The sheer AUDAcity of scammers

Two weeks ago auDA, the organization that has responsibility over the Australian ccTLD, .au, implemented a new set of rules on ownership of its domain names. Whilst the changes have been controversial within Australia, it has also led to an increased threat from scammers who have been exploiting the implementation of new rules by demanding the sharing of personal information from registrants.

From the 12th April, all new registrants of .AU domain names, and those renewing existing registrations need to comply with a number of registration criteria, designed to protect Intellectual Property holders. Whilst the sentiments behind this are good, those hell-bent on causing issues are utilising the new rules to try to attempt to hoodwink unsuspecting domain name owners.

The new rules state that to be eligible to hold any name in the .au ccTLD you must first meet the Australian Presence requirement. For organisations, this means being able to meet the Australian Presence requirement by holding an Australian trademark (including a pending application) that appears on the Australian IP database.

Prior to the 12th April, the domain name could be “closely and substantially connected” to the trademark registered, which gave organisations the opportunity to register misspellings and domains with subtle differences, providing additional protection against Typosquatting. The new rules state that domain names now need to be an exact match of the registered trademark (there is some leeway in the use of punctuation and common adjuncts). If an organisation isn’t able to provide the necessary trademark registration then it will lose their domain name.

For some registrations proof of Australian presence or citizenship is necessary, which has led to auDA, issuing another warning about the rise in malicious activities from scammers who have been contacting existing registrants and asking for copies of identification such as passports and drivers licences. The nefarious actions were first seen back in January, with very authentic and official looking emails asking registrants for this information.

Whilst the domain names themselves didn’t appear to be under threat, the fraudsters would use the personal, and in many cases, confidential information from the IDs to either resell or to assist in fraudulent activity themselves, such as applying for loans, bank accounts and other financial instruments.

The changes will impact brand holders in a number of ways. They may now need to look at alternatives as to how they hold and register their .au domain names if they are based outside of Australia as well as potential additional brand protection measures to cover typographic registrations. On the flip side, restricting registrations just to exact trademark records means additional costs for any cyber criminals looking to exploit the IP of a brand as they would need to also consider a trademark registration as well as the domain name.

For more details of the change, please go to auDA’s information page here.

In a (super) league of their own

The news this week has been dominated by one story – the creation of the European Super League. The reaction from football fans, non-football fans, business leaders and politicians has underlined the magnitude of the situation, with everyone having an opinion on the rights and wrongs of the news and its impact on football in general.

It it relatively clear this wasn’t a decision that was made in the past few days, or even in the last week. There are twelve football clubs from England, Italy and Spain involved, plus a US financial backer. Add in legal teams, branding consultants and other entities and it becomes clear this would have been in the planning for some time.

The European Super League is a new brand, launched as the organisation that will (at the time of writing) oversee the competition which will (probably) start at some point in the future. When the news started to leak out on Sunday evening, there was a lack of any concrete information available online, but come the morning of Monday 19th April, there was a press release and a website ready, complete with its own domain name.

Any organisation, which is planning on launching a new brand, needs to take a number of steps to ensure they have understood the digital landscape and that they are not either infringing on someone else’s Intellectual Property or that they can protect their new brand/business name as quickly as possible. There is always a danger of a leak, as with the European Super League, which could lead to domain name speculators trying to make a quick buck by registering potentially infringing domain names. Whilst there is always a legal course of action open to recover infringing registrations, in many instances the costs could be prohibitive to a new entity.

The other issue is time – dealing with IP infringements or negotiating the purchase of digital assets takes time which could in turn lead to delays while recovering or purchasing (at a huge premium) the required domain names or worse registering a whole new set of domains and trademarks.

It is therefore essential to have a brand launch strategy, one that encompasses the necessary steps to obtain the intellectual property before and general launch, or potential leaks. In the case of the European Super League it seems the organisation were thinking ahead, purchasing the domain name on the secondary market six months ago as the following information shows.

A brand launch strategy needs to encompass domain names, trademarks, copyrights and now, more than ever, social media handles. Interestingly, the Twitter handle “TheSuperLeague” was registered back in September but as yet has not tweeted nor does it have any followers or information in its bio, a similar situation to the Facebook Group name.

On the domain name side, was registered on Sunday (via GoDaddy) whilst there are existing domain names and websites in use relating to Rugby League’s Super League (such as which could cause some confusion.

