Deepfakes, Fake News & Viral Hoaxes: How Good Domain Name Practices Can Help Prevent Truth Decay
By: Jamie Nafziger, Esq., Partner, Dorsey & Whitney LLP
How do we know something is true? Usually by using our senses. However, when internet scammers can fool our senses by using doctored photos and videos and discourse-driving bots, our trust in online information decays. In the 20’s, internet users crave trustworthy sources. Your company can become and stay a trusted source by using good domain name practices. By applying the domain name practices detailed below, you can launch and boost your brands in ways that promote consumer trust.
Choose Strong Brands to Discourage Deceit
People can be tricked more easily when names are not very memorable or are confusing. Would it be easier to find the real clothing company in the morass of internet search results if it were called Clothing for You, Inc. or Opaline, Inc.? By choosing a strong brand, your company can help users recognize it from among overwhelming internet and mobile content.
With communication today often consisting of three letter texting abbreviations and sometimes only a one character emoji, short is in.
Strong brands are usually coined terms that are easy to spell or are existing words used in unexpected ways. Weaker brands include terms that describe the goods and services offered and contain no distinctive elements.
Online scammers love weak brands because they can swap out a word or use a slightly different abbreviation in a domain name to divert online traffic to their sites. They can also spoof email addresses related to weak brands more easily for use in phishing campaigns. The stronger your brand, the more easily you will be found online and the more difficult it will be for criminals to misdirect users to a fake you.
Choose Strong Domain Names to Help Consumers Find the Real You
With communication today often consisting of three letter texting abbreviations and sometimes only a one character emoji, short is in. Choose short domain names (with no hyphens or numbers) that match your company or brand name. This will minimize the risk that users will be diverted through typosquatting. Scammers engaged in typosquatting will register a domain name that is a slight typographical error off of a brand, such as by using a double consonant where the brand contains a single consonant. The shorter a domain name, the less likely a user can be confused.
To get a short domain name, consider registering in one of the new generic top level domain (gTLD) names which have greater availability than .com. While opaline.com may be taken, opaline.inc may not be. With millions more available domain names, the new domain name extensions offer a much greater opportunity to find the strong domain name you seek.
Before registering in a new gTLD extension, consider the registry’s reputation for protecting trademark owners. For instance, the .inc registry uses strong cybersquatting policies and premium pricing to discourage squatters and scammers from registering in it. Choose new gTLD registries with a trustworthy reputation, and that reputation will help strengthen your domain name.
No matter how hard the tricksters try, you can try harder.
In addition, if you are in a particular industry, you could seek an industry-related extension such as .bank, which has increased registration requirements and helps screen out fakers.
The U.S. Supreme Court recently affirmed that a generic term combined with a gTLD can become well-known enough among the public to receive trademark protection (USPTO v. Booking.com, B.V., 19-46 (https://www.supremecourt.gov/opinions/19pdf/19-46_8n59.pdf). However, starting with a strong domain name, rather than a weak one, will make it easier for consumers to find the real you.
Build a Protective Shield Around Your Strong Brands and Strong Domain Names With Other Domain Names
No matter how hard the tricksters try, you can try harder. Think of variants and misspellings of your domain name and register them. Register defensively in other domain name extensions and point all traffic from those domain names to your main website. Defensive registrations will help shield your brand.
Register or Block Homographs
Take steps to protect your brand from homographs which are often used in phishing and astroturfing. Homographs are words that contain characters in two or more different international scripts. An example would be an “n” with a tilde used in a Spanish word. Although an “n” with a tilde is fairly easy to distinguish from an “n,” many homographs are much more difficult to spot and can be used to trick even very careful users.
Companies panic when changed contacts or expired credit cards cause them to miss a domain name renewal, their website is down, and their emails no longer function.
For instance, a malicious person might send out emails to Google users, attempting to fool them into providing confidential account and credit card information. The source email address from the phisher might read, “info@gοοgle.com.” However, the two O’s in the email address are actually Cyrillic characters rather than the Latin “o” used on English keyboards. These differences can be quite difficult for the average email recipient to notice, and by responding, they may end up compromising their financial information.
Donuts offers a homograph protection service in its gTLDs that analyzes the content of each domain name, breaks it down into its individual characters, compares it against Unicode’s list of confusable characters, and replaces it with all viable internationalized domain name (IDN) “glyphs” supported by Donuts. This comparison results in potentially millions of IDN permutations of a brand’s trademark which may be considered confusable to an end user. Donuts offers blocking services that block those permutations from being registered by others in Donuts extensions. In non-Donuts gTLDs, you can consider some of the most likely domain name permutations for your brand based on homographs and defensively register them to protect your users.
Avoid Loss of Online Business by Ensuring Renewals
Companies panic when changed contacts or expired credit cards cause them to miss a domain name renewal, their website is down, and their emails no longer function. Protect the domain names you have, especially the domain name for your main company website and email accounts, from non-renewal by placing them on multiple calendars or docket systems and setting up auto-renewals.
Prevent Infringement by Dropcatchers by Renewing
To keep your protective shield strong, it is best to renew domain names you have. If you allow them to expire, they are often picked up by squatters using dropcatching services. It is almost always less expensive to renew a domain name than it is to fight an infringer who picks it up and begins using it to confuse internet users.
Finally, when you find out about infringements and scams related to your brand online, it is important to take action.
Lock Your Domain Names
Security of domain names is paramount. Protect the domain names you have from unauthorized transfers by using registrar lock services, and registry lock services, if they are available.
Consider Obtaining a .Brand gTLD in Next Domain Name Expansion Round
ICANN is planning another expansion round in which it will enable the launch of new domain name extensions. In ICANN-speak, this is called “Subsequent Procedures.” The Subsequent Procedures ICANN working group plans to deliver its final report in 2020. For the ultimate in security, your company could register a .brand gTLD (your brand would be after the dot), in which it would control all domain names. Absent that, it will be important to keep track of new gTLD launches and to protect your company’s trademarks in them.
Monitor and Pursue Infringers and Scammers to Care for Your Customers
Finally, when you find out about infringements and scams related to your brand online, it is important to take action. Report scams to the FBI’s Internet Crime Complaint Center, https://www.ic3.gov/ and state attorneys general. Use Uniform Domain Name Dispute Resolution Policy (UDRP) proceedings to obtain transfer of infringing domain names. Fighting against scammers builds and maintains trust with your customers.
You can help prevent truth decay and stem the tide of fakery on the internet through strong domain name selection and management. By taking the steps explained above, including choosing strong brands and domain names, defensively registering homographs and other similar names, and locking and renewing your domain names, you can help consumers feel safe trusting your company.
Jamie Nafziger is a Partner at the law firm Dorsey & Whitney, LLP and chairs the firm’s Cybersecurity, Privacy and Social Media Practice Group. With over twenty years’ domain name experience, she has helped clients obtain from ICANN and launch several new gTLDs in the 2000 and 2012 rounds of domain name expansion, including .inc, .coop, and several .brand top level domain names. With diverse internet-related legal work and writing, she has been named as one of the “Top 250 Women in IP” by Managing Intellectual Property and “Author of the Year – E-commerce” for the United States by Lexology.