• by Judy Warner , May 3, 2007

They're savvy, as adaptive as chameleons, and they're coming for your brand. The number of brandjackers, those online bandits that each week hack into legitimate sites for their own illegitimate purposes, is on the rise.

From cyber squatting to domain kiting, a new study by an Internet security company that has been studying the issue finds that the brands most targeted for attack are those consumers expect to be the most secure: financial services and media companies.

"Media companies draw the greatest Web site traffic, and financial services companies draw the highest premiums for pay-per-click keywords, making them especially attractive targets for brand abuse," says MarkMonitor's vice president/communications Te Smith.

Financial services companies accounted for 41% of all phishing attacks during the first quarter of this year, a jump from 29% during the same period a year earlier.

The yield for online banking credentials is "incredibly high" for phishers, making it no surprise that financial services companies are so often the targets of abuse. Brandjackers also prey on customer confusion resulting from myriad mergers and security system upgrades, she says.

These abuses can add up to big money, too," Smith says. "Customer support centers increase and ad dollars are lost to so-called traffic diversion. Ultimately, these threats contribute to a loss of control for brand owners in how their brands are perceived in the marketplace and threaten customer trust and loyalty, the greatest brand assets of all."

The April 2007 "Brandjacking Index" tracked weekly samples of data provided by ISPs and e-mail providers in March and April of 25 brands in eight vertical segments culled from the 2006 Top 100 Interbrand listing.

Cyber squatting--the unauthorized use of a brand in a domain name--is the most frequent form of abuse and leads to other exploitations such as pay-per-click fraud and kiting.

Online crooks are becoming more astute marketers, notes MarkMonitor CMO Frederick Felman. "Brand abusers employ online marketing techniques such as search engine optimization to siphon traffic from reputable sites," he says.

The number of brands phished each month reached an all-time high of 229 in March compared to earlier studies, which MarkMonitor, a company that alerts others when their brand is being abused, attributed to more successful operations by the bad guys.

"Botnets and phish kites have reduced the technology requirements and resources needed to execute attacks," Felman says. "Phishers are adopting direct marketing methodologies to experiment with brands, evaluate efficiencies and exploit lax enforcement."

Marketers must keep a close eye on their brands online.

According to the report:

• Brandjackers find that the economic incentives to target large companies are substantial.
• Technology that aids large companies to market more effectively to their customers is also being employed by brandjackers to increase the return on their efforts.
• Brand owners have to rely on themselves for enforcement because regulation by government and non-governmental organizations is insufficient to protect companies and their customers.
• Large companies have trouble keeping up with the problem of enforcing their intellectual property rights because of the scale of abuse.

  It's 10 a.m. Do you know where your brand is?