The more brands invest in advertising to enhance their online sales, the greater the business potential for cybercrime.
Combatting illicit business is like a game of chess: for every move that a brand makes to protect itself, cybercriminals make a countermove. Activities such as counterfeiting, or brand impersonation are constantly adapting to take advantage of emerging market potential and changing consumer habits. Sitting in their crosshairs are the brands most familiar to users, those which invest in advertising and e-commerce to increase their notoriety on the Internet.
There are several types of fraudulent operations which vary depending on the channel in question and the nature of the fraud. We explain what each of them consists of in this article.
Counterfeiting operations can be found on various types of e-commerce sites, from online marketplaces, such as Amazon or Alibaba, to websites that mimic the official brand. The behavior of cybercriminals is different in each case:
Returning to the simile of the chess game, counterfeiters know which moves will expose them and which are safe. For that reason, counterfeit products do not appear on online marketplaces with the name of the brand or the product, nor do they place images on the main product page, since these would be detected quickly. On the contrary, cybercriminals try to disguise counterfeit merchandise as much as possible by promoting it solely via social networks, often by directing users through a string of websites until they land on the product.
On both search engines and e-commerce sites, fake merchandise can be found through the keywords employed, such as the brand name, along with other search terms such as "outlet" or "discount". However, the volume of data returned from these keyword searches is enormous and it’s difficult to analyze the results to discern which links lead to a counterfeit, and which do not. For example, consider that our user platform on average rejects 95% of the links detected during the initial scan that forms part of our antipiracy service process.
In order to classify the detected links, matching and filtering criteria are applied, using factors such as image recognition or identification of prices set considerably lower than the recommended retail price (RRP). It would be impossible to process the sheer volume of Big Data without the aid of machine learning algorithms and automated computer vision techniques, a scientific methodology which processes, analyzes and "understands" images, and whose recognition algorithms allow us to find similar images, even if they have been altered (such as a distorted logo).
Once the fake merchandise has been identified, a request for its removal is issued, documenting the applicable legal rights using the copyright protection mechanisms available on these e-commerce sites. This process is automated and validated by means of the agreements that Smart Brand Protection has in place with the main online sales platforms.
When acting against illicit business, it’s important to consider the online share in terms of visits that each marketplace has. This allows us to prioritize the search for counterfeit goods, targeting those that have the potential to cause the greatest negative impact on the brands in question.
Online marketplaces are not the only location where illicit business practices can be found. Brands with a strong e-commerce presence face an even greater threat: rogue sites. A "rogue" is defined as a person who behaves in a way that is detrimental to others. Rogue sites are websites that use the identifying features of a brand to market counterfeit merchandise. These sites target users favorable to the brand and are often unaware that they are buying on a fraudulent website. In the case of the most frequented online marketplaces, the products are promoted through social networks using attractive imagery and pricing.
In some cases, users who make a purchase on a rogue site do not become aware of the deception until they receive the counterfeit goods, while in other cases the product never arrives. Other times, the website disappears overnight and there is no way to file a claim or even prove its existence. Thanks to our participation in the Google Trusted Copyright Removal Program (TCRP), we at Smart Brand Protection are able to quickly and efficiently delist such rogue sites from all Google result pages.
If, however, copyright owners do not act promptly, this type of fraudulent website can have a negative impact beyond simply causing harm to brand reputation: loss of sales, distrust in advertising campaigns or even a collapse in customer service due to a flood of incidents being reported in relation to rogue sites.
Apart from counterfeiting, the impersonation of a brand by cybercriminals may have other purposes, such as acquiring personal information from users (phishing) or other forms of fraudulent activity.
Although brands use a small number of domains to facilitate access to their customers, they usually acquire a larger set to prevent others from using them to supplant, or "spoof" their customers. However, there will always be domains available which pirates can take advantage of.
Cybersquatting (or brandjacking) is the misappropriation of domain names that closely mimic the legitimate sites. They are used to divert traffic from them, make fraudulent use thereof, or benefit from the online traffic or advertising. To be considered cybersquatting, the owner of the domain (without any right or legitimate interest in the trademark) must use an identical or very similar domain name for fraudulent purposes.
Typosquatting (also known as URL hijacking) is another form of cybersquatting. This is when domains are acquired that utilize the common typographical errors (spelling mistakes) committed by users when they enter the address of a website in a browser; for example, smartproteccion.com in place of smartprotection.com. The most common techniques for performing this type of brand abuse include adding characters at the end of the domain name, replacing a letter with a similar one, separating the name with a hyphen or changing the top-level domain suffix.
In addition to domain spoofing, there are other identifiable features of a brand that can be used for illicit activities, one of the most common being the logo or trademark. Cybercriminals use the brand image, or a very similar one, to attract customers and create a false sense of security.
Pirates also invest in ads that supplant the identity of the real brand to sell counterfeit products which are familiar to users at bargain prices. These ads are frequently posted on social media networks and usually link to a rogue site, where buyers can easily complete a purchase in just a few clicks.
What's more, pirates invest in SEM to get better search rankings based on brand names and/or products that do not belong to them. There are existing legal precedents where this practice has already been found to be illegal.
This form of advertising is often seen on Instagram, a social network that is increasingly popular among young people. According to figures from Ghost Data (2019), Instagram hosts an estimated 6,769 active accounts that promote counterfeit merchandise, an increase of 171% in the last three years. In the case of fashion brands, which suffer the most from this form of abuse, 15.5% of the industry-related hashtags published correspond to counterfeit goods.
Brand abuse through advertising can lead to user distrust, and consumers may come to doubt the authenticity of the ads he or she sees on social networks, even when they are genuine, which leads to a loss of effectiveness in advertising expenditure. It’s important to recognize that, following a purchase on a rogue site, the customer may also associate the brand with a bad user experience or with low quality merchandise.
As we can see, the moves made by cybercriminals in their metaphorical chess game are many and meticulously crafted. With this in mind, the best choice is not to move a piece and then wait for the opponent's turn, but rather to sweep all his pieces from the board.
Whenever brand abuse occurs, there are two basic solutions: by means of a legal proceeding, and/or through the immediate de-listing of the URL. We at are able to de-list an illicit URL in a matter of hours, meaning that we can act to eliminate access to pages containing the most common and higher volume of abuse. In order to definitively take down a fraudulent domain, it is necessary to initiate a legal proceeding by engaging legal teams specialized in intellectual property rights. The combination of both approaches serves to checkmate cybercrime, but let's not forget that, on the internet, whenever one game ends, the next one begins. Therefore, it is essential to be constantly protected by specialized platforms for the detection and removal of illegal content.