As holiday shopping nears, MarkMonitor Brandjacking Index reveals 10-fold spike in phish attacks to retail and services brands over last quarter.
November 12, 2007; 09:00 AM
SAN FRANCISCO -- MarkMonitor®,
the global leader in enterprise brand protection, today released the
Autumn 2007 Brandjacking Index™, exposing online holiday shopping risks
that endanger consumers including the online sale of recalled toys and
sophisticated gift card and phishing scams.
The findings show that recalled toys continue to be available for sale
on online auction sites and questionable e-commerce sites, as well as
through business-to-business exchange sites that sell in bulk to online
and brick-and-mortar retailers. Gift card scams demonstrate an
ever-increasing level of sophistication in luring consumers to reveal
identity information. Phishing attacks against retail and services
brands jumped 1,100 percent jump since last quarter now representing 40
percent of all attacks.
“As the holidays approach, buyers should be wary of online scammers
and irresponsible vendors who are abusing reputable brands to make a
profit,” said Irfan Salim, president and chief executive officer of
MarkMonitor. “The Internet has introduced a boundless,
multi-jurisdictional playing field that regulatory and industry bodies
cannot fully control. Ultimately, brandholders are responsible for
protecting the consumers who trust their brands and their supply chains
from fraudulent and questionable Internet practices.”
The quarterly MarkMonitor Brandjacking Index is an independent report
that measures the effect of online threats to brands and investigates
trends, including drilled-down analysis of how the most popular brands
are abused online and the industries in which abuse is causing the most
damage. In addition to ongoing tracking of 30 leading brands as
identified by Interbrand, the autumn report includes a research focus
on the online holiday shopping risks consumers face including the sale
of recalled toys, abuse of top online retail brands and gift card scams.
The report’s analysis of online toy sales is based on nine popular toy
brands including four toys recalled for lead paint or loose small
parts. Retail brand and gift card abuse is based on four leading
Following are select findings from the MarkMonitor Autumn 2007 Brandjacking Index:
Recalled toys, risky online channels, misdirecting e-commerce
sites and questionable gift card offers put consumers’ safety and
identities at risk while shopping online
30% of online auctions for toy brands that have experienced recalls
continue to sell products after they have been recalled for lead paint
or loose small parts.
- 83% of auction listings selling
recalled toys ship from the U.S., more than all other countries
combined. The United Kingdom is the second largest at 6%.
8% of business-to-business exchange site listings for toy brands that
have experienced recalls continue to sell products after they have been
recalled. Over one million toys are available on exchange sites on a
- Spam offers for retail gift cards lures
consumers into providing sensitive personal information; Deep price
discounts suggest stolen or counterfeit gift cards.
33% of paid search listings for the four major online retailers
misdirect consumers to un-related, questionable sites.
Phishers are organizing into networks and using increasingly sophisticated tactics
attacks against retail/services targets jumped 1,100 percent since last
quarter; retail and auction sectors combined now make up 39 percent of
all phishing attacks.
- U.S. leads phish hosting countries with 25% of phishing web sites.
- Phishers are using more automation, including rock phishing kits, to deploy and manage phishing sites.
- Phish sites are becoming more resilient thanks to the increasing use of fast flux networks.
- Phishing infrastructure-for-hire is on the rise, including botnet rentals and ISPs that target illicit activity.
Cybersquatting, domain kiting and pay-per-click abuse continue to exploit brands, evidence suggests seasonal brandjacking trends
average 484,251 accounts of brand abuse were measured each week
including 342,512 instances of cybersquatting, the registration of
domain names containing a brand, slogan or trademark to which the
registrant has no right. Instances of cybersquatting rose 19% for the
year-to-date to 940,363.
- Instances of domain kiting were
down 48 percent in Q3 but still up 78 percent for 2007; with the recent
decline likely related to increased litigation by brand holders.
- Pay-per-click abuse declined 57 percent in Q3 and is down 37percent for 2007.
toy recall and gift card findings vividly demonstrate the contrast
between how brands are protected in the Internet world vs. the
physical,” said Frederick Felman, chief marketing officer for
MarkMonitor. “Brand holders need to develop comprehensive and
aggressive strategies to protect consumers who not only trust their
names in stores, but in online venues as well. They also need to
recognize the Internet has the potential to contaminate supply chains
to brick and mortar vendors. If brand holders don’t move aggressively,
they put their customers, reputations and revenues at risk.”
cornerstone of the Brandjacking Index is the volume of public data
analyzed by MarkMonitor using the company’s proprietary algorithms. The
MarkMonitor Autumn 2007 Brandjacking Index searched approximately 134
million public domain records daily for abuse findings for
Interbrand-ranked brands between July and September, 2007. Trends for
recalled toys and gift card scams are based on analysis of billions of
Web pages and 60 million e-mail solicitations (spam) captured over a
four-week period in September including tens of thousands of unique
landing pages and over 1,000 active domains daily. No customer data or
proprietary customer information was used to create the Brandjacking