This year’s Annual Meeting will feature valuable skill-building workshops, industry breakouts, interactive table topics, and trademark law sessions focused on international topics; as well as an exhibition hall boasting nearly 100 exhibitors debuting new products and services to help protect your brand – and this is where you will find BrandProtect.

Why choose BrandProtect to protect your brand?

For over a decade, some of the world’s largest and most security sensitive organizations have been relying on BrandProtect to mitigate their online threats and protect their revenues, intellectual property rights and reputation. Our customers include global brands and leading financial institutions, including five of the top 10 banks in the world, as well as many small and mid-sized organizations.

Internet brand and trademark infringements along with other infractions can result in a range of unintended consequences including:

• Misleading consumers and exposing the organization to liability.
• Diverting consumer traffic from its intended destination and thus reducing potential revenues.
• Falsely connecting corporate brands with illegal or offensive activities.
• Even accidental abuses by authorized resellers or agents can lead to significant financial loses and potentially damage customer relationships.

BrandProtect’s Brand Abuse Protection services are a perfect complement to any brand governance, channel management and traditional intellectual property protection programs. In order to Prevent, Monitor, Understand and Act upon internet infractions, we offer a range of specialized services.

Through the use of proprietary technology, which is continually searching the internet, and human analysis, we formulate search strategies based on brand terms or key identifiers that are particular to your brand, business and industry.  In this way we can identify web links, URLs and page content that may be potential threats to your intellectual property and brand.

What’s new at BrandProtect?

BrandProtect is continuously enhancing the protection services we offer our clients, and as a result – in addition to the current list of gTLDs that we are monitoring (.com, .net, .org, .info, .mobi, .aero), we are pleased to announce that, as part of our daily domain monitoring service we will now be monitoring domains in the .XXX space that have been registered with your trademark or a variation of your trademark.

For more information on the topic of .XXX we welcome you to learn more about it here:
.xxx domain monitoring.

Will you be attending INTA’s 2012 Annual Meeting? Let us know! We hope to see you there!

Besides the obvious customer care oriented benefits of including social media in any medical practice, there is also the fact that patients have already been searching for health information online and there results are not always moderated by a physician. Very few doctors are available to offer clarity and knowledge and as a result patients tend to self-medicate based on information provided by someone across the globe who may or may not have any relevant medical knowledge.

The main reason why healthcare professionals haven’t added social media to their practice is accountability. While 60% of physicians and 65% of nurses are interested in using social networks for professional purposes[1], the risk associated with sharing inaccurate health information and dissemination of content by a healthcare professional or student is enough stop any initiative.  The Health Insurance Portability and Accountability Act (HIPAA) has made it even more challenging for health care professionals from participating in online conversations. Not only that, but privacy concerns have also been raised by both parties, patients do not want to have their information disclosed and doctors do not feel comfortable blurring boundaries between their personal and professional lives.

So why, then, is it imperative for healthcare professionals to break into social media? Because the risks of not being involvedfar outweigh the risks of being part of it. Not understanding this space or refusing to engage with it is no longer a valid reason for ignoring it.

Patients or employees could be bashing your name, your institution, your methodology online already and you have no clue and no control over what’s being said! And as many of you may know, patients will listen to “someone like me” more than they’ll listen to their healthcare providers, celebrities or politicians. Thus, if a forum has been build where your brand name is being abused by people who did said they did business with you, others will believe them by default. You need to care about what is being said and where it’s being said.

How do you monitor for all these entries?

The first step is to utilize a social media monitoring tool. It will scan the internet for predetermined keywords you choose and it will return every mention of those keywords it can find online. We are talking about blogs, comments, Facebook posts, tweets, video comments, forums, news, press releases, mobile apps and more.

Next, you need to set up a Reputation Management Plan. Click here to read more on how it can help you save your reputation when an online crisis hits home. Hospitals, independent medical practices, small clinics, they all need to have one in order to avoid a PR disaster. Think about it as your contingency plan, a set of steps to follow when something goes wrong. You have a plan for viral contamination, think of social media risks as a potential virus that can easily cripple your organization. As part of your plan, you should know what social media sites are being used to talk about your company; do you have a presence on each? Are you actively participating and monitoring this conversation?

