Preventing the creation of similar and fraudulent domains
Hello,
I am a representative of a shipping company that is very often under attack by fraudsters who create and send links to sites that look similar to our official ones and have a part of our name in the domain, which confuses users and in good faith allows them to be deceived on the site.
Through analysis, we found that almost all of these exposed attempts are registered or hosted on Cloudflar.com.
Does this company/service offer any option if we authenticate with them as authorized domain owner, that if an attacker tries to use their services and as a hosting domain, or directly register a similar sounding domain, it would be automatically blocked by the Cloudfield provider and prevented from completing the process?
Alternatively, preventive treatment in another way, so that the attacker does not succeed in getting the fraudulent content or domain out globally?
Thank you very much in advance!
2 Replies
In terms of preventative measures, almost certainly not. Even if you owned a Trademark for the name and it was globally recognized, no registrar would prevent the registration of similar sounding domains as even trademark ownership doesn't give you the legal right to preemptively assume maliciousness and control all possible similar combinations of the name at the registration stage.
Your analysis shows that most of this is hosted at Cloudflare, but this is mostly due to the fact that Cloudflare is used on almost 20% of every website in existence.
The best you can do is keep an eye out and report any fraudulent domains to the registrar (whether that's CF or anyone else), as well as report the domains to services like Google Safe Browsing so they're flagged as phishing sites.
I assume that just notifies them of domains that match a pattern they choose though right? They still won't be able to do anything preemptively like OP wants.
thanks a lot for the comments. The problem is that they then create names such as:
- companyName-hu.website
- companyName-de.online
- companyNamexpl.fun
- etc...
but also targets subdomains
- companyName.track124325.online
- companyName.confirm9686328.website
- companyName.order3848W74.fun
- etc...
I understand that although we own the official domain companyName.com/de/hu/pl/cz/sk/ etc. ... we do not have any trademark that it must be our domain only and rightfully ours.
Also, it is not possible in all languages and countries of business to own all similar domains that can somehow be incorporated verbally.
Is it possible to combat this somehow from the CF side of both the registrar and the hosting?
Does the Enterprise tier offer any possible solutions?