Don’t Be A Victim of Cybercrime

December 2017

Black Friday and Cyber Monday have come and gone, and the holiday shopping season is now in full swing. Unfortunately, the seasonal increase in e-commerce brings an increase in online scams and cybercrime. The holiday season is one of the most lucrative times of the year for Internet scammers, due to the increased volume in transactions and shoppers eager to take advantage of sales. In the least damaging of these scams, online shoppers are diverted from a company’s website to that of a competitor. In too many cases, however, the fraud involved can seriously damage a company’s reputation and impose a financial loss on tricked consumers.

Online scams run the gamut from fraudulent “charities” and bogus shopping sites, to so-called “phishing” schemes. In phishing, the user is tricked into visiting a replica website under the control of a scammer and unwittingly entering sensitive private information. 

One common phishing attack relies on “typosquatting,” where the scammer registers a website domain name very similar to that of a legitimate company, often differing only in a common misspelling or transposing of letters. When a user misspells the website name of the legitimate company, the user is directed to the scammer’s website, which is designed to mimic that of a real company. The user might then unwittingly provide to the fake site the user’s credit card information or login credentials for the real site, or actually use the fake site to ostensibly place orders and make payments.

Another form of phishing attack involves sending consumers emails that masquerade as solicitations from a legitimate company. These emails often contain links to fraudulent websites or might download “malware” to the user’s computer, which records keystrokes to learn information for identity theft or encrypts the user’s hard drive and decrypts it only after the user has paid a ransom. In other phishing scams, company employees are sent emails that masquerade as an accounting employee's request for a wire transfer. If employees are not alert to these requests, large sums of money can be lost in short order. 

Legal tools exist to end these scams once they are detected. The Digital Millennium Copyright Act (DMCA) provides an expedited takedown procedure by which the illegitimate website's host or Internet service provider would be notified that the website is infringing upon the copyrights of the legitimate company. To avoid potential liability for copyright infringement, ISPs are required to remove the offending content promptly, but they may restore it if the alleged infringer disputes the takedown claim, with the issue ultimately decided in court. 

For fraudulent domain name registrations, domain name registrars (the companies that reserve web site names) are required to investigate reports of abusive use of a domain name and take appropriate action in response, which can include promptly disabling the domain name. Unfortunately, many registrars do not promptly respond to such requests, in which case the Uniform Domain Name Dispute Resolution Procedure (UDRP) may be used to acquire control over the domain name. The UDRP is a mandatory arbitration proceeding that all domain name owners must agree to when registering their domain names. However, the UDRP requires that the offending domain name infringe a trademark right, and the process takes several months to complete, by which time much damage may be done.

When you become aware of an Internet scam, you should notify the appropriate authorities. Although this does not necessarily ensure relief, the report could save others from a similar fate. The FBI maintains an Internet Crime Complaint Center (IC3) here, which accepts online Internet crime complaints from either actual victims or third parties. Also, the Federal Trade Commission maintains its Consumer Sentinel Network, which makes consumer complaints accessible to law enforcement.

These procedures are only partial solutions. Scammers can easily and inexpensively shift their operations to new hosts, new service providers, and new domain name registrars. Companies often find themselves playing an online game of “whack-a-mole” – just as one scam is shut down, two more pop up.

Prevention is the best medicine. Security experts encourage companies to develop internal policies to minimize the chance of fraud and to educate their employees and customers on how to spot phishing scams and other fraud. For example, many companies require two-factor authentication for transfers or payments above a certain threshold amount. In addition to education, there are proactive measures that can frustrate scammers. For example, companies may preemptively register domain names similar to their company name or trademarks, to prevent them from being used in fraud. Additionally, a number of companies offer trademark and domain name monitoring services, which scan the Internet for potentially fraudulent domain names or websites and assist in managing brands online. 

The attorneys at Lewis Rice are experienced in quickly shutting down fraudulent websites and acquiring domain names that could have potentially been used for fraud. If you are concerned that your brand or other intellectual property is being infringed online, particularly in connection with cyber-scammers, please contact one of our attorneys.

Firm Highlights
News

Lewis Rice Wins $1.5 Million in Compensation for Covington Landowners

More
Client Alert

Property Owners Can Push the Issue Under Illinois Mechanic’s Lien Law

More
News

Lauren R. Carey Creates New Blog for Social Media Influencers

More
News

Four Lewis Rice Attorneys Named 2022 “Lawyer of the Year” by Best Lawyers

More
News

Matthew J. Haas Offers Commentary for Inside P&C Article on Business Interruption Insurance and COVID-19

More
Client Alert

Supreme Court Limits Ability to Compel Access to Private Property Without Compensation

More
News

Lewis Rice Recognized as Top M&A Firm by BTI Consulting Group

More
News

Lewis Rice Wins Nearly $500,000 in Compensation for Sarasota Landowners

More
Client Alert

FTC Reverses Course on Treatment of Debt Payoff Under HSR Act

More
Client Alert

OSHA’s New Guidance Regarding Indoor Mask Wearing, COVID-19 Vaccination Mandates, Regular Testing of Unvaccinated Workers, and More

More
Client Alert

Missouri Now Requires Employers to Provide Leave and Accommodations for Victims of Domestic and Sexual Violence

More
News

61 Lewis Rice Attorneys Named Best Lawyers for 2022, 16 Named Ones to Watch

More
News

Brian P. Pezza Quoted in SHRM Articles on Employee Vaccination Status Disclosure and Employer Vaccination Policies

More
News

John C. Bodnar Named BTI M&A Client Service All-Star

More
News

Michael R. Thiessen Recognized as Pro Bono Spotlight by KCMBF for August

More
Client Alert

FTC Adds Teeth to the ‘Made in USA’ Rule

More
Diversity & Inclusion

Golf Foundation of Missouri Awards First Larry L. Deskins, Sr. Scholarship

More
News

Michael D. Mulligan Publishes Article in ACTEC Law Journal Comparing Sales to an Intentionally Defective Irrevocable Trust and a to Beneficiary Intentionally Defective Irrevocable Trust

More
News

Neal F. Perryman Named to Missouri’s POWER List in Employment Law by Missouri Lawyers Media

More
News

David W. Sweeney Represents Advantes Group in $7.2 Million Apartment Project

More