Latest news with #brandprotection
National Post
4 days ago
- Business
- National Post
CSC Launches Domain Control Validation as a Service, Streamlining Certificate Life Cycle Management
Article content Article content Simplifying domain validation to reduce overhead, accelerate certificate issuance, and ensure readiness for industry-wide changes. Article content WILMINGTON, Del. — CSC, an enterprise-class domain security provider and world leader in domain management, brand protection, and anti-fraud solutions, today announces the launch of Domain Control Validation as a Service (DCVaaS), a unique offering designed to simplify and expedite secure sockets layer (SSL)/transport layer security (TLS) certificate validation processes for all its CSC Trusted Secure digital certificate clients. Article content DCVaaS empowers users with a streamlined, centralized solution for domain control validation, eliminating the need for repetitive validations during certificate renewals. It significantly reduces the time and effort required to manage certificate life cycles—making it an essential tool as the industry moves toward shorter certificate validity periods. Article content This launch comes at a critical time as the digital certificate industry evolves. Notably, the CA/Browser Forum has announced that starting March 2026, certificate lifetimes and domain control validation (DCV) re-use periods will be reduced to 200 days. These will reduce annually, ultimately reaching a lifetime of just 47 days and a DCV re-use period of 10 days by 2029. Additionally, WHOIS email validation will be discontinued on July 15, 2025. While the changes are aimed at enhancing security, and increasing agility, they mandate the need for alternative and future-ready validation solutions that are real-time, scalable, and standards compliant. Article content Key benefits of DCVaaS include: Article content 'Issuing digital certificates involves specific processes and a considerable amount of work. When it comes to renewals, the same steps need to be repeated. DCVaaS addresses a major pain point in certificate management—repetitive and time-consuming validations,' says Mark Flegg, senior director of Technology, CSC Security Products and Services. 'DCVaaS can reduce processing time by more than half, allowing companies to deploy certificates more quickly than ever before. As WHOIS email validation sunsets and certificate lifespans continue to shrink, DCVaaS helps organizations stay compliant, agile, and ahead of the curve.' Article content CSC is the trusted security and threat intelligence provider of choice for the Forbes Global 2000 and the 100 Best Global Brands (Interbrand ®) with focus areas in domain security and management, along with digital brand and fraud protection. As global companies make significant investments in their security posture, our DomainSec SM platform can help them understand cybersecurity oversights that exist and help them secure their online digital assets and brands. By leveraging CSC's proprietary technology, companies can solidify their security posture to protect against cyber threat vectors targeting their online assets and brand reputation, helping them avoid devastating revenue loss. CSC also provides online brand protection—the combination of online brand monitoring and enforcement activities—with a multidimensional view of various threats outside the firewall targeting specific domains. Fraud protection services that combat phishing in the early stages of attack round out our solutions. Headquartered in Wilmington, Delaware, USA, since 1899, CSC has offices throughout the United States, Canada, Europe, and the Asia- Pacific region. CSC is a global company capable of doing business wherever our clients are—and we accomplish that by employing experts in every business we serve. Visit Article content Article content Article content Contacts Article content Article content Article content
Forbes
11-05-2025
- Business
- Forbes
What Is Cybersquatting? Understanding the Digital Threat
Cybersquatting can have serious implications for its victims, from reputational damage to financial ... More losses and lawsuits. Cybersquatting — the use of fraudulent internet domains — is a technique used by criminals mainly to take advantage of the victim's trademark and brand. It's also used as a technique for data theft or fraud, and sometimes the aim is to sell the domain back to the company or individual that's being impersonated. Cybersquatting is less common than it used to be, thanks to greater awareness amongst firms keen to protect their brand, but still happens pretty often: in 2024, the WIPO Arbitration and Mediation Center handled nearly 6,200 cases. We look at the different types of cybersquatting, and how to protect your brand. Cybersquatting refers to the practice of registering a domain name that's identical or similar to a genuine domain. The domain name might, for example, be company_name.com, where the real firm uses Sometimes, though rarely, cybersquatters will find a business that has no registered domain at all, making their job even easier. There are various motivations for cybersquatters, from financial to malicious, and a cybersquatted domain can cause serious reputational loss as well as money. The fake site may, for example, host phishing scams, sell counterfeit products or take payment without fulfilling orders. Victims are usually companies — often well-known brands — but occasionally a high-profile individual may be targeted to cause them