US songstress Taylor Swift has been defensively registering new adult-themed generic Top Level Domains (gTLDs) in a bid to head off phishers, cybersquatters and the like.
The 25-year-old American singer-songwriter, or more likely her management team, made the proactive move of buying up TaylorSwift.porn and TaylorSwift.adult – two of the new gTLDs which go on public sale on 1 June, according to the BBC.
At $99 each, they’re not the most expensive new gTLDs around – with some apparently costing over $2000.
The introduction of a potentially limitless number of new TLDs after internet oversight body Icann relaxed its rules in 2011 presents a major problem for brand managers and trademark experts.
But it also presents challenges to IT security teams keen to minimize the risk of their organization’s brand being abused in phishing attacks and other campaigns.
Defensive registration is the practice of buying up domains relevant to your brand before malicious actors can do so and use them to make money.
Microsoft, for example, has registered Office.porn and Office.adult – two names it is unlikely to actually use.
The process was just about manageable with only 22 TLDs, but now represents an increasingly costly endeavor.
Paul Vlissidis, director of the .trust division at security consultancy NCC Group, argued that it was understandable celebrities like Swift needed to protect their brand by purchasing new domains.
"The problem is that it is becoming increasingly difficult to do this with the proliferation of new gTLDs, as it will be almost impossible to buy all the different variations,” he said.
“There will soon be hundreds of domain names available, which will inevitably cause confusion and could lead to an increase in phishing attacks as cyber-criminals look to take advantage of this.”
At the last count, there were nearly 550 top level domains, but new ones are being approved all the time.
The roll-out of internationalized domain names (IDNs) in Simplified Chinese and other popular scripts will make matters even more complex for brand managers.
A Trademark Clearinghouse, run by IBM and Deloitte, allows brands to register their exact names to avoid online fraudsters abusing them on the web.
However, it doesn’t deal with all the various permutations and similar-sounding names scammers often use to trick users into thinking they’re visiting a genuine web property run by an Apple or Pepsi.