Any organisation or brand that is considering creating a new entity should have a brand launch strategy in place. This should include:

  • An understanding of what the brand name translates to both in common language but also when you push the words together – for instance Powergen Italia looks fine written like that but remove the space in between the two words and it is a different story.
  • Does the brand name have alternative meanings?
  • What is the budget for acquiring the assets?
  • What digital assets are available and what could be purchased at low cost?
  • What trademarks already exist for the brand, where and in which classes?

Naturally, the ongoing success and reputation of any new brand needs to be underpinned by a brand monitoring and protection programme which is able to frequently, if not constantly, monitor for any infringing registrations of domain names, trademarks or social media handles as well as the content associated with them. Based on the outcry at the proposed European Super League that may be a very busy job indeed at the moment.

Deleting Domain Names – Part 3

The final part in our series on the steps any organisation should take before they press delete focuses on what you could be giving away to opportunists and your competitors unwittingly. The cost of undoing an erroneous deletion is significantly more than the renewal cost and it is often wise to work with a corporate domain name management company or a consultant who is able to review domain names due for expiry/renew on a regular basis and make recommendations based on a holistic review rather than a cursory glance at just the name and the renewal cost.

Many organisations look at domains purely in the cost of registration or renewal, but there is an inherent cost that is hard to quantify. It is often the case that organisations look to cut budgets every year and will target domain names that appear to have little or no value without ever properly checking. Along with the previous steps, the following checks will determine the importance of a domain name to an organisation, as well as the potential value to a third party.

  • Are there any trademarks that align to the domain name? The cost of registering and maintaining trademarks is normally a bigger concern to organisations than their domain names, although in most cases, renewals are for multiple years, rather than single ones for domain names. A combination of a matching trademark and a domain name registration within a specific jurisdiction provides comprehensive protection for an organisation’s intellectual property. In some geographies, a trademark is needed before a domain name can be registered, and within the new gTLD programme, the protection offered by the Trademark Clearinghouse is dependent on the validation of a trademark with active use. Allowing domain names to lapse that support trademark registrations could allow third parties to make conflicting trademark applications themselves and look at passing off abuse in the future. The cost of a domain name registration is normally a fraction of the trademark, yet when combined they provide an added layer of protection for the brand, so it is important to cross refer any domain names to the trademark database. If in doubt about the internal records, an organisation could carry out their own searches for trademarks – a simple database to start with is the one here.
  • How would you feel is your biggest competitor acquired the domain name and started actively using it? This question is normally the one that organisations find the hardest to answer. Of course, they would hate to see anyone using their domain names actively, but on the other hand, don’t want to keep them themselves. This simple test is often enough to make organisations think twice about whether to delete a domain name or not. There is a big difference between a cyber squatter picking up a dropped domain and using it to try to extract cash out of an organisation and a competitor forwarding a domain name to their existing website. If there is any doubt about whether the organisation would be able to justify it, let alone be happy about it then the domain name shouldn’t be deleted.
  • How has the domain name been used previously both internally and externally? Whilst a domain name may not appear to be live or have a valid DNS entry, it could have some hidden use internally. For instance, it could have some live MX records which support a whole email platform within an organisation, or even externally too as web forwards. Before you press the button to delete the domain name you may just want to ensure that it doesn’t somewhere support any other applications. Likewise, you may just want to check the backlinks to a domain name to see if you could potentially upset anyone else, or inadvertently send traffic someone else’s way by deleting the domain. One good tool to use for this is ahrefs.
  • Is the domain name on any black list? Finally, it may just be worth checking to see if any domain names appear on any black lists before it is deleted. Whilst you will in theory be getting rid of an issue by deleting a domain name that appears on “bad domain” lists, previous ownership searches could reveal that the organisation was the last registrant and there may be some reputational issues. Using a tool such as MX Toolbox enables an organisation to quickly check if the domain name is listed anywhere and take the necessary corrective measures. This is especially important if you plan to try to sell the domain name, as it should be one of the measures that a prospective buyer takes.

Whilst there is an ongoing balance between ensuring that domain names both proactively and reactively add value to an organisations intellectual property, and reducing ongoing costs, it is vital to ensure that careful consideration is given to all decisions on the deletion of domain names. If an organisation doesn’t have the resources or the time to review their portfolios regularly, approach a corporate domain name management company or an experienced domain name consultant would could carry out the audit work and even create a domain name policy that will document the different categories of domain names they hold and set some parameters on which domains should be held, and which should be considered for deletion.

