin of the agreement mandated that a
legal review must be undertaken before anyone accused of engaging in online
piracy offenses can have their Internet connection cut off. Those in favour of the compromise were
pleased that the deal had essentially made access to the Internet a legal right
in Europe without sacrificing the authorities’ ability to prosecute those that
are found guilty of committing online piracy crimes; although some advocacy
groups were disappointed that the ruling did not go far enough to require a
full on criminal trial before any action could be taken against alleged
offenders. But regardless of the
perceived shortfalls of the deal it was generally considered a success.
This ruling
comes in the wake of attempts by the French Government to get a strict anti-piracy bill passed into law which would give French
authorities the power to disconnect users from the Internet after a third
piracy related offence. There is also a similar
movement in the United Kingdom spearheaded by the Business Secretary Lord
Peter Mandelson. In both cases the
infringers would receive two written warnings before their Internet access
would be disconnected upon being caught offending for the third time, without
even as much as a legal review.
The E.U.
decision also came in the midst, quite literally, of the sixth round of
negotiations regarding the Anti-Counterfeiting
Trade Agreement in Seoul, South Korea, which is what I alluded to earlier
in this post. The main significance of
this, as University of Ottawa Law Professor Michael Geist points out on his blog, is that the chapters of this agreement
that focus on the issue of Internet enforcement are being drafted under a veil
of heavy secrecy. Some of the provisions
in the agreement, that have been made public via a leaked document, would
require that all signatories create, among other things: penalties both civil
and legal for those that are found guilty of “internet infringements”, the
establishment of “third-party liability”, and limitations on what are known as
“safe harbour” rules for Internet Service Providers. One of Geist’s biggest concerns with ACTA,
albeit speaking strictly in the context of Canada, is that it would supersede
any domestic IP legislation that is already in existence, provided any such
legislation exists, and block any attempts to create new laws in the future; it
must be noted that the European Union was represented in Seoul and will no
doubt be present at the next round of negotiations which are slated to commence
in January of next year in Mexico, so if the E.U. were to ratify this agreement
all of the work the officials have done to create the safeguards outlined in
the O’Brien article would, potentially be rendered useless. Geist closes off one of his posts by saying
that “it is clear that there is no bigger IP issue today than the Anti-Counterfeiting
Trade Agreement being negotiated behind closed doors this week in Korea”, and
to his point I may have to agree.
While I
feel that having access to the Internet is becoming, if not already is, a basic
human right it is important to note that like other basic human rights it
should not exceed the boundaries of law; combating illegal online activities is
a fight worth fighting but it must be tempered with provisions that prevent strict
penalties and respect the concept of due process, especially considering that
many of those accused of online piracy are presumed guilty. The problem with this is that the Internet is
still what I would consider a frontier in that laws that govern it are still
being created and refined; in an ideal situation these laws would be impartial
and uninfluenced by any outside force, but sadly as in ‘real life’ that is not
a reality.
I would
love to know what others think of the notion that Internet access is a basic
human right, and from both sides of the argument because I’d like to think I’ve
presented a ‘middle of the road’ point of view.
It is truly a fascinating debate and one that we haven’t fully scratched
the surface of quite yet.
Posted by Jamila Hunte on Tue, Nov 10, 2009
So are you ready for the new gTLDs? Have you formulated your brand strategy to
ensure that you do not miss your opportunity to leverage this new offering or
protect your brand and trademarks from unauthorized and malicious uses? Well, not to worry, neither is ICANN. Those who are concerned about the new gTLDs
have been watching and waiting for ICANN to give notice as to when they will begin
accepting applications for the new gTLDs.
A few months ago, we were told that they will begin to accept new
applications in Q1 of 2010 and now it looks as though this will not happen
until the second half of 2010. ICANN’s
CEO Rod Beckstrom has said that the new gTLDs will be available when, “we’ve
adequately addressed the important issues that are on the table.” In other words, this is still a work in
progress.
The third version of the Draft Application
Guidebook was released in early October and is available for public comment until
November 22. There are still the issues
of trademark protection mechanisms and stability and security of the Internet
infrastructure that need to be further researched and developed. In a recent article published by Managing IP they have pointed out that one of the topics of great debate, the Globally
Protected Marks List, has been squashed.
This was a very popular idea that was welcomed by the trademark
community; however they have received a lot of criticism from those outside the
trademark community. What has been made
very clear is that ICANN cannot make everyone happy, which is why the whole
idea of the new gTLDs has had so much set back.
So will the new gTLDs really happen?
I will say, most likely, it is really just a matter of when. ICANN is continuing its quest to find a
“happy medium”, if that is possible. They
have also announced that they have received twelve responses for Expressions of
Interest (EOI) for independent evaluators in the new gTLD program. These evaluators will examine ICANN’s
operational readiness for the launch of the new gTLDs.
Although the launch of the new gTLDs do not
appear to be happening any time soon,
brand owners must also not forget about ICANN’s plan to deploy
Internationalized Domain Names (IDNs).
They will introduce a limited number of internationalized ccTLDs. In case you are wondering what this is all
about, this is where a user can obtain a domain with a string of characters in
their native language. ICANN has
released their proposed final implementation plan regarding the IDN ccTLDs and
have a launch date for this “Fast Track Process” on November 16th,
2009. If as a brand owner you have not heard of
this, please take note of this as new issues can arise by the launch of these
new ccTLDs. Educate yourself, understand
what the registration procedures will entail and ensure that if there is a Sunrise period proposed
for these ccTLDs that you are able to take full advantage and not get left in
the dark.