Cybersquatting and abuse to mainstream consumer brands intensified in 2007.

MarkMonitor[R] has released the company's latest Brandjacking Index[TM] which finds that cybersquatting is the most common form of brand abuse--with a 33 percent jump in one year--and that brandjackers are abusing an expanding range of brands that consumers use everyday. The report also shows recent and significant drops in domain kiting and related pay-per-click fraud, indicating that aggressive legal action on the part of brandholders as well as ICANN scrutiny are proving effective in deterring specific brandjacking techniques. In addition, phishing techniques and targets continued in 2007 to evolve with a 533% increase in phish attacks against the retail and services sector.

The MarkMonitor Winter 2007 Brandjacking Index measures the effect of online threats to brands quarter-over-quarter throughout 2007. The Index also investigates trends, including drilled-down analysis of how the most popular brands are abused online and the industries in which abuse is causing the most damage. The report examines how brandjacking tactics--such as cybersquatting, false association, payper-click (PPC) fraud, domain kiting, objectionable content, unauthorized sales channels and phishing--have changed over the past year.

"Brandjackers continue to sharpen their techniques to reap greater profits, as demonstrated by this quarter's accelerated threats to mainstream industries and their customers," said Irfan Salim, president and chief executive officer of MarkMonitor. "But brandholders have proven they can fight back--we've witnessed an incredible turn-around in domain kiting and pay-per-click abuse. This should encourage all brandholders to be vigilant about protecting their brands and their customers against evolving threats."

Following are select findings from the MarkMonitor Winter 2007 Brandjacking Index:

Cybersquatting continues to grow as brandjackers find new ways to source income.

* Cybersquatting rose 33 percent over 2007, making it the most perpetrated form of abuse.

* 382,248 instances of cybersquatting were identified in Q4, followed by 72,582 instances of false association and 27,098 instances of pay-per-click fraud.

* Sizable quarter-over-quarter increases in cybersquatting signify increased use of brand names and trademarks to drive traffic to illegitimate, unauthorized or offensive sites through search engines.

Litigation by brandholders and increased ICANN scrutiny have significantly reduced domain kiting and related pay-per-click fraud.

* Instances of domain kiting dropped to a yearly low of 9,426 in Q4. Domain kiting declined 14 percent overall in 2007, overcoming a spike in Q2 of 37,634 instances.

* The decline in domain kiting is closely linked with multiple aggressive, successful lawsuits filed by large brand holders against enabling registrars. Creative legal tactics including application of laws against cybersquatting and counterfeiting contributed to the decline.

* Instances of pay-per-click fraud, an abuse closely associated with domain kiting, also dropped to a yearly low of 27,098 in Q4. Brandjackers use this inexpensive technique to generate revenue through paid advertisements for competing brands, unrelated products and services as well as vendors selling counterfeit products.

Paid search abuse declines, blended abuse is increasingly prevalent

* Paid search abuse against retail brands continued to decrease in 2007, with a notable decline of 56% against this category in the first month of 2008.

* Paid search abuses in Q4 were commonly linked with questionable "pop-ups", e-commerce abuses and other risks; this form of blended abuses is indicative of added fraud.

Brandjackers increasingly shift focus to mainstream industry targets including automotive, food and beverage and consumer packaged goods

* Abuses of automotive brands increased by 83 percent in 2007 with 94,809 instances noted in Q4 alone. Similarly, food and beverage brand abuse increased 63 percent, consumer packaged goods increased 62 percent and apparel increased 49 percent.

* Traditional brandjacking targets continued to rise at modest rates. Financial brand abuse for 2007 rose 23 percent and media rose 38 percent.

* The only industry segment to decline in 2007 was high technology which shrank slightly by 10 percent from 57,215 instances of abuse in Q1 to 51,673 instances in Q4.

