Category Archives: Domain Name Disputes

Complaints Made About 0.0065% Of .UK Domain Names in 2017

A total of 712 complaints relating to 783 domains, representing just 0.0065% of the domain names on the .uk register, were made in 2017 according to Nominet’s annual summary of domain name disputes brought before its Dispute Resolution Service (DRS).

Over half of the complaints (55%) in 2017 in the .uk country code top level domain (ccTLD) resulted in a domain transfer. By comparison, there were 703 complaints in 2016, 53% of which resulted in a domain transfer.

The year also saw an increase to 15% in the number of disputes resolved with the domain name being voluntarily transferred to the Complainant by the Respondent upon receipt of the complaint. In 2016, 10% of complaints were resolved in this way.

“Thanks to the efficient DRS processes in place and the many Experts who generously offer their time and expertise, we can see in the numbers that the DRS is continuing to prove a useful tool for .UK customers,” said Russell Haworth, Nominet’s Chief Executive. “A steady increase in the number of .uk second level domain names being disputed year on year – almost doubling since 2015 – also reflects how the shorter domain is increasing in popularity and importance for individuals and businesses.”

Brands such as Jaguar Land Rover, Clydesdale Bank Plc, Virgin Enterprises Limited, Moncler S.p.A., “Dr. Martens” International Trading GmbH and the Sony Corporation used the DRS in 2017.

Other users of the service included St Neots Town Council, the fashion designer Philipp Plein, The Commissioners For HM Revenue And Customs, The Secretary Of State For Health and Puddy Cats Cattery in Maplethorpe.

“The increase in disputes relating to .uk second level domains is an interesting point. The Right of Registration that some .co.uk Registrants hold over the corresponding .uk domain name comes to an end on 10 June 2019,” said Nick Wenban-Smith, General Counsel at Nominet. “In the next two years this could lead to a further increase in the number of .uk domain names being subject to disputes as more and more potentially desirable names are made available to be registered on a first-come first-served basis. To avoid such a dispute, it’s important for .co.uk owners to review their options and act sooner rather than later.”

In their announcement, Nominet highlighted the following cases resolved through what they describe as their award-winning Dispute Resolution Service (DRS):

  • guntree.org.uk

The Complainant, Gumtree.com Limited, is  a wholly owned subsidiary of eBay Inc. It operates an online classified advertisement website, and has registered the trade mark “GUMTREE”.  The Respondent argued that GUNTREE has been derived from the artistic concept of a tree made of guns or an artistic gun made from wood.  GUNTREE advertises weapons to a specific market and therefore, does not offer the same services as the Complainant.  The independent Expert agreed with the Complainant’s claim that there is an overlap between the two sites which is likely to confuse Internet users.  Domain transferred.

  • victoriasecretbeauty.co.uk

The Complainant was Victoria’s Secret, an American designer and manufacturer of women’s lingerie and beauty products. The Respondent was a beauty therapist, operating a salon in Mayfair, London.  The Respondent claimed not to have known about the Victoria’s Secret brand at the time when the Domain Name was registered. In the view of the Expert, “this is not a credible claim, particularly taking into account that the Respondent operates in field of beauty services”.  Domain Transferred.

  • cybfx.co.uk

The complaint was brought by Clydesdale Bank PLC (Clydesdale and Yorkshire Bank), after they found that the domain name had been registered by someone who was asking for almost £100,000 in return for transferring the registration. The Expert agreed with the Complainant: that on the balance of probabilities the Respondent noted the Complainant’s trade mark application and purposefully registered the domain name in order to then sell it specifically to the Complainant at a later date.  Domain Transferred.

  • dignity.co.uk

The Complainant was Dignity Funerals Ltd, and the Respondent was an individual who had previously entered into a coexistence agreement with the Complainant’s predecessors in title, providing financial and insurance services through his companies.  The Expert stated “it does not appear the Respondent is doing anything that is confusing Internet users”, and that “dignity.co.uk shall remain with the Respondent”.  The Complainant appealed against this decision, but a panel of three members of the DRS Experts’ Review Group dismissed the appeal, whilst upholding a finding of ‘Reverse Domain Name Hijacking’ – using the DRS in bad faith.

