Your Cyber Intelligence Source

What is a “scad”? Scads are deceptive sponsored search results that usually appear at the top and along the side of a web page. Deceptive sponsored search results (scam ads or scads) happen when advertisers misrepresent themselves by using brand names they aren’t affiliated with or authorized to use. This unauthorized use of a well-known brand can lead to consumer confusion, lost brand equity or worse.

Studies have shown that the majority of online consumers, over 90%, do not recognize the difference between a paid search result and a natural search result. While most online advertising using another company’s trademark is fairly innocuous and may eventually lead a consumer to a corporate website, many divert traffic away from the intended location.

Some online ads even go beyond simple brand misuse to blatantly deceptive ad language and positioning. In some cases, the purpose of the scad is to commit identity theft. By positioning bogus, or easily compromised, reservation or purchase pages criminals can easily capture personal credentials for illegal use. Even more alarming is the presence of malware. It has begun to appear in the underlying URLs of some advertisers; the exact rate of malware presence is unknown.

Recently, Cyveillance gave official support to an organization focused on combating this form of bait-and-switch and educating consumers. The Alliance Against Bait and Click (AABC), www.stopscads.org, launched in late July 2008 with the purpose of educating the average consumer about scads and ways to combat them.
The AABC is comprised of a diverse group of leading experts, organizations, and companies working together to stop bait and click and to make deceptive sponsored search results a thing of the past. Currently, many of the member organizations come from the hospitality industry but is quickly expanding to others that are sensitive to this issue. If your company is interested in joining, watch for upcoming meetings on the subject.

Cyveillance has long been aware of these scams and continually educate our clients about this form of brand dilution and traffic diversion.  For several years now Cyveillance has offered a Paid Placement Monitoring Solution to assist clients in identifying individuals or companies who bid on their trademarks and/or are using their brand without authorization.

For more information on Cyveillance or the AABC, please contact your Cyveillance Analyst or visit the AABC website at www.stopscads.org.

Cyveillance has recently observed an increase in the volume of spam email related to a domain registration scam. This scam typically targets individuals in Fortune 500 companies and attempts to create a sense of urgency around the need to register country code top-level domains (ccTLDs) before a fictitious holding company purchases them, making them unavailable. Many of the ccTLDs we have seen include:

•    net.cn
•    org.cn
•    hk
•    tw
•    com.tw
•    asia

The scammers portray themselves to be good corporate citizens by informing companies of the registration inquiry. However, we know better. Their agenda is to try to entice the target company to register the Asian domains quickly at a superficially high rate.

Cyveillance recommends the following actions if/when someone in your organization receives one of these emails.

1.    Follow your company’s Domain Registration Policy. If you would like to own any of the domain names listed in the scam email, contact a reputable registry to purchase these domains though your normal channels.
2.    Delete and ignore the messages as you do with conventional spam. You are not required to take any action, so do not respond or engage in negotiations with the scammers at all.
3.    It is still your trademark/brand and you have a right to defend it. You should not be extorted into buying domains prematurely. If any of the domains listed in the emails are ever registered by companies that do not have a relationship with you, you have the right to send Cease & Desist letters or to engage in the UDRP process to recapture that domain.

Shown below is just one example of the emails received.

From: xxxxxxxxxxxxxxxxxxxxxxxxxx
Sent: Wednesday, August 20, 2008 5:18 AM
To: xxxxxxxxxxxxxxxxxxxxxxx
Cc: Platinum Card Mailbox
Subject: xxxxxxxxxxxxxxxxx Domain Names

Dear CEO,

We are SK Net Service Company Ltd, which is the domain name register center in China.I have something need to confirm with you.
we have received an application formally,one company named “MAIRHK Holdings Limited” applies for the domain names
xxxxxxxxxxxxxxxx.net.cn
xxxxxxxxxxxxxxxx.org.cn
xxxxxxxxxxxxxxxx.hk
xxxxxxxxxxxxxxxx.tw
xxxxxxxxxxxxxxxx.com.tw
xxxxxxxxxxxxxxxx.asia
and the internet Brand Name(xxxxxxxxxxxxxxxx)on the internet  Aug 19, 2008. We need to know the opinion of your company, because the domain names and keywords may relate to the usufruct of brand name on internet.
we would like to get the affirmation of your company, please contact us by telephone or email as soon as possible. Please let someone in your company who is responsible for trademark or intellectual right contact me freely.

Best Regards,

Rock.Tian
Sponsoring Registrar:
SK Net Service Company Ltd
Add: 3A, Units 20/F, Far East Consortium Bldg,
121 Des Voeux Road, Central, Hong Kong
Tel: +852-3075 9838
Fax:+852-3177 1510  +852-3177 1520
website:www.sknetservice.hk

Beginning May 5, 2008, Google will no longer protect brand holders against competitors bidding on their trademarked terms in pay-per-click advertising.  Previously, Google Adwords policy allowed trademark holders to eliminate the unauthorized use of their trademarks as bid terms by competitors.   Brand Republic has the story here.

At best, the policy change will increase bid prices requiring advertisers to pay more for ads triggered by their own marks.  At worst, the policy may result in more widespread customer diversion as well as increase fraud-related activity that uses pay-per-click as the attack vector.

It appears that the recently retired Oldsmobile brand will soon return as a Japanese car. Even more surprising, Toyota was able to obtain the rights to the Olds brand because GM failed to process the appropriate paperwork to re-register the brand name. Read about it here.

There can’t be an easy to way to tell your boss that you just lost a 100+ year old brand to a procedural error. On the positive side, Oldsmobile may now see their reliability ratings soar.