Once something is posted online it is there for all to see and even if the original post is deleted you can be sure that the sharing won’t stop. If the content goes “viral” you can be sure that managing the risks will be almost impossible as the damage can be done within minutes.

A good reputation management plan should be tailored to the organization and the right social media monitoring tools and expertise are essential to prevent any damage and protect your business as well as your patients.

Are you part of the HealthCare Industry? Do you have a social media strategy or are you planning on starting one? Have you considered the risks?

While the world was mourning the loss of one of music’s greatest figures of the 90s, more than 325 related domains were registered in less than 24hrs according to domain registrar GoDaddy. Most of the domains registered were looking to monetize on the death of the singer with examples such as: whitneyhoustondiedat48.com, whitneyhoustonheartattack.com, or whitney-houston-legacy.com.

It is not unusual for cybercriminals revamp activities every time a famous individual passes away; we saw malware increase after the death of former Libyan leader Muammar Gaddafi, after Michael Jackson’s untimely death, cybersquatting attempts after Steve Jobs passed away, and now history is repeating itself with Houston’s death. What’s different now; however, is that they are not only going after the singer, but they have targeted her 18 year old daughter as well.

Bobbi Kristina, the only daughter of the late Whitney Houston and ex-husband Bobby Brown, does not own the .com of her name. After doing a quick WHOIS search, the domain bobbikristina.com was registered by Kaylee Kase Studios LLC, an adult entertainment company founded by “Memphitz Creamer”. According to his Twitter handle, he is “22, Bi Racial, CEO, Porn Star, Socialite, Celebrity #rocker style”.

It seems like Mr. Creamer is a Whitney Houston fan, as his current Twitter background displays images of the late singer. This, nevertheless, did not stop him from registering Bobbi’s name on the same day her mother died.

He registered her barely legal, mourning daughter through his pornographic business. Let that sink for a minute.

Thankfully, Aftermarket.com – an online marketplace for buying and selling domain names – considered this an obvious case of cybersquatting and removed the listing yesterday.

This goes on to show that everybody can be targeted by cybersquatters; your company, your CEO, your board members, and if your company has a mascot it will be targeted too. Before you see yourself paying a cybersquatter for a domain that should belong to you, make sure you are monitoring your brand to make sure no one is taking advantage of it. Contact us for more information on brand abuse and brand protection.

For most of these, the impact was felt financially by companies that had to spend a lot of their PR budget addressing what was being put out by company representatives, spokespeople or in Sheen’s case, the complete rebranding and recasting of a television series. The one commonality is that Social Media matters and it needs to be monitored.

An older Social Media misstep has recently resurfaced. Dave Carroll, possibly better known as the ‘United Breaks Guitar’ guy is back in the news. Mr. Carroll parlayed a poor experience into a YouTube sensation after discovering that United Airlines had broken a guitar he checked. Over eleven million people viewed a video he titled simply “United Breaks Guitars”. Carroll has since been a sought after speaker addressing other companies on improving customer service experiences and how to avoid incidents such as this.

As of last week Carroll has a new “gig” as the spokesperson for the launch of a new site calledGripevine. Gripevine is a site which intends to provide customers the ability to discuss negative experiences and offers companies the opportunity to register in order to be notified when comments about their company or products is posted. The unique aspect in this case is the apparent intent of the site, as opposed to other known “gripe” sites such as complaintsboard.com or ripoffreport.com Gripevine is offering the ability for notification and direct and sometimes discreet engagement. The site is just coming out of its beta version and it’s unclear how much traffic or attention the site will generate. What is clear is the importance of understanding a much older lesson about media in general. Marshall McLuhan famously said: “The medium is the message”. This statement has never been truer, the weight and gravity of at least having the situational awareness of where the discussion about your company or products in the online community (or, more recently in the growing mobile community) is happening is a majority of the battle but will not win you the war.

Think of monitoring as the first line of defense you can set up. After threatening messages pass that defense, what will your company do about it? It is quickly becoming obvious to our customers that you need to have a Reputation Management Plan in place and knowing what was said and where it was said will greatly define what path your company should take to avoid any social media disasters like the ones mentioned at the beginning of this post.