Nominet also highlighted the following additional statistics:

  • In 2017 there were three appeals. Two appeals upheld original No Action findings. In the third Appeal case, the Appeal Panel agreed to combined two cases together for a review and two domain names were returned to the original Registrant.
  • The most common industries were Automotive (9) Electronics and Fashion (8 respectively), Retail (7) and Banking & Finance (6)
  • The year saw cases bought by complainants from 29 different countries, led by the UK (553) followed by the US (42), Germany (27) and France (20). Respondents came from 34 different countries. Again, the UK leads with 598 respondents, with the US second (17) and China third with 15
  • The overall average length of time DRS cases take from being filed to being closed was 57 days
  • Mediated cases took an average of 56 days to resolve in 2017 compared with 47 days in 2016. Cases being resolved by a Summary Expert decision took the same time that they did in 2016 (62 days), whilst Full Decision cases took on average 4 days less.
  • The majority of cases (87.5%) involved .co.uk domains, 6% were .org.uk or .uk domains and 0.5% were .me.uk
  • Court costs avoided in 2017 were almost £7 million – assuming court and legal fee savings of £15k per complaint that progresses into formal dispute resolution

Domain Name Renewal Scam sees 2 Australian Companies Fined $1.95M

The Federal Court of Australia has ordered 2 companies to pay a combined fine of A$1.95 million (US$1.46m) for trying to lure Australian businesses into a fraudulent domain name renewal scheme. The court ordered Domain Corp Pty Ltd and Domain Name Agency Pty Ltd (also trading as Domain Name Register) pay the combined penalties for breaching the Australian Consumer Law.

From November 2015 to at least April 2017, the two companies sent out approximately 300,000 unsolicited notices to businesses, which looked like a renewal invoice for the business’s existing domain name. Instead, these notices were for the registration of a new domain name at a cost ranging from $249 (US$186) to $275 (US$206).

The Court declared that the Domain Companies made false and misleading representations and engaged in misleading and deceptive conduct in sending these notices. Australian businesses and organisations paid approximately $2.3 million to the companies as a result of receiving the notices.

“The Domain Companies misled businesses into thinking they were renewing payment for the business' existing domain name, when in fact the business was paying for a new domain name,” ACCC Acting Chair Delia Rickard said.

The Australian Competition and Consumer Commission, which took the companies to court, is warning any business or consumer receiving a renewal notice for a ‘.com’ or '.net.au’ domain name to check that the notice is to renew their proper domain name.

“These sham operations target small businesses, capitalising on a lack of understanding of the domain name system or a busy office environment. We encourage businesses to be vigilant when paying invoices, especially if it is for a domain name registration service,” Ms Rickard said.

The Court also declared that the sole director of both Domain Companies, Mr Steven Bell (also known as Steven Jon Oehlers), was knowingly concerned in, and a party to, the conduct.

The Court made other orders by consent, including injunctions for three years against each of the companies and for five years against Mr Bell. These injunctions include a requirement that if any of the parties decide to send out further notices, each notice has to prominently include the words, “This notice does not relate to the registration of your current domain name. This is not a bill. You are not required to pay any money”.

The Court also made an order disqualifying Mr Bell from managing a corporation for five years and ordered him to pay costs to the ACCC, fixed at $8,000.

DomainTools Find Cybercriminals Using Typos to Spoof Top UK charities

Cybercriminals are using fraudulent domains to lure unsuspecting members of the public towards spoofs of well-known UK charities, for malicious purposes, according to the results of a DomainTools investigation.

