Websites imitating and misrepresenting your brand can lead to your customers and prospects being targeted by bad actors. This can cause customer losses, reputational damage, and financial loss. Follow our 10-Steps below to takedown fraudulent websites.
1
Confirm the suspicious site is unauthorized
Has an internal team deployed the site? Does the site belong to an authorized re-seller, partner, or agent? If not, proceed to Step 2.
2
Determine the website’s objective
Does the site seek to defraud by stealing your customers’ or employees’ credentials, payment information, or other data? Is it infringing on trademarks or selling counterfeit goods?
3
Know what violations will/won’t be actioned
Google, for example, may blocklist a site engaging in fraud but is less likely to block a site infringing on a trademark.
4
Report scam sites engaging in fraud
Contact Google, Microsoft, Federal Trade Commission and report scam sites. Reporting the site to these organizations does not guarantee that they will take immediate action.
5
Identify web hosting provider and/or registrar for scam domain
Visit Whois Domain Lookup to find out where to send your takedown request. You may or may not receive a response to your request.
6
Gather your evidence to support your request
Take screenshots of the scam website and list the problem URLs. Then, include corresponding screenshots and URLs from your authentic web pages.
7
Understand the host’s or registrar’s reporting mechanisms and violation types
Search the name of the host or registrar along with “abuse.” This should take you to their website abuse policies and guidance pages.
8
Draft takedown order / cease and desist notice
The Internet Corporation for Assigned Names and Numbers (ICANN) provides a thorough 16-page document, Guidance for Domain Name Orders, Seizures & Takedowns. Pro Tip: Use the local language. Not everyone every provider operates in English. Google Translate can help.
9
Submit your request notice
The host or registrar’s abuse policy should contain a submission link. If not, many hosts and registrars have an “abuse@[host or registrar domain]” email for submissions.
10
Wait, follow up, and validate the removal
It can take multiple requests before a response is received and/or action is taken. You may file a complaint with ICANN Contractual Compliance Help Center. Removing fake websites can be a lengthy process, but they can help get results. Once you have confirmation it has been removed; you should validate that the URL is no longer live.
Related Articles
-
SharkBot Mobile Banking Trojan Embedded in Banking AppIn a recent mobile malware scan for one of our partners, Allure Security...
-
How to Handle Parked DomainsWhat is a Parked Domain? Many brands are unsure about parked domains with...
-
Fighting Search Engine Phishing: Malvertising and Bing AdsSearch Engine Advertising Risks When consumers search the internet, brands want to be...
-
Webinar: IT Leaders on Online Impersonation FraudSecurity against the Rising Threat of Impersonation Scams Cybersecurity remains a back-and-forth contest...
-
Fraudsters Abuse Dynamic DNS Subdomains For PhishingAllure Security has noted an increase in scammers utilizing dynamic DNS (DDNS) services....
-
Damn Filters Recovers from Poisoned Search Engine ResultsPoisoned Search Engine Results Damn Filters, a leading company in Kansas, sells online...