Should cost still be a major concern some corporate domain name management companies may be able to offer defensive domain registrations, where the DNS is set to a holding page or resolver without any ability to override it, similar to the .XXX blocks ( for instance) in exchange for a lower registration/renewal fee.

The final piece of advice is that if an organisation is in any doubt, just ask. It is far better to double and treble check that to have to explain away why a critical piece of IP has been allowed to lapse or be deleted.

Deleting Domain Names – Part 2

Now that you have started to look at some of the details behind the domain names you are planning on deleting, you should hopefully have been able to make some decisions on which ones to keep and which to continue to look at in some detail. That doesn’t mean to say that you should simply remove any from the steps just yet as we will see from the next three checks that you should make,

Who owns other domains that use the same keywords?

It is quite possible that the domain name you are considering deleting may have significant value because of the actions of others. Someone else may be using the same keywords actively already and thus there could be value in you either hanging onto your domain name or even seeing if they may want to acquire it from you. Naturally, you may need to check to see if there are any trademarks using those keywords as that may impact what you can do, especially if you don’t own the corresponding mark yourself.

One good tool to use to determine whether there are any other domains registered using the keyword(s) is IP Twins Identitool which allows you to specify the category of TLD (Geographic, New gTLD, Linguuistic, etc) you want to search for. It will then present the results in a table that allows you to quickly see if a domain is taken and link through to the WHOIS.

If you find there are domains that are utilising the same keyword you may find that rather than be an opportunity for you in terms of selling the name but a threat in that they may be infringing on your intellectual property. In either case, contact a specialist who can either advise on the best approach to selling the domain or will be able to give advice on the action you can take to have the infringing content, and potentially the domain name itself, removed.

What incoming or outgoing links are there to any websites that the domain name resolves to?

It is very important to understand whether the domain name is being linked in any way. Naturally, if the domain name that you are checking doesn’t resolve, and hasn’t done for some time, the issue of backlinks is irrelevant. However, it is useful to understand if there are any websites that still have links to your website.

This is one area where the free tools that are available are limited – one tool that can give you an overview of the links is this backlink checker. Naturally, it is hard to understand fully where your domain name is being linked to, and where you are linking to. Using Google Analytics will be able to give you some idea of any inbound links that are producing traffic.

There’s a word of warning here that if you do delete domain names that have inbound links then there are tools that can identify domain names that are about to, or available to register that has inbound traffic. This Google article may be useful to understand how you can handle backlinks that may be an issue.

Does the domain name have any monetary value?

One short cut that many people take in the steps to determine whether a domain name can be deleted is to do a quick appraisal and then if the value is less than the renewal cost, simply delete it. Whilst this is a quick and dirty step, it does give some idea of further investigation. A number of registrars offer valuation services but we would recommend using which enables anyone to get an almost immediate value on a domain name for free, as well as some useful analytics such as if other popular TLDs are available, some Google AdWord data and search insights. If you are looking at deleting a bunch of names then it may be worth setting up an account with them as bulk actions such as valuations can be run very easily. They also offer a bunch of other tools and API access.

Great news that you have reached this far! Now we move onto the final set of checks you need to make in our next post as well as some of the tools available to make sure your portfolio stays in tip-top shape.

Deleting Domain Names – Part 1

So, you have a list of domain names that you think produce no value for the organisation. Or, perhaps you have been tasked with identifying the domains that you should consider deleting to meet your budget number. Where do you start?

The key is that you understand the value that every domain name generates for you, whether measured by return from e-commerce on that domain name, brand and IP protection or more traditional marketing methodologies such as page views, bounce rates, clicks and so on.

For organisations that have thousands of domain names trying to get a handle on which domain names add value and which are worthless can be a daunting task, especially if a portfolio has simply been left to mushroom over the years. The fads of single, double and dare I say, treble hyphenated keywords have long gone, consigned to the SEO bad practice waste bin, but the domain names are still there in the portfolio. Registrars aren’t generous to let you renew domain names for nothing if you aren’t using them unfortunately – they have to pay the registries. Therefore, as part of an adoption of the principles of maintaining a healthy domain name portfolio that balances the risks and rewards of the digital landscape, understanding what domain names could and should be deleted is an important step to take.

In this first part of the steps to take, we will focus on three particular questions that need to be answered. Most of the steps you need to take are not binary – they are not as simple as requiring a Yes/No answer. If it was that easy then the process would be simple but would create inherent risks of deleting domain names that do have value both to an organisation but also to others who could profit from the goodwill and intellectual property built up over many years.