So the question remains, are you aware of where people are talking about your brand? What are you going to do about it?

Their new terms and conditions will allow them to take down a site if there is sufficient evidence that it is being used for phishing attacks. After these new rules came to be in late 2011, the number of fraudulent .ru domains went down drastically. Not only that, the lifespan of those domains went down from months to up to 24 hours. At BrandProtect, we have been able to take down malicious URLs in the .ru TLD in as little as 4 minutes with our median takedown time being under 15 hours (some healthy bragging doesn’t hurt!).

But the fight against cybersquatting is a never-ending one and cybercriminals will always try to be one step ahead of the game. Since their domains are now getting shut down at incredible speeds, they have decided to set up camp somewhere else and that somewhere else seems to be red-flavoured.  You may be surprised to know that the Soviet Union had set up a Top Level Domain and it is still active. It doesn’t take a genius to know that this created an excellent opportunity for online scum gatherings. Swiss security blog Abuse.ch reported that the number of malicious .su domains is seen a steady increase.

The Russian Institute for Public Networks (RIPN) administers the .su TLD and it had just over 100,000 domains registered on November 2011 when the .ru policies came into effect. As of January 2012, that number had grown to 101,003 domains.

So to recap: avoid shady links coming from .ru and .su TLDs and ask your network about an increase protection and blockage against those domains. You may also want to know that the most dangerous country code TLDs besides .ru and .su include .cm (Cameroon), .cn (China), .ph (Philippines).

Companies need to be on the constant look out as these rogue websites are popping out left and right. A proper domain name monitoring tool can give you a drastic advantage as it scans registrations to make sure they are not infringing on your company rights. With the imminent arrival of ICANN’s new brand-related TLDs, monitoring domain names should be part of your top 5 things to do this year.

You’ve been warned; do not let cybersquatters outsmart you!

American Consumer Credit Education Support Services (ACCESS) was formed in the late 1990′s as a nonprofit organization to fight against consumer abuses in the credit industry. Although not within our original mission, identity theft is closely tied to consumer credit, so we wholeheartedly entered the fight to prevent ID theft victimization as well.

The primary issue which led to our founding was a consolidation of credit reporting agencies. In 1980, there were roughly 2,200 CRA’s around the country. Today, there are roughly 200. Certain businesses realized that the CRA’s databases contained a variety of highly valuable information, but until the early 1980′s there was no real way to manage that information. The advent of cheap personal and enterprise computers changes all of that.

Cheap computing also drove other businesses not involved in the credit industry to start building large computerized databases of their customers and prospects.

These two trends made computerized identity theft inevitable and easy. Unfortunately, we don’t see any relief in the near future.

Current trends in identity theft are no longer simply oriented at gaining access to credit in someone else’s name. They now include medical ID theft, which is much more difficult to prevent and tax ID theft, which is also difficult to prevent. In both of these cases, the long term affects to victimized consumers can be devastating.

Businesses are also being targeted and victimized by ID thieves. Not because the thieves want to steal the identity of the business or its owner, but because they want access to their customer databases; many of which contain all of the information needed to steal a person’s identity.

Surprisingly, while most businesses realize that they make attractive targets, many do little to try to protect their data. In fact, a recent survey by the Ponemon Institute found that although 81% of companies dealing with medical records realized that they should be concerned about being targeted by hackers, only 51% of companies were actually doing anything to protect their data. Not only is that disconcerting, it is also inexcusable.

A single data breach can cost a company millions of dollars in lost business, ruin the company’s reputation, and bring civil and criminal investigations. Costs after a breach are significantly higher than the cost to prevent a breach in the first place.

As an organization, ACCESS (www.GuardMyCreditFile.org) will continue to advocate for better consumer laws that protect against identity theft, and for greater awareness within businesses to protect consumer data. We will also continue to push the idea that consumers need to take an active role in protecting their own information.

