How to report domain abuse

Last updated on: August 24, 2023

Today, more and more brands, businesses, and digital content owners are subjected to domain abuse. This cybercrime has become prevalent, first, because of the continuing rise of Internet use. From banking, communication, shopping, and even to dating, most of our activities are and can be accomplished online. Of course, this presented growth opportunities for cybercriminals to perpetrate domain abuse.

Aside from this, domain abuse is on the rise given that it is easy to register domain names, and perpetrators take advantage of this for malicious purposes. Specifically, what they do is register a domain name that is confusingly similar to a legitimate website, thus tricking consumers into accessing an entirely different page–one that can steal confidential information, payment details, and more.

If you are a brand owner generating revenue from website clicks and sales, then you must know how serious a problem domain abuse is for your brand. Consumer distrust and revenue losses are one of the negative repercussions of not knowing how to avoid and fight domain abuse. In today’s article, we are going to learn how to properly address domain abuse as a cybercrime, in order to prevent someone else from unjustly profiting from your domain name. Specifically, we are going to answer the following questions:

• What is domain abuse?
• What are the ways domain abuse is committed?
• How is domain abuse detected and identified?
• How can domain abuse be reported?

What is domain abuse?

For a clearer understanding of what domain abuse is, it would be good to do a quick recall on the concept of a domain name. To recap, a domain name is a unique string of text that forms part of an internet address. It is the string of letters web users type in the search bar to access a website. Essentially, a domain name should be unique and cannot be shared by any two or more websites.

In the most basic terms, domain abuse is the unauthorized use of a domain name. It is when cybercriminals register domains for malicious purposes. This could be to steal credentials and other sensitive personal information, divert website traffic, or sell fraudulent items. If you are a brand or digital content owner, any of these malicious purposes, among others not mentioned, can negatively impact your income or your business as a whole.

Domain abuse is committed in different ways: 

• Typosquatting: This targets web users who incorrectly type a URL into their browser, and tricking them into visiting an unintended and malicious website. Cybercriminals use common misspellings of legitimate websites, such as your business’ website for instance, to deceive the user.
• Replacing the country code top-level domain (TLD): Here, the cybercriminal intentionally changes the country code of a legitimate website, but retains the domain name, to lead the web user into an entirely different page. For instance, a legitimate website that has a .us country code TLD may be replaced into country code TLDs of other countries (.ru, .cn, or .in, for example), which actually leads to a malicious website when accessed.
• Using a country code TLD to replace .com or other general TLDs: Domain abuse may also be committed by retaining the domain name of a legitimate website like the previous example but changing .com or such other general TLDs (.org or .net, for example) to a country code TLD.

How is domain abuse detected and identified?

To be able to effectively monitor, detect, and identify cases of domain abuse, you will need technology and expertise. Whether you choose to hire your very own security team to do the job for you or take matters in your own hands, specialized tech knowledge and skills are what you need in order to detect and fight domain abuse.

Manual detection

For starters, the most basic step in domain abuse detection is looking up another domain that you suspect is taking advantage of your own. Using the simplest technologies available, particularly, any Internet-connected device, you can do a manual search of particular web addresses that you suspect are in operation for any malicious or illicit purpose. To reiterate, these are domain names that are confusingly similar to yours. These lead your online market to believe that they are accessing your business website when, in fact, they are being tricked into entering a malicious and illegitimate page.

Provider-assisted detection

Another way to detect and identify domain abuse is to seek out the assistance of your web hosting provider. Some providers will offer this service, which can be very effective at identifying the involved domains so that you can blacklist, buy or disable them in some other way. 

Third-party automated detection

When domain and brand abuse becomes a recurring problem, website owners may prefer an automated brand abuse detection solution to handle the issue. Red Points’ Domain Takedown Service scrawls the web to identify potential domains infringing your trademarks. You will have the opportunity to validate those infringements and file enforcement requests that can be automatically sent on your behalf, depending on your preferences. In addition to identifying domain portfolio gaps, this service will help you acquire and register high risk domains and prevent future attacks.

How is domain abuse reported?

Much like detecting domain abuse, reporting it can be done manually or automatically. For instance, Red Points’ Domain Takedown Services can automate the process of monitoring and detection of infringement. This includes sending personalized requests, negotiations, or follow-ups with the concerned domain owners, as well as submitting complaints to the appropriate administrative bodies to enforce your right against domain abuse. 

If you are dealing with a single infringement or infringer, you can report directly to the concerned domain name registrar. As a specific example, if the suspected domain name is registered with Google Domains, injured individuals/businesses may report the abuse directly to Google. Each reported domain abuse creates a ticket in its system which will then be reviewed manually by a Google Domains support agent. If the type of abuse is within scope, and if it is sufficiently proven that the domain abuse violates Google Domains’ Terms of Service, the concerned domain may be suspended. 

Domain name reporting may also be done with and through non-profit, public-benefit corporations such as the Internet Corporation for Assigned Names and Numbers or the ICANN. The ICANN particularly addresses registrar-related domain abuse complaints. Thus, the ICANN can only assist in a domain abuse case if it has already been brought to the attention of the sponsoring registrar, and sufficient time has been given for the concerned registrar to review and respond to the complaint.

What’s next?

Domain abuse is a growing problem that deceives consumers by stealing their personal information or selling counterfeit products. Primarily, this information implies that if domain abuse, or threats of it, are not handled appropriately, it may lead to serious revenue and consumer trust losses. It is important for brands, businesses, and digital content owners to monitor and report domain abuse whether it’s manually or automatically.

Red Points’ Domain Management tool provides automated protection for your business against infringing domains. Check new and historical domain registrations using your trademarks and fill resolution actions to suspend, cancel, or recover domain names.

All in all, taking steps to protect your domain name is critical to ensure the longevity of your business. Read more about Red Points’ Domain Management and Takedown services or book a 15 minute consultation today.