For instance – if the first step was “Does the domain name resolve”, a “no” response isn’t cause enough to determine that the domain name is deleted. Suppose it doesn’t resolve because the web server is offline or that the registry’s DNS is down. A valuable domain name may be deleted because of issues outside of the sphere of control and influence.

To put that into perspective, how much revenue and brand recognition is associated directly with domain names such as, or And how much does their respective .com domain names cost to renew each year?

Whilst the steps below refer to a domain name in the singular, the steps can be carried out on a number of domain names at a time, based on the tools you may have available.

Step 1 – Where does your domain name resolve to?

Unless you really know where the domain both is supposed to and actually resolves to, then you cannot make a call on whether to keep it or not. As mentioned above, the resolution of a domain name not only depends on it having a valid IP address but also that IP address translating into a “thing” that works. This shouldn’t be binary. A domain name that resolves now may not resolve in 30 seconds for a number of reasons within and outside of your control. However it is important to understand where it is resolving and where to – the latter comes more into play in later steps.

The simplest way to check this is to put the domain name into a search box and press ‘Enter’. You will get an answer pretty quickly. But it is also important to understand the DNS settings for the domain name, which you can do by using a number of free online tools such as or

It is possible that a simple check like this may result in you getting a nasty surprise about where the domain name is currently resolving, in which case it is essential that you take action now to correct it before any (further) reputational or revenue damage is done.

Step 2 – Where does your domain name rank in natural search?

SEO is an expert art and something I profess to not knowing an awful lot about, but I do know that in order for any website, and thus the domain name, to be ranked by the search engines, it really needs to resolve. So once we have overcome the question in Step 1 we should understand whether the page/website the domain name resolves to has a natural search ranking. Rather than putting the whole domain name into a search bar, try adding just the keywords or the SLD (the characters to the left of the dot).

For domain names that contain key terms you may see, as well as the domain name in question, social media pages, Wikipedia entries and some other sites that have referenced the term. However, it is the result related to the domain name you want to understand, which may not be evident from the first few pages on natural search. The more you have to search for the domain name within the search results, the less value the name currently generates for the organisation.

Of course, the keywords that you use may not just be related to your organisation and there is a possibility that, as search trends change, the domain name may become more valuable. We will cover Google Trends a bit later but it is also good at this stage to understand what the trend data is for the keyword(s) used in the domain name.

Step 3 – Is there any AdWord campaigns still using the domain name or keywords?

It is possible that in big organisations one department may not always be on the same wavelength as another. So, you may be thinking of deleting a domain name which the marketing department have just built a brand new campaign around – unlikely but it has and does happen on occasion. Following the same process as in Step 2 will show you if there are any paid search campaigns running using the keywords of the domain. It will also reveal whether any of your competitors (or worse – infringers) are bidding on your keywords to divert traffic away. If yo do find the domain name being used as part of a campaign, you should investigate further before deleting the domain name.

Coming up in Part 2 – Who owns other domains that use the same keywords?, What incoming links are there to any websites that the domain name resolves to and Does the domain name have any monetary value?

Don’t delete your domains…

….until you really understand the impact of losing them.

This isn’t a public service announcement by the domain name industry who want to ensure that every domain is renewed for eternity. Whilst that would be especially pleasing for the registry operators and the registrars who sell the domains, it is never going to happen.

Everyone who holds a portfolio of domain names should periodically carry out an audit on them to see if they are returning any value. Whether you own a portfolio of a couple or tens of thousands, you need to ensure that they all still hold value for you.

“We don’t have enough domain names” is not something you will ever hear a portfolio manager within an organisation say. Every year the same pressure to reduce the cost of their portfolio will be had with their registrar, who of course wants to see them spend more. So, in one corner there is a party motivated to increase the protection of their intellectual property but at a lower cost, whilst in the other corner there is a party who also want to increase the protection of their intellectual property but by buying more domain names and associated services. There is never a win-win but a stalemate could be reducing the number of domain names that generate value for a firm with new services that do.

Value can be measured in a number of ways – it isn’t all about the money. Some domain names are held defensively by organisations, for instance, either because they have previously been used in an infringing manner, or they simply don’t want someone else to register them. Others will be held relating to old marketing campaigns, brands or slogans which still generate some traffic. And naturally, some will be held because of the resale value they have.