Of course there are always Social Media pitfalls that these organizations really need to be keen to avoid if they want their supporters to have an overall positive experience.   Unfortunately for my favourite soccer club FC Bayern Munich, last week they managed to (inadvertently) get themselves entangled in one of these pitfalls when they released a new app on Facebook, ‘The New FCB Star’, which was met with overwhelmingly negative feedback from the club’s supporters.  Here, then, is a cautionary tale.

Last Thursday FC Bayern announced on their official Facebook Fan page that the club was going to be signing a new player and that fans could click on a link that would direct them to a live press conference containing all the details of who this new player was.  To set a bit of context here, for weeks supporters of the club, much like most clubs’ supporters do in the designated transfer ‘windows’, had been discussing transfer rumours and debating the merits of player A or player B so this announcement of an imminent player signing was met with a ton of anticipation; all of this was in spite of the assertion by the club that there were going to be no players coming to or leaving the club this January.

Clicking on the link did indeed bring up a stream of an official looking press conference (featuring the Club’s Marketing and Sport directors as well as the team Captain) but much to viewers’ chagrin the signing wasn’t what they were expecting.

Essentially the club used the guise of a false press conference to let the supporters know that they were in fact the club’s new signing, the twelfth man as it is known in soccer circles, and that the new Facebook app was going to allow the supporters to become even more deeply immersed in the on goings of FC Bayern.  While the club appeared to be acting with good intentions they completely misread the prevailing mentality that a good chunk of the fan base held; the thousands of negative comments on the Facebook page most definitely proved that point.  Plain and simple the supporters felt swindled.

How is it that a club that appears to be fairly Social Media savvy could have misfired in such a big way with this publicity stunt?  All it would have taken was for someone to take some time to read fan comments on either the Facebook page, Twitter, or any of the many fan forums to find out what the supporters were discussing (like transfer rumours) and perhaps they would have re-thought the whole thing altogether or at the very least communicated it differently.  Realizing their error the club was very quick to post an apology on both the official website and the Facebook Fan page.

We here at BrandProtect have a long list of clients that use our Social Media Analysis and Research Tool (SMART) to help avoid the kind of incidents that FC Bayern had to deal with last week by making sure potential sparks do not become raging infernos.  Our fully customizable search tool allows for clients to monitor a host of issues pertaining to their brand; we search a wide variety of social media outlets and report mentions back based not only on the general sentiment but on the authority that the particular site holds on the internet.  This allows you to prioritize incidents based on how likely web users are likely to see it.  Of course if a situation does happen to get out of control, we’ve got the knowledge and experience to assist you not only in containing the issue but coming up with an appropriate response that allows you to engage in rational dialogue with people as opposed to a more heavy handed approach.

We don’t want to see your online reputation tarnished.

What other risks can a brand face if they choose to ignore what their customers say? How important is monitoring to your brand?

What is interesting to note is that the Internet giants are all blaming the rise of phishing attacks on the growth of social media, among other factors. “With the rise of the social Internet and the ubiquity of e-commerce, spammers and phishers have a tremendous financial incentive to compromise user accounts, enabling theft of passwords, bank accounts, credit cards, and more,” reads an explanation on the group’s site. “Email is easy to spoof and criminals have found spoofing to be a proven way to exploit user trust of well-known brands. Simply inserting the logo of a well known brand into an email gives it instant legitimacy with many users.”

While social media has indeed increased and opened opportunities for cyber criminals to expand their attacks on unknown users, blaming social media is like blaming an entire university institution for a student’s failing marks; while it may be true that teachers can be incompetent, a student’s overall learning capability and willingness to learn are more likely to explain the problem. Internet users need to be educated of the many dangers and risks of social media. Companies also need to set up social media policies and training in order to avoid phishing attacks within the infrastructure.

Nevertheless, DMARC promises to be a great initiative and according to Dylan Sachs, Incidence Response Manager at BrandProtect and phishing and identity theft expert, “Assuming email senders comply with the configuration requirements, DMARC should definitely help reduce both the number of email-based malware infections as well as the losses associated with phishing attacks.  SPF and DKIM have been in place for some time, but the inconsistency amongst email providers with regards to handling failed authentications has really limited their efficacy.  This is not a “silver bullet”, however: implementation of DMARC will not completely eliminate email as a delivery method for phishing and malware, and therefore continued vigilance in the fields of anti-phishing/anti-malware and user education is required for all involved parties.”  He also recommends you still avoid clicking on a bogus URL on an email; if you receive one from an institution you are doing business with, it is still a good idea to contact the institution or browse through their website to access the link.