reputational damage. There are several types of cybersquatting, with different motivations and techniques. They range from typosquatting — exploiting common misspellings of words or company names — to the impersonation of famous figures. In some cases, cybersquatters take a bulk approach to their activities, registering dozens of domains, or automatically monitoring numerous companies in case their domain name registrations lapse. In other cases, they hold firms to ransom, demanding money in return for handing over the domain. Typosquatting involves buying and registering domain names that are common misspellings of real ones. Sometimes, these involve frequently misspelled words, sometimes they're common typos. The aim of typosquatting is usually to collect personal data or download malware onto the victim's device — for example, when in 2006, typosquatters registered installing a dodgy antivirus program. The case was settled out of court. In another set of examples, several candidates in the 2020 U.S. presidential election had fake URLs that were close to their names set up, spreading misinformation or hosting fake fundraising pages. Some cybersquatters will register domains associated with public figures, celebrities or even sometimes their enemies. The aim may be to piggyback off the victim's success to, for example, spread spam or malware or to damage their reputation. It's one of the most popular types of cybersquatting. In one example, back in 2000, Madonna successfully sued a cybersquatter who had registered and used it to host porn, and gained control of the domain. Identity theft is the most basic form of cybersquatting: registering a domain that's a variation of a company's name to impersonate it. The website may mimic a legitimate site to harvest personal or financial information for the purposes of fraud. It may also sell counterfeit products. In 2007, Dell took legal action against three website registrar firms, accusing them of unlawfully registering and profiting from 1,100 domain names that were similar to Dell's own trademarks. In reverse cybersquatting, the cybersquatters attempot to make sure that their fraudulent website can't be taken away. After picking a target, they register a business with the same or a very similar name. They can then register that domain and trademark rights, enabling them to argue that they have a legitimate right to the domain. They may even attempt to argue that the real business is the cybersquatter. In domain name warehousing, would-be cybersquatters monitor domain names that are about to expire — and try to jump in and register them themselves if the owner fails to do it in time. They can then hold the original owner to ransom, demanding money to reassign the domain name. To increase the pressure, they may threaten to misuse the website in the meantime. In one example last year, a British digital marketing expert was able to buy Reform party leader Nigel Farage's and redirect it to Michel Barnier's website — just for fun. Most countries have laws against cybersquatting, allowing organizations to gain control of cybersquatted domain names and seek damages against the registered holder. In the US., cybersquatting is covered by the Anti-Cybersquatting Consumer Protection Act of 1999, while the European Union Intellectual Property Office (EUIPO) has enforcement powers against domain name infringements. Meanwhile, the World Intellectual Property Organization (WIPO) Arbitration and Mediation Center will transfer or cancel a domain name if it's identical or confusingly similar to a trademark over which the complainant has rights, and the domain name has been registered and is being used in bad faith. There are a number of risks associated with cybersquatting. One of the most obvious is reputational damage. Potential customers taken to sites filled with spam, misinformation or malicious software will lose faith in the brand. Meanwhile, customers visiting the fake site aren't visiting the real one, leading to loss of sales. Cybersquatting can also lead to data breaches, tricking visitors into providing sensitive information such as passwords or payment details. This exposes companies to legal fees, fines and the costs of damage control. And with many cybersquatters attempting to sell their fake domain name back to the legitimate website owner, there can also be a high direct price to pay. The way to avoid cybersquatting is, of course, to make sure you snap up every domain name that could be associated with your organization. That means not just your main domain, but also all possible variations, including common misspellings. And if, for example, your domain is you should also register other common top-level domains, such as .net, .biz or .org, along with country-specific extensions. You should also register your business name as a trademark, which will give you clear grounds to file a case. And you should monitor regularly to check whether domains similar to yours have been registered — there are a number of services that do this and will issue alerts. Finally, make sure you renew your genuine domain, along with the alternates, to make sure cybersquatters don't spot them expiring and snap them up. Bottom Line Cybersquatting can have serious implications for its victims, from reputational damage to financial losses and lawsuits. It's possible to protect your brand from such attacks — and take legal recourse if it happens — but staying safe from cybersquatting takes initial effort and continuous monitoring.