But there is a danger when reviewing portfolios that names could be marked for deletion that have a risk to an organisation or an individual if they fall into the wrong hands. There are plenty of stories about domain names that have been deleted because they appear worthless but end up being sold on for significant sums but these aren’t normally the domains that are of concern. It’s the ones that have some other, often hidden, intrinsic value that we should be concerned about.

Most domain names have a history. Normally, that history is good. Like a car, they may go through a number of careful owners, being let to lapse before being recycled through the domain name life cycle and out again onto the open market to be registered. If a domain name is used for a nefarious purpose it is quite hard to find that out when it is repurchased and new registrant may have to deal with the sins of its previous owners. But while they are being held in a portfolio, they can acquire attributes that make them more valuable than a cursory glance may seem.

Therefore it is prudent that as part of any regular review of your domain names, and especially before you delete or decide not to renew any, that you follow these steps to determine whether you are about to give away any valuable IP or put your brand at risk.

  1. Where does your domain name resolve to?
  2. Where does your domain name rank in natural search?
  3. Is there any AdWord campaigns still using the domain name or keywords?
  4. Who owns other domains that use the same keywords?
  5. What incoming links are there to any websites that the domain name resolves to?
  6. Does the domain name have any monetary value?
  7. Are there any trademarks that align to the domain name?
  8. How would you feel is your biggest competitor acquired the domain name and started actively using it?
  9. How has the domain name been used previously both internally and externally?
  10. Is the domain name on any black list?

For most organisations the marginal cost of holding a domain name is negligible yet the potential return or on the flip side, damage, is significant. Over the next few posts we will go into detail about why you should follow the ten point plan for every domain name that you are thinking of deleting just so you know that you are not harming any revenue or reputation that they underpin.

Whilst there is no foolproof way to ensure that domain names with value are not cancelled, following a process that ensures you have done your due diligence before you press Delete will almost certainly mitigate the risk.

Help, someone has hacked by email!

The number of attempts to phish someone by good old fashioned email continues to rise. Why? Because more often than not there is little or no cost in sending emails to an acquired distribution list and you only need one or two people hooked to make a profit.

Phishing attempts come in various forms – ranging from the “Deposed prince who needs your help to move millions out of his country” to “the opportunity to queue-jump the COVID-19 vaccination priority list”. Many will be undone by poor spelling and grammar, whilst others will be professionally designed and look genuine.

But often the giveaway is the senders address. Whilst the sender may appear genuine in your email client, the actual sending address often reveals, very quickly, that it is a scam. For instance, the sender may appear as “HMRC”, “NHS” or “First Direct” but when you click on the name it appears as coming from a gmail or yahoo email account, a sure giveaway that it isn’t genuine.

Wearing my hat as Chairman of Lewes FC, my contact details appear on a number of publicly accessible website and directories. That means I get a lot of spam and contacts from all sorts of organisations. But I also get phishing emails, also known as Business Continuity Email fraud, regularly sent from myself to myself asking for money “for a transfer” or the more popular one these days, Amazon gift cards for sponsors. I know I shouldn’t but I often keep a conversation going with them, asking why they need them now, why in dollars and who the sponsors are, all the while sending the emails from an account that clearly states who I am. To the fraudsters they don’t care – they think they have hooked me and just want their ill-gotten gains.

Whilst we need to all be vigilant in not being fooled by these attacks, what happens if the sending address does appear to be genuine? This is the danger of spoofed email addresses. Email spoofing is creation of an email header that appears to be from one party but has actually been sent by a third party. Because core email protocols do not have a built-in method of authenticating that the sender is who they say they are, it is commonplace for spam and phishing emails to use spoofing to trick the recipient into believing it is genuine.

Even if domain names are registered and in use by brand holders, they can be spoofed because of the way most email systems are set up. To stop their intellectual property being used in such a way, brand holders can take measures to prevent their domain names being spoofed. Barracuda Networks are one of the experts in this field and have provided the following advice:

Since the email protocol SMTP (Simple Mail Transfer Protocol) lacks authentication, it has historically been easy to spoof a sender address. As a result, most email providers have become experts at detecting and alerting users to spam, rather than rejecting it altogether. But several frameworks have been developed to allow authentication of incoming messages:

SPF (Sender Policy Framework): This checks whether a certain IP is authorized to send mail from a given domain. SPF may lead to false positives, and still requires the receiving server to do the work of checking an SPF record, and validating the email sender.

