Domain name-based brand targeting negatively affects both reputation and bottom line. Awareness of emerging threats is a critical piece of the brand protection puzzle. Here we examine how bad actors are combining new metaverse / web3 themes with brand names in traditional TLDs and explore options to strengthen defensive registration strategies.
The ‘Goldilocks’ principle is a core challenge of brand protection in the domain name space; businesses frequently struggle to find the “right” level of defensive coverage vis-à-vis their mission-critical brands. There is no blanket solution, and adequate scope for one brand may be insufficient for the next. An effective defensive registration strategy requires hard data for businesses to make informed decisions based upon the characteristics of their own unique brands.
Protecting brands in the non-fungible token (NFT) domain name space
Until recently, businesses needed to police their brands across a modest 1,502 active ICANN-approved Top Level Domains (TLDs). The nascent Web3 model of the world wide web aims to upend the current DNS (Domain Name System) paradigm, wherein a handful of businesses functionally own most of the user content via their platforms, and ICANN (Internet Corporation for Assigned Names and Numbers) oversees the (root zone) delivery mechanism. NFT (Non Fungible Token) domains and the alternative root-dependent TLDs which support them have introduced yet another set of TLDs for brand owners to monitor.
Through our MarkMonitor™ domain experts, Clarivate will soon offer a new service to help brands protect themselves in the age of blockchain: NFT Domain Protection Services. With NFT Domain Protection Services, Clarivate will help brand owners block the registration of trademarked NFT domains, enabling brand owners to protect IP (Intellectual Property) assets on public blockchains.
Emerging space, traditional threats
While active Web3 usages are most likely to develop within the NFT domain space, bad actors are not ignoring traditional TLDs in their targeting activities. To complement the upcoming launch of NFT domain protection services, here we examine the traditional TLD space, supplying a more holistic picture of brand protection considerations.
While much of the terminology surrounding this space has existed for most of a decade, we observed an industry-wide ripple effect starting in October 2021 when Facebook rebranded as ‘Meta’; shorthand for the ‘metaverse’ concept which dovetails with Web3.
To supply guidance on the question of what defensive registrations may make sense in the traditional TLD space, we looked at cybersquatting activity by asking three questions:
- How severe is the global brand targeting in domain variants incorporating a well-known brand and either the ‘meta’ or ‘metaverse’ term?
- How aggressively are our clients being targeted in the .com TLD across a larger set of Web3 / metaverse terms conflated with a brand?
- Has arbitration activity escalated since Facebook’s October 2021 re-brand?
Global meta and metaverse infringements
To serve as a proxy for ‘well-known global brands’, we utilized the 2021 Interbrand (100) Best Global Brands list. From a starting point of nearly 500,000 domain names containing either the meta or metaverse term, we culled to names also including one of the Interbrand brands, and further scrubbed the list to remove domains owned by the brand owners. To prevent inflated averages arising from specific targeting of Meta/Facebook, we removed the Facebook and Instagram brands from the results and still saw an average of nearly nine infringing registrations per brand. 98% of the registrations occurred in either 2021 or 2022:
We also looked at the infringement distribution by TLD and found comparable results with respect to TLD targeting across the two terms:
After verifying that the heaviest infringement is occurring in the .com TLD, we narrowed the TLD focus while also expanding the left-of-dot variants to a wider group of terms related to Web3, the metaverse, cryptocurrencies and the NFT space. This time we focused on our own customer brands in the brandterm.com and termbrand.com forms. Results reflect aggressive cybersