Table of Contents:
Just found out there are illegal sites impersonating yours, but you don’t know how to report them?
You’ve come to the right place.
In this post, we will discuss:
Without further ado, let us begin this guide right away.
Why do scammers copy your website?
Fraudsters, scammers, and cybercriminals are always on the lookout to find any vulnerabilities they can exploit from your brand, and publishing fake and illegal sites impersonating yours is simply one of the most rewarding methods available for them.
Most cybercriminals impersonating your website do so with financial motives in mind: they are looking to make some money by riding on your brand’s popularity and credibility. While there are other motives like personal vendetta or political reasons, they are relatively rare.
So, how can cybercriminals profit from impersonating your website? Here are just a few examples:
As you can see, these illegal sites can cause detrimental effects to your website and your business as a whole, which we will discuss in the next section.
The presence of illegal sites impersonating your business can negatively affect your business in three different ways: reputational, financial, and legal.
1. Reputational damages
In this highly saturated social media and digital age, consumers have so many options of brands they can interact with and purchase from, and so they only want to deal with those they perceive as trustworthy and credible.
According to a recent study, 25% of surveyed Americans would stop doing business with companies that recently experienced a data breach. Meaning, that your online reputation can take months or even years to build, and yet even with a single mistake, you can easily lose it all in a day.
When, for example, your prospect is tricked by a phishing attempt when visiting an illegal website impersonating your brand, they will unconsciously blame you and may lose trust in your brand, even if it’s not directly your fault.
2. Financial damages
Illegal websites can hurt your business financially in several different ways:
3. Legal issues
To report and take down these illegal websites, the business may be required to pay for legal help, which can be expensive when not managed properly.
Cybercriminals can use various techniques to launch an illegal website impersonating your brand and also various methods to monetize the website. However, all of these variations of methods tend to follow this pattern:
The first step the bad actor typically takes is to register a domain name that is identical or similar to your original website (or your trademark name). This is called cybersquatting or domain name squatting.
This is a crucial step in ensuring the fake website can trick visitors into thinking that this website is legitimate.
2. Creating illegal sites
After acquiring this fake domain name, the perpetrator will start building the fake website, and they may also use the domain name to create seemingly legitimate email addresses, which they may use to launch phishing scams.
In this step, the perpetrator may use tools like HTTrack to copy your website’s content, design, and code to build a convincing illegal site that looks similar to yours, complete with your logos, color palette, and other design elements.
Their goal is to create a convincing website that looks just like your legitimate one, to trick your prospects and customers/clients into believing that the illegal site is legitimate.
3. Monetizing the illegal site
Once the bad actor has successfully convinced the website visitor that the site is legitimate, they can use various methods to monetize this visitor, including but not limited to:
Later on in this guide, we’ll learn how to effectively report these fake sites and take them down; preventing them from existing in the first place is always the better approach if you’d like to protect your brand’s reputation.
With that being said, here are a few best practices you can follow to prevent being spoofed by cybercriminals:
Make a list of your Intellectual Properties (IPs), and register them for legal protection.
Registering your IPs will provide you with legal protection when they are used by bad actors on illegal websites. This means you can get appropriate legal help in such scenarios and will be in a stronger position when attempting to take down these illegal websites.
When it comes to websites, there are at least four IPs you should register for legal protection:
A common method used by cybercriminals in creating fake websites is to register expired domain names that are not renewed by their legitimate owners.
So, make sure to renew your domain names before their expiry dates to avoid them from being exploited.
You may also want to check with your domain name registrar or hosting provider whether they offer domain ownership protection. With this protection in place, you can retain ownership of the domain name even if the domain name has recently expired, which can add an extra layer of protection for your business.
However, even if they don’t offer protected registration, typically, credible hosting providers will send you multiple notifications and reminders before the domain name’s expiry date, so you should have enough opportunities to renew the domain name.
Yet, be aware of scenarios like when you are not sure whether to continue the business or when you decide to rebrand your business with a new name. In such cases, you might not be sure whether to renew the domain name.
As a general rule of thumb, if you are not sure, it’s best to renew the domain name first rather than to be sorry later. A domain name should cost you no more than $10 to $20 per year, which is much more affordable than the potential damage when the domain name is used by cybercriminals.
So, what are your options if you’ve identified illegal sites impersonating your brand?
Below, we’ll share a step-by-step guide you can use to report these illegal sites and take them down:
Above anything else, don’t panic, and start by gathering as much information as you can about the illegal site:
Ideally, you’d want to identify the identity of the website owner or domain registrant, but if you can’t, that’s okay, and you can move on to the next step.
If you’ve confirmed that this illegal site is impersonating yours in bad faith, then the next step is to gather evidence of the malicious intent.
You can start by collecting screenshots (with timestamps) of at least the following:
There are also tools and solutions that can help you in gathering these pieces of evidence, so leverage them as much as you can. The more evidence you can gather, the easier it will be to present the case to take down this illegal website.
Before reporting the illegal site to relevant authorities, we’d recommend trying to contact the website owner first and confront them about the situation.
There’s always the possibility that they didn’t have any malicious intent and may be willing to close/transfer the website and domain name on your request.
Another possibility is that the fake website owner is looking to sell the domain name to you (the legitimate owner of the trademark) and make some money off it. In such cases, if the price is fair, although not ideal, it’s probably better to make the purchase and move on, rather than having to deal with lengthy and potentially more expensive legal processes to reclaim the domain name.
The next step after you’ve gathered the relevant pieces of evidence is to report the fake website to the relevant parties, including but not limited to:
When filing your reports to these institutions, it’s best to include:
In general, here are the steps you should follow:
Note: when reporting to Google requesting the removal of the illegal website from the SERP, keep in mind that Google receives a huge pile of DMCA takedown requests every single day, so it may take a while before they get back to you, up to a week. Providing complete evidence and proof of ownership (i.e., your registered trademark) can help speed up the process.
Illegal sites impersonating yours can be a major threat for any business with an online presence and can cause long-term or even permanent damage to your reputation and credibility.
While taking down all these illegal websites on the whole internet is fairly impossible to do (and not worth it), the actionable tips we’ve shared above can help you to report these illegal sites and legally take them down, protecting your brand’s integrity in the process.
This is where partnering with a professional Fake Domain Takedown Service can significantly help your business. Services like Red Points can leverage state-of-the-art technology to conduct real-time domain research, so you can use your time to focus on your core business tasks and grow your business instead.