enforcement
domain monitoring
globaleyez

globaleyez presents at Europol

Europol launched the next phase of Operation In Our Sites and globaleyez was invited to present a successful case of domain monitoring. Find out all about it from our article.

Europol held an invitation-only kick-off conference for Operation In Our Sites (IOS) on 6-7 April. The event launched the next phase of the highly successful IOS series, established in 2014 to fight the trade of fake products on the internet.

IOS, “a recurrent joint global operation” brings together a “range of anti-counterfeiting associations, brand owner representatives and law enforcement authorities … to facilitate international cooperation” in the fight against counterfeits.

The latest event, held in Alicante, Spain, saw approximately 80 invitees from European national authorities and the private sector coming together to discuss the latest developments in fighting fakes online. As a service provider with a proven track record in the fight against IP infringements, globaleyez was asked to present a case study of a successful operation.

The case

At the conference, Felix (Head of Operations) and Sahra (Project Manager) presented a particularly interesting case involving a specific webshop we encountered while serving a well-known client in the software industry.

The webshop in question

This webshop is a dealer of multiple software keys at low prices. While their offices seem to be based in London (and they only provide differing UK phone numbers and an email address as contact info), their domain, created in March 2021, is hosted in the US and uses a .com TLD.

Screenshot of this webshop created by our Google Chrome extension, screenseal
Screenshot of this webshop created by our Google Chrome extension, screenseal

Red flags for infringing domains

Based on our experience with dozens of infringing websites, the target website had several features that made us stop and think. The overly enthusiastic style of text describing the products (including phrases like “100%”, “premium” and “genuine”), the scarce contact information, the embedded social media pages not leading to actual social media accounts of the company, the expired copyright data, and of course, the heavily discounted prices are all signs that may point to potential IP infringements.

And, last but not least, if a product carrying the name of a reputable company makes you think “Really? Why did they create a product like that?”, that’s probably not a real product by the real company.

Screenshot of awesomeinventions.com displaying a fake product used in a comedy act
Screenshot of awesomeinventions.com displaying a fake product used in a comedy act

Our road to success

It all started with a routine round of domain monitoring for a well-known client in the software industry. For this service, we use a combination of software and manual searches to detect any potential IP infringing domains.

This includes a little trick where we put the search terms into the image search sections of search engines. Upon discovering a potentially infringing domain, we click on “similar results”, which tends to give up tons of other similar cases.

And voilá, we landed on this webshop and due to all the red flags outlined above, put it on our list right away. But that was just the start. As we went deeper into this domain, we discovered a criminal network with a revenue of over a million euros - all gained at the expense of our client.

Enforcing our client’s rights

Our job as online brand protection experts doesn’t stop at discovering infringements. In fact, the next natural step in our workflow is to conduct a test purchase to gather court admissible proof about the product’s origins as well as the seller’s behaviour and basic data. In this case, a test purchase from this shop allowed us to run forensics on the product, and a comparison of serial keys proved that the purchased software was indeed not genuine.

Then we can move on to our next step: ensuring the removal of infringing web content as soon as possible.

For domain monitoring, that usually means getting in touch with registries and registrars to remove the domain from the internet. This works very well for single webshops or suspicious pages that bear the name of our client without authorization. But in the case of multi shops like this one, where our client is not the only brand appearing on the site, we often have to use a different approach.

Luckily, we have a whole arsenal of industry-wide connections to aid us in our quest. When arranging the takedown of infringing content, we can reach out to one of our partners or any combination of them, to ensure the swiftest possible action. And who are our partners?

1. Payment providers

There’s something every webshop has in common: they have to provide some kinds of payment options. This is why we have developed close working relationships with major payment providers, including PayPal, Visa and Mastercard.

Our partnerships work in two ways. First of all, when we inform providers that a seller is infringing on our clients’ IP rights, they block payments flowing into their account. And secondly, they may share information they have about the seller, which is very important, especially if the seller chose not to disclose a lot about themselves on their website. Just like the shop in our case.

2. Sales solution providers

Sales solution providers like Shopify and WooCommerce help businesses create compelling webshops. Unfortunately, fraudsters and infringers can benefit from these services as well.

When we encounter infringing sellers on a webshop created by Shopify & Co, we notify the provider to let them know about the results of our investigation. In the overwhelming majority of cases the sales solution provider swiftly removes the infringing listings from their site.