Following on from the National Cyber Security Centre’s warning that cybersecurity poses the most serious threat to UK charities, DomainTools selected ten well-known and popular charitable organizations in the UK to analyse, and found that every charity selected was being spoofed online by cybercriminals, who often used typos in order to dupe unsuspecting Internet users. The team analysed domains associated with Cancer Research, The National Trust, NSPCC, Oxfam, The Red Cross, Salvation Army, Wateraid, Save The Children and Unicef. In total, over 170 domains were deemed high-risk for phishing, malware and other forms of cybercrime. Some examples of fraudulent domains with risk scores of 100 – the highest possible score – include:

  • fundraisecancerresearch[.]org
  • nationltrust[.]org
  • nspcv[.]org
  • oxfamsol-mail[.]be
  • redcroas[.]com
  • salvationarmycapitalregion[.]org
  • svaethechildren[.]org
  • sheltern[.]com
  • unicefpro[.]org
  • vistwateraid[.]org.

“It remains incredibly easy for anyone to purchase an available domain,” said Tim Helming, director of product management at DomainTools. “This is part of what helps keep the Internet open and democratic, but it also helps cybercriminals exploit users. In this case the spoofing of charity websites has the added benefit of exploiting people’s wish to donate to these charities, making them a particularly lucrative target.”

Explaining the method by which these websites will be introduced to Internet users, Helming explained “these domains will often be directed towards people via email or SMS phishing campaigns, which hope to encourage users to click on seemingly legitimate looking links such as those included above, which in turn begins another cycle of cybercrime. Phishing can be used by criminals simply to gain credit card or banking information, or as a gateway to install malware on a device or network, which leads to even more serious crimes such as data breaches and or identity fraud.”

DomainTools offers top tips for consumers to avoid falling foul of a spoof website:

  • Watch out for domains that have the pattern com-[text] in them. We’re so accustomed to seeing .com that we can easily overlook the extra text that’s appended to it with a dash.
  • Look for typos on the website, coupon, or link that is directing you – for example, check for extra added letters in the domain, such as Yahooo[.]com.
  • Look out for ‘rn’ disguised as an ‘m’, such as modem.com versus modern.com.
  • Watch all website redirects by hovering over URLs to see where the link will take you.Realise that if something is too good to be true, it likely is.
  • Get into the habit of hovering your mouse over links, and then looking for a pop-up that shows what domain the link points to. Typo domains can often be exposed using this method. Chrome and Firefox both have this feature.

EURid Alternative Dispute Resolution Fee Promotion Continues in 2018

EURid logoEURid has announced the promotional fee for disputing .eu and .ею domain names will remain at €1,000 for 2018. The fee covers Alternative Dispute Resolution cases for EURid’s top level domains lodged both bodies able to hear disputes – the Czech Arbitration Court (CAC) and the World Intellectual Property Organisation (WIPO Center).

The €1,000 discount applies to all complaints filed, irrespective of the number of domain names disputed and panel type requested.

For more information about the ADR Schedule of fees, see the CAC or the WIPO Center.

If you want to dispute a .eu or .ею domain name registration and believe that you have a prior right (within the EU or EEA) to the domain name (e.g. you hold a trademark, trade name, company name, family name, etc) and the current holder has registered or uses the domain name in bad faith, you can challenge its registration by initiating an ADR procedure in accordance with the ADR rules.

EURid Publish 2017 Disputes in Numbers

EURid logoSince June 2017 when EURid commenced its Alternative Dispute Resolution (ADR) partnership with WIPO for their .eu and .ею there have been 13 ADR disputes involving 14 domain names.

Of the 13 ADR disputes lodged with WIPO, 6 have resulted in domain name revocation or transfer, 2 were terminated by the complainant and 5 are still pending review. The most notable case processed thus far concerned the revocation of Instragram typosquatter (using an “l” instead of an “i”) ‘lnstagram.eu’.

For those who believe they may want to dispute a .eu or .ею domain name registration and believe that they have a prior right (within the EU or EEA) to the domain name (e.g. hold a trademark, trade name, company name, family name, etc) and the current holder has registered or uses the domain name for speculative or abusive purposes, registration can be challenged by initiating an Alternative Dispute Resolution (ADR) procedure. ADR rules apply.