For more information and to read the entire article on Mashable’s website, please click here.

What are your thoughts? Do you think DMARC will work or will phishing always find its way through to your inbox? Let us know!

So what if something terrible happens and you cannot pay your bills, what do you do?

Some folks in desperate situations may turn to a payday loan(also referred to as a quick loan or cash advance).  These short-term, VERY high interest loans appear to be the quick solution to an acute problem, but many people have ended up owing a lot more than they planned for and regretfully discover that this may not be the best way to solve their financial problems.  A person can obtain a payday loan by going in person to one of the many outlets out there to obtain their loan, but they can also obtain the loan online.  There could be a lot of shame that one may feel if they go into one of these outlets.  They may say to themselves, “What if someone I know sees me?” in fear that they are broadcasting their financial hardships to the world.  Knowing that someone may look down on their situation might make obtaining a loan online more appealing.  The person does not have to leave their house, no one has to know.  The danger with this is that many of these sites are unregulated and who exactly is obtaining your information is unclear.  You could be biting off a lot more than you can chew when you release your personal and financial information online.

At BrandProtect, we see this type of brand abuse all the time. We scour the internet for online threats that use our clients’ trademarks without authorization.  Over the last few months, we have noticed online loan sites popping up that contain our clients’ trademark, which is especially concerning knowing that our clients are well-known financial institutions that do not have any affiliation and do not support these sites.  These sites are providing loan application forms under the guise of the client’s trademarked name and asking for personal information like employment and banking information.

Here is an example of one of these forms (please note that for confidentiality reasons, “XYZ Bank” represents the financial institution’s name, in place of our client’s name):

This is not to say that the individual applying for the loan will not get the money they hope for, but this site is using a well-known and trusted trademark to encourage you to apply for a loan when the trademark owner does not have an affiliation with this online loan site.  On top of having to pay back the loan in a very short amount of time at a very high interest rate, it cannot be known for certain who is actually obtaining your personal information and what might be done with that information once the application is submitted.  For the end user, it might be wise to avoid using an online loan all together and to be especially wary of those that claim to be from a trusted bank or financial institution.

For brands, you do not want your customers being diverted from your website after they’ve identified your brand and think they are conducting business with you. You also don’t want them having a negative experience online, or to become identity theft victims because of brand abuse. Either way, once your brand is negatively associated in the minds of consumers you will have received irreparable damage to your reputation (even if you can prove your innocence). Prevention is key and being proactive is your best defense.

Are you monitoring the internet for brand abuse and trademark infringement?

These scammers will phone you claiming they work in the Microsoft Security Department and that they have been receiving error messages from your computer and would like to help you ‘fix’ the ‘problems’. They will also ask you to perform various tasks such as downloading malware disguised as virus scanners, giving them access remotely to your computer or even to go as far as asking for credit card information.

To date, the fraudsters have only been targeting English speaking countries. Luckily, the majority of people contacted by them do not fall for the scam. Those who do fall victim will most likely have to deal with compromised passwords, identity theft and a financial loss. The average financial loss ranges from country to country. In Canada the average loss was $1,560.00, while in the United States the financial damage caused by infected computers averages $4,800.00 to repair or replace the PC.

These guidelines will help you avoid becoming a victim of these scams.

1. Always be cautious when receiving unsolicited calls even if they claim to be from a legitimate company.
2. Never provide personal information, such as credit card or banking details to an unsolicited caller.
3. Never download any software provided to you by an unsolicited caller.
4. Never give anyone remote access to your computer unless you can confirm without a doubt that they are who they say they are.
5. Always use a strong, unique password and change it regularly.
6. Always ask to be provided with additional information, whether the company can mail you various pamphlets or be directed to more information through their website.  Real companies will never shy away from proving their legitimacy through various means in addition to the phone call.

Have you received these calls at home? At work? Have you let your employees know about this scam?