3. Infrastructure providers

Domain registries, registrars and hosts play quintessential roles in assigning and recording domain names, therefore globaleyez developed close cooperation with all the major actors in this segment of the industry.

In case of a single webshop or a site bearing the name of our client without authorization, we contact the registries/registrars and they usually remove the entire domain from the internet.

4. Search engines

A search engine like Google, Yahoo and the infamous DuckDuckGo that also surfs the darknet is usually the first stepping stone to accessing information on the internet. Most search engines allow ads to be placed among and/or around the search results. However, both ads and genuine search results can lead to infringing domains.

This is why globaleyez is in close contact with all major search engines. Upon discovering an infringing domain, we reach out to the search engine in question and request them to remove the domains from their search results.

This is a very important step because without being listed, potential customers can’t find these sites unless they possess the direct links. The cooperation of search engines ensures that infringing domains are taken out of circulation while we work with the domain registry to permanently delete the domain.

5. Authorities/blockdown

Last but not least, we cooperate with authorities like Europol to put a stop to IP infringements as quickly as possible. With this particular webshop, we reached out to authorities to escalate the case.

We also have partners in the private sector that promise similar results, including a Blockdown program. With this feature, we can block infringing domains from users’ computers that run a specific anti-virus program with a pre-defined set-up. When those conditions are met, we can take action to ensure that the domain is blocked on over a billion devices.

Triumphs and challenges

Taking down one infringing domain is an essential step on the road to fight for our clients’ IP rights, but we want to do more. Since fraudulent domains seldom come alone and are easily replaced by another, sustainable success requires us to detect and remove entire domain networks, including roots and sources. And that is exactly what we aim for.

Identifying traffic sources

Following web traffic is a useful way to help us connect the dots in a fraudulent network. There are several tools we can use for identifying where a fake shop gets its traffic from.

We gain a ton of useful information this way, including total traffic, originating countries, ranking for a specific category and, last but certainly not least, similar pages.

Bar chart from similarweb.com depicting an example of a website’s traffic sources
Bar chart from similarweb.com depicting an example of a website’s traffic sources

Finally, removing the fake shop from these traffic sources is a major step towards cutting it off completely.

Current challenges to solve

Due to the specific features of the infrastructure a website is built with, each domain monitoring case is unique, including the challenges it may present for us. In the case of this particular webshop, we encountered numerous issues we had to solve to protect the IP rights of our client.

First of all, our attempts at contacting the company went unanswered. Then, due to GDPR legislations we weren’t able to find out the name of the registrant. Since this shop is not working with a sales solution provider like Shopify and belongs to a .com registry that doesn’t help brand owners without a court order, we faced further challenges with finding a responsible party to turn to.

The registrar was not willing to cooperate, so our major breakthrough came when we got in touch with the web host and they took the infringing content down. Unfortunately, our victory was short-lived because after our first attempt at removal was successful, the site switched web hosts and the infringing listings reappeared online. Luckily, we tracked down the next host and repeated our request for takedown.

The outcome

All’s well that ends well, at least for our client. The infringing listings on this webshop hurting their brand are finally down and won’t cause them any further damage (at least until the shop finds a way to get them back up).

Unfortunately, this webshop still exists and may cause great damage to other brands. We escalated the case to Europol, hoping to put an end to the criminal activity surrounding this webshop. However, a full victory over this infringing website needs more coordinated action. Therefore, we encourage brands to collaborate and take action together against IP infringements on the shop in question, and everywhere else on the internet.

In our experience, fraudulent domains and IP infringing listings have a way of reappearing in other corners of the internet. Which means that while we definitely have a lot of reasons to celebrate our successes, we can never sit back and declare the internet free of IP infringements.

Domain monitoring, just like online brand protection in general, has to be a continuous effort to protect one of the most important assets of brands, intellectual property rights.

Contact us if you have any questions or concerns about domain monitoring, or any other aspect of trademark protection.

picture of author picture of author picture of author

Related news

Google reveals new marketing features

Google’s new marketing features are a marketer’s dream come true. But can they …

discover more
Metaverse and NFT marketplaces explain…

Metaverse marketplaces are booming. Discover the main types of these platforms …

discover more
Trendyol strengthens its presence in E…

Turkish e-Commerce company Trendyol plans to set up shop in Europe. Find out al…

discover more