April 29, 2024
Targeting the banks: a case study of the UK financial brand abuse domain landscape
David Barnett
SHARE
Facebook Twitter LinkedIn
Targeting the banks: a case study of the UK financial brand abuse domain landscape

A recent report by consumer watchdog ‘Which?’ highlighted the likely scale of the problem of fraudulent and copycat websites targeting brands in the banking industry. Off the back of this report, we carried out a landscape analysis considering gTLD (i.e. generic extensions such as .com, etc.) domains with names beginning with any of the eight major UK banking brands referenced in the Bank of England’s Resolvability Assessment Framework. This approach (ignoring domains where brand names appear elsewhere in the domain name, unbranded domain names, and other domain-name extensions) will therefore give an extremely conservative view of the full scale of the problem.

Even just using this very simple approach, significant numbers of live, potentially fraudulent sites and other infringements targeting the banking brands were identified. The findings encompassed a range of ‘tiers’ of threat severity, from explicit impersonation and phishing, through the promotion of probable non-legitimate financial schemes, to other potentially unauthorised use of branding (complaints sites, informational content, misdirection of web traffic to third-party content, etc.). Even amongst the large number of additional currently-inactive domains, there is a high potential for fraudulent use and/or subsequent ‘weaponisation’ in scam campaigns. Of additional concern is the fact that some of the high- or intermediate-threat sites have been registered for significant periods of time (up to four years in some cases).

When the analysis is extended to cover ‘fuzzy’ matches to the brand names (i.e. typos and associated variants), a large number of additional examples of concern were again identified, highlighting the extent of this approach (i.e. the use of confusingly similar deceptive brand variants) by fraudsters, and the importance of using a brand-monitoring tool able to capture these examples.

In light of these findings, it would seem that there is a need for increased regulation and legislation in the domain-name-sales industry, since in many cases there is no legitimate reason why a non-brand-owner should be registering large numbers of domains featuring variants of a trusted and rights-protected brand name.

You can read the full report here.
SHARE
Facebook Twitter LinkedIn
Tags
Online Brand Enforcement /  Domains /  Finance
Found this article interesting today?
Send us your thoughts:
Get in touch
Stobbs IP Limited
Building 1000
Cambridge Research Park
CB25 9PD
Tel. 01223 435240
Fax. 01223 425258
info@iamstobbs.com
Website Terms & Conditions
Privacy policy

German office legal notice
Cookie Declaration
Complaints Policy

Copyright © 2022 Stobbs IP
Stobbs (IP) Limited, trading as Stobbs, registered in England and Wales, Company number 08369121.
Registered Office: Building 1000, Cambridge Research Park, Cambridge, CB25 9PD.
VAT Number 155 4670 01.
Stobbs (IP) Limited and its directors and employees who are registered UK trade mark attorneys are regulated by IPReg www.ipreg.org.uk