DKIM (Domain Key Identified Mail): This method uses a pair of cryptographic keys that are used to sign outgoing messages, and validate incoming messages. However, because DKIM is only used to sign specific pieces of a message, the message can be forwarded without breaking the validity of the signature. This is technique is referred to as a “replay attack”.

DMARC (Domain-Based Message Authentication, Reporting, and Conformance): This method gives a sender the option to let the receiver know whether its email is protected by SPF or DKIM, and what actions to take when dealing with mail that fails authentication. DMARC is not yet widely used.

Even if brands have defensively registered a domain name it should be protected against spoofing as these are often used by fraudsters in the knowledge that it may be less likely to be detected by the firm itself.

Most corporate-focused registrars offer these email security measures. With revenues and reputations at stake, why wouldn’t any brand want to take as many preventative measures as possible to protect both?

Fake vaccine emails giving people the needle

In the ongoing war against the fraudsters who continue to stoop to the lowest levels in exploiting the COVID-19 pandemic, there is no surprise that the vaccine is now being used as the hook to catch innocent victims. Emails similar to the one below are being sent in the latest attempt by scammers hoping to play on the fear, uncertainty and doubt that the pandemic has caused.

Action Fraud has received more than 1,000 reports of emails being received, with most including a call to action to confirm the appointment, which takes you to another website where personal and financial details are requested, an example of which can be seen on the left hand side. If you choose to ‘decline’ the invite then you will still be asked for your personal details so that you can be “removed from the list”.

The NHS do not charge for any of the vaccines and most people will receive an invitation for their first appointment by post, although some areas where local Medical Centres will send text or emails to those who have registered for such services.

Whilst you will be asked to bring ID with you to any appointment for the vaccine, there will never be a case where you have to submit this beforehand.

Unfortunately, technology has made it really easy for fraudsters to set up these scams. However, apart from the warning signs of the contact asking for personal and financial information, you can do some simple checks yourself to check the validity of any email or text you receive.

In the above instance, the domain name that resolves after following the link in the email is not registered to the NHS – it was in fact registered just a few days ago and the registrant details are hidden behind a privacy service run out of Panama. You only need to ask yourself whether a public body such as the NHS would choose to register a domain name like that to flag this may be a scam. Likewise, check the SENT FROM address in the email – not just the name of the sender, but clicking on that should reveal the sender’s details (although not always) which is often a gmail or hotmail address.

Whilst many of the emails will lack the look of authenticity, such as the example to the right, many others will be crafted to look almost identical to genuine messages that the NHS would normally send out. There may be some clues that all is not what it seems based on poor spelling and grammar (in the example to the right you can see the line “It then goes on to say” which wouldn’t be a sentenced used in the genuine email) but others may not be as badly written or edited.

Unfortunately, these attempted scams will just grow in number over the next few months whilst the vaccine is rolled out and we all need to play our part in being vigilant and not giving the fraudsters the opportunity to illicitly gain from their nefarious activity.

Do I not Like that?

Last week we looked at the increasing trend on Social Media for scammers to use multiple domain names for the same adverts. But that isn’t the only approach that those who want to steal our personal and financial information use. Let’s look this week at how the bad actors play on our incessant need to grab a bargain.

But first we need to make a very important, clear statement. Despite what you may see, it is very rare for major brands to give away something in exchange for a like, share, comment or retweet. It doesn’t matter how benevolent they may seem, you need to ask yourself one simple question before you engage. Why?

In our COVID-driven, recession-fuelled need for a bargain, we often leave sense at the door when it comes to giving away our personal and financial details online. There is a belief that if there is a logo in an advert it is genuine. Social Media wouldn’t let anyone pretending to be someone else advertise on their network after all, right?

Wrong. Fraudsters use exactly the same methods to win “customers” as genuine brands, whether that is via SEO, email marketing, cold calling and extensive use of social media. Many platforms allow advertisers, whether they have good intentions or not, to target their adverts to have the most impact or return on investment. They use a strategy to grab attention, create interest and then watch their offers grow as unassuming social media users share the information among their networks, creating multi-layers of opportunity from one initial, low cost, advert.

Let’s take the advert below as an example. For those who aren’t aware, Argos is an established High Street brand in the UK that sells a wide range of goods through their stores. You can go online, choose the products you want and either have them delivered or collect in store. However, they would never choose to advertise in this way.