Criminals Increasingly Using “Combosquatting” To Deceive Internet Users

Criminals online are increasingly using “combosquatting” to deceive internet users. The practice takes advantage of internet users being increasingly encouraged to check the domain name in an internet address before clicking on links. Combosquatters take advantage of this, using domain names with a familiar trademarks, but including additional words resulting in being taken to a website selling counterfeit goods, harvesting personal and financial information or installing malware.

Researchers from Georgia Tech and Stony Brook University in the U.S. conducted what is believed to be the first large-scale, empirical study of combosquatting. The work was supported by U.S. Department of Defense agencies, the National Science Foundation and the U.S. Department of Commerce.

The researchers explained that attackers might register familiarbankname-security.com or security-familiarbankname.com. Unwary users see the familiar bank name in the URL or web address, but the additional hyphenated word means the destination is very different from what was expected. The result could be counterfeit merchandise, stolen credentials, a malware infection – or another computer conscripted into a botnet attack.

The attack strategy, known as combosquatting, is a growing threat, with millions of such domains set up for malicious purposes, according to a new study presented in late October at the 2017 ACM Conference on Computer and Communications Security (CCS).

“This is a tactic that the adversaries are using more and more because they have seen that it works,” said Manos Antonakakis, an assistant professor in the School of Electrical and Computer Engineering at the Georgia Institute of Technology. “This attack is hiding in plain sight, but many people aren’t computer-savvy enough to notice the difference in the URLs containing familiar trademarked names.”

Combosquatting differs from its better-known relative, typosquatting, in which adversaries register variations of URLs that users are likely to type incorrectly. Combosquatting domains don’t depend on victims making typing errors, but instead provide malicious links embedded in emails, web advertising or the results of web searches. Combosquatting attackers often combine the trademarked name with a term designed to convey a sense of urgency to encourage victims to click on what appears at first glance to be a legitimate link.

“We have seen combosquatting used in virtually every kind of cyberattack that we know of, from drive-by downloads to phishing attacks by nation-states,” said Panagiotis Kintis, a Georgia Tech graduate research assistant who is the first author of the study. “These attacks can even fool security people who may be looking at network traffic for malicious activity. When they see a familiar trademark, they may feel a false sense of comfort with it.”

For their study, the researchers began with the 500 most popular trademarked domain names in the United States, and excluded certain combinations made up of common words. They separated the domains into 20 categories, then added two additional domains: one for politics – the study was done before the 2016 election – and another for energy.

With the resulting 268 trademark-containing URLs, they set out to find domain names that incorporated the trademarked name with additional words added at the start or end. They searched through six years of active and passive domain name system (DNS) requests – more than 468 billion records – provided by one of the largest internet service providers in North America.

“The result was mind-blowing,” said Kintis. “We found orders of magnitude more combosquatting domains than typosquatting domains, for instance. The space for combosquatting is almost infinite because attackers can register as many domains as they want with any variation that they want. In some cases, registering a domain can cost less than a dollar.”

In the six-year data set, the researchers found 2.7 million combosquatting domains for the 268 popular trademarks alone, and the combosquatting domains were 100 times more prevalent than typosquatting domains. The combosquatting attacks appear to be challenging to combat, with nearly 60 percent of the abusive domains in operation for more than 1,000 days – almost three years. And the number of combosquatting domains registered grew every year between 2011 and 2016.

Among the malicious domains, the researchers discovered some that had previously been registered by legitimate companies which had combined words with their trademarks. For some reason, those companies permitted the registrations to lapse, allowing the trademark-containing domain names – which once led to legitimate sites – to be taken over by combosquatting attackers.

In many cases, malicious domains were re-registered multiple times after they had expired, suggesting an improvement in “internet hygiene” may be needed to address this threat.