The United States, Germany and the United Kingdom host the majority of brandjacking Web sites

* While brand abusers can be located anywhere in the world, their top countries for site hosting remained constant throughout 2007. The United States is home to 68 percent of web sites that host brand abuse. Germany hosts 9 percent followed by the United Kingdom at 4 percent. Canada hosts 4 percent.

Phishers target more organizations, shift focus to new industries

* 412 organizations were phished in Q4 2007, an increase of 38 percent from Q3 2007 and 37 percent over the previous year; 122 organizations were phished for the first time in Q4 2007 as phishers shift attention to new industry segments and new targets.

* Phish attacks against retail/service brands increased 533 percent in 2007 with a seasonal spike in August through October. In Q4 2007 retail/services and auction brands accounted for 50 percent of all phishing attacks measured by unique URLs.

* Attacks against payment services brands increased by 11 percent in Q4 2007, though decreased by 24 percent over the year. Attacks against financial services brands decreased by 20 percent in Q4 and by 10 percent for all of 2007.

* 21 percent of phish sites were hosted in the U.S. in Q4 2007 followed by Ecuador with 9 percent and China with 9 percent. Q4 was the first appearance of Ecuador in the top 5 ranking. The U.S. and the Republic of Korea were consistently in the top five of hosting countries quarter-over-quarter in 2007.

Phishers refine tactics to leverage social networks and increase efficiency

* The tactic of using multiple URLs in phish attacks continued to slowly decline in Q4 2007.

* Phishers leveraged popular social networking sites to harvest personal information and launch highly targeted, personalized attacks.

* The integration of a telephone component to attacks, or vishing, became more visible in Q4 2007 as well as phishing through SMS (text messaging), or SMishing.

"Tracking trends over the course of a year shows that criminals and fraudsters around the world continue to develop new and adaptive ways to take advantage of brands," said Frederick Felman, chief marketing officer for MarkMonitor. "Fighting brand abuse can be a daunting task for brandholders of all sizes. The rewards of an effective brand protection strategy are evident for great brands--their respected reputations, valuable customer relationships and formidable revenues."

The Brandjacking Index is an independent report produced by MarkMonitor that tracks and analyzes abuses of 30 brands from the Best Global Brands study by Interbrand. The cornerstone of the report is the volume of public data analyzed by MarkMonitor using the company's proprietary algorithms; no customer data or proprietary customer information is used to create the Brandjacking Index. MarkMonitor searches approximately 134 million public records daily for brand abuse in domain data as well as U.S. and international Patent and Trademark Office data.

The phishing data MarkMonitor analyzes is based on feeds from leading international Internet Service Providers (ISPs), e-mail providers and other alliance partners. The company has scanned billions of Web pages since November 2004 and processes 16 million suspected phishing e-mails daily.

www.markmonitor.com

RELATED ARTICLE: Google Enters PHRs Market

Datamonitor, provider of online data, believes that Google's entry into PHRs means that they will become a success and result in consumers becoming more knowledgable about their own health. While other companies have developed PHRs, the significance of Google's entry cannot be underestimated. Primarily this is because of the unparalleled reach that Google has into consumers--especially those under the age of 30.

PHRs, and Google's entry, are a product of consumers becoming more powerful within healthcare--this is a result of the internet and patients entering the physician's surgery more knowledgable than ever before. The move by Google into the market is particularly significant because it is one of the most powerful and well known consumer brands in existence today. While Google will not be able to purely depend upon its branding to ensure the success of its PHR product--the history of its other products to date stands Google in good stead as does its consumer reach through its search engine and e-mail.

There are also other companies that are developing PHRs. They most significantly include Revolution Health founded by Steve Case the former CEO of AOL--but also IBM through Second Life and Microsoft with Health Vault. Revolution Health is the most significant company outside Google because of its breadth of offering and consumer appeal--however as a start-up it does not have the ready customer base or widely recognized brand that Google has. In addition, Google is in a strong position for success, in comparison with other PHRs, because it is targeting consumers in an advertisement free environment.