For starters, let us ignore the poor grammar and spelling but concentrate on the offer. Argos has 50 “Curved” TVs. The picture shows they are Samsung TVs. Why not say that for a start? Perhaps because the word Samsung would be picked up by the Social Media platform as a brand name and be more likely to be scrutinised.

Secondly, why would Argos be prepared to give them away. What is stopping them selling them? If there was little damage, why wouldn’t they sell them as such? Retailers also have insurance that covers for stock damage which for 50 TVs would be worth a few thousand pounds.

Third. Why do you think the only criteria is to share and like the post? Because by liking and sharing it give authenticity to the offer. If 2,000 people like something it doesn’t sound fishy at all. They have 50 to give away and so it becomes very easy to choose 50 (or almost certainly more than 50) at random from the likes to give the TV’s away to. Except they aren’t giving them away totally for free. In scams like this you will be asked to pay a delivery or an admin/insurance/warranty fee – maybe something small like £50 but if 100 people are all doing the same, there is a nice profit from a small ad at minimal cost. Naturally, there isn’t any TV and once the money has been paid, the “brand” will disappear.

Looking at the advert itself is enough to surely make you realise all is not well. The spelling (aloud rather than allowed, fulling instead of fully) and the grammar (capital R in Returned, TV’s rather than TVs) would not pass inspection with any brands who were advertising on or off line, whilst there is no branding in the photos that would back up this was a genuine offer.

Major brands do not offer goods and services this way. Whilst we may want to believe it is true and the general altruistic values they may have, there is no value for them in doing this.

The more people that do engage, like and share, the more the fraudsters will continue with their nefarious campaigns. We all have a part to play in this. Always question why a brand may be offering such deals, bargains or the like and remember, if it looks too good to be true, it probably is!

Avoiding the sting of a fake COVID vaccine

It seems that there doesn’t seem to be a week rolling by at the moment without a new COVID-19 vaccine being ready for distribution after completing initial trials. As of the end of February there are vaccines being used produced by Oxford-AstraZeneca, Pfizer/BioNtech and Moderna with the Novavax and Johnson & Johnson versions close to being available. This is fantastic news in the crusade to vaccinate as many people as possible so we can all return to as normal a life as possible.

In the UK we have been living under full or partial lockdown for almost a year. That has had a huge impact on everyone both physically and mentally. Over 100,000 lives have been lost and countless families have been impacted. Thousands of businesses have been forced to close and unemployment continues to rise as a result. Therefore, the demand for the vaccination is growing all the time.

That vacuum created by the increasing demand and the scarce supply of vaccinations is being filled, to some extent by fraudsters who are targeting the most vulnerable and needy with offers to buy the vaccine now rather than wait for it to be administered for free based on the health authorities prioritisation list.

Bolster, the fraud prevention company published a report last week that looked at the rise in domain name registrations from the past year that featured the worlds ‘vaccine’ and ‘COVID’. Almost 12,500 domain names were registered with those keywords in 2020. A large number will be genuine, with some firms registering domain names featuring relevant keywords to let customers know what they are doing about the pandemic.

In the last 7 days there have been over 650 domain names registered that start with the word “covid” according to a search through, whilst there is almost 800 more that have the word somewhere in the domain name, across a variety of TLDs. There are also nearly 150 domain names featuring the word “covid” in the 1 million most popular websites in the world.

There have been calls to stop any registrations of domain names featuring such keywords, with NameCheap being one registrar who have placed restrictions on the registration of certain keywords relating to the pandemic. However, it is still far too easy for an opportunist to register a domain name and set up a website – for instance the domain name was registered on the day of the announcement of the rollout of that vaccine and a “coming soon” website lander added.

Domain registrations that contain the names of the manufacturers of vaccines such as”Pfizer” and “BioNTech” have increased since March 2020 – domain names referencing the two companies rose from just 13 in January 2020 to 343 in December 2020. In the case of Moderna, Bolster found 3,596 new domain registrations in 2020. rising from 114 in January 2020 to over 500 in December.

It isn’t just vaccines that are being fraudulently offered. Vaccine appointments for cash, fake home testing kits and miracle cures are still all too easy to find. With little return on investment required, fraudsters can quickly make a profit from unsuspecting and often desperate victims.

There are no shortcuts or alternative drugs. Whilst the roll-out and distribution of millions of vaccines is a logistical headache for all governments, it will happen. Patience is the key and if you do come across any offers that look too good to be true, they undoubtedly will be and could potentially do you more harm than good.