“Imagine what happens in a city when the garbage isn’t picked up regularly,” Antonakakis said. “The garbage builds up and you have diseases develop. Nobody collects the garbage domains on the internet, because it’s nobody’s job. But there should be an organization that would collect these malicious domains so they cannot be reused to infect people.”

More stringent anti-fraud screening of persons registering domains would also help, he added. “We don’t want to prevent legitimate users from getting onto the internet, but there are warning signs of potential fraud that registrars could detect.”

WIPO tackles first .EU ADR case

EURid logoWIPO was appointed as a .eu and .ею Alternative Dispute Resolution (ADR) provider on 1 June 2017. Since then, WIPO has already filed nine .eu ADR complaints, the first of which concerning the revocation of Instagram copycat, ‘lnstagram.eu’.

The complainant, Instagram LLC, deemed that the domain name, ‘lnstagram.eu’ could be confused with their registered trade names, as the first letter of the domain name is in fact an ‘L’, not an ‘i’, which deliberately created and caused confusion among Internet users. The ‘lnstagram.eu’ registrant had no affiliation with Instagram LLC and was hence never authorized to license or use the Instagram trademark in any way, either as a domain name or otherwise. Moreover, WIPO considered ‘lnstagram.eu’ to be registered in bad faith and used with mal intent, which ultimately led to their decision to revoke the domain name on 8 September 2017.

Of the nine complaints filed since the start of our partnership with WIPO, five have been successfully processed, leading to either domain name revocation or transferring to the complainant.

With both WIPO and the CAC by our side, we look forward to continuing to make the .eu and .ею community secure and trustworthy.

To learn more about the decision, visit the official case page.

This EURid announcement was sourced from:
https://eurid.eu/en/news/wipo-eu-case/

Nominet Sees 0.0074% of .UK Domains Disputed in 2016 as 3rd Level Registrations Drop, 2nd Level Rise

Nominet saw a small drop in complaints in 2016, with 25 fewer complaints for the 12-month period than in 2015. The 703 complaints related to 785 domain names, according to their 2016 annual summary of domain name disputes brought before its Dispute Resolution Service (DRS). The disputed .uk domain names in 2016 were 0.0074% of all domain names under management (DUM), or registrations.

In the same period total registrations dropped marginally by 44,882 from 10,637,764 at the end of 2015 to 10,592,882, or 0.4219%. Interestingly, and not unexpectedly, third level .uk registrations have been shrinking (from 10,140,436 to 9,972,226) while second level registrations have been growing (from 497,328 to 620,656) in the same 12-month period.

Of the complaints, over half resulted in a domain transfer, which was the same as the previous year (53%). 2016 also saw a 10% increase in the number of summary decisions made by DRS independent Experts, who support the DRS by giving their time and professional expertise to help resolve disputes when needed.

“While only a small proportion of domain names overall – 0.0074% of the .UK register – resulted in a dispute in 2016, the DRS continues to provide an efficient and cost effective way of resolving those that do arise,” said Russell Haworth, Nominet’s Chief Executive. “In fact, we should not underestimate the value of the service as £7million could have been saved on legal fees last year alone, thanks to the efficient process in place and the many volunteer Experts who generously offer their time and expertise.”

Brands such as Facebook Inc, O2 Worldwide, Jaguar Land Rover Limited, Virgin Enterprises Limited, JD Sports Fashion Plc and Anne Summers Ltd used the DRS in 2016.

Other users of the service included Brighton & Hove Albion Football Club, The National Council For Voluntary Organisations, the National Council For The Training Of Journalists, Wembley Primary School and PAGE, a campaign against gravel extraction in South Oxfordshire.

Nominet provided a number of statistics on the 2016 disputes:

  • In 2016 there were 5 appeals, with 4 original decisions being upheld. One appeal overturned a No Action decision to a Transfer decision.
  • The most common industries were automotive and Internet (14 each); retail (12); software and sports (7 and 6 respectively).
  • The year saw cases brought by complainants from 28 different countries, led by the UK (570) followed by the US (46), France (13) and Germany (10). Respondents were widely dispersed, coming from 35 different countries. Again, the UK leads with 570 respondents, with the US second (22) and St Kitts and Nevis third (16).
  • Mediated cases by Nominet took an average of 47 days to resolve in 2016, compared with 41 days in 2015, and 47 days in 2014. Cases being resolved by an Expert decision also took slightly longer to close than in 2015.
  • The majority of cases (91%) involved .co.uk domain names, with 4% of cases involving a .org.uk domain. The .uk domain names, launched in June 2014, made up 4% of cases in 2016, an increase on the 3.5% in 2015 and 1.6% from 2014.

“Almost 12,000 Complaints have been made to the DRS since 2001 with more than half of these resolved between the parties directly, through mediation, or an Expert. With millions of small businesses and individuals now in possession of a domain, it’s also important to bear in mind that the DRS recognises a wider class of rights than simply trademarks,” said Nick Wenban-Smith, General Counsel at Nominet. “So, if someone has the rights in a name which is the same as or similar to a .UK domain name they are concerned about and they can provide proof that the domain name has been registered or used in a manner that has or might cause unfair detriment, then the DRS is a good first port of call to address those concerns.”

 

US Bullies Costa Rica and Refuses to Obey Local Laws Over Pirate Bay Domains

The United States Embassy in Costa Rica has been pressuring the local ccTLD operator, NIC Costa Rica, to take down thepiratebay.cr domain name with increasing urgency as the registry resists. And if they refuse there have been threats to take the registry operation away from NIC Costa Rica.

In a letter to ICANN’s Governmental Advisory Committee [pdf], Dr. Pedro León Azofeifa, President of the Costa Rican Academy of Science, parent of NIC Costa Rica, advises that since 2015 the US Embassy in Costa Rica, representing the interests of the US Department of Commerce, who in turn is acting on behalf of American intellectual property interests, has frequently contacted the registry operator regarding the domain name for one of the leading websites providing access to an index of digital content, much of it pirated. The Pirate Bay has been operational since 2003 and has moved to several top level domains, and sometimes back again, as court cases and government, mostly US, pressure to delete the torrent site’s domain names.

The country code top level domain operator writes that The Pirate Bay has more than 70 domain names registered worldwide. They further advise the GAC that the interactions with the US Embassy “have escalated with time and include great pressure since 2016 that is exemplified by several phone calls, emails and meeting urging our ccTLD to take down the domain, even though this would go against our domain name policies.” The letter also notes that the US Department of Commerce has urged the Costa Rican “Ministry of Commerce to carry out an investigation as to why our local Ministry of Commerce to carry out an investigation as to why our organisation does not take down this domain, even though the process they ask us to follow goes against our current domain name policies.”

NIC Costa Rica advises the GAC that the “Ministry of Commerce has carried out an investigation and informed us that NIC Costa Rica was acting following best practices and has clear mechanisms to take down domain names that required a local court order. The representative of the United States Embassy, Mr. Kevin Ludeke , Economic Specialist, who claims to represent the interests of the US Department of Commerce, has mentioned threats to close our registry, with repeated harassment regarding our practices and operation policies and even personal negative comments directed to our Executive Director , based on no clear evidence or statistical data to support his claims as a way to pressure our organisation to take down the domain name without following our current policies.”

The registry notes their “domain policies work in accordance with the Tunis Agenda for the Information Society.” The registry goes on to note that “in accordance with these guidelines, when confronted with a conflict related to a domain name registered under .cr, which infringes upon the legislation pertaining to intellectual property, the registration of marks, or in which there is a crime including–but not limited to–drug trafficking, child pornography, human trafficking, or bank fraud, then NIC Costa Rica will proceed to eliminate the domain name if ordered to do so by a final judgment from the Courts of Justice of the Republic of Costa Rica.”

The registry has advised the US Embassy that they need to have a local court order in order to proceed to take down or block any domain as exemplified above. However, despite these arguments, the pressure and harassment to take down the domain name without its proper process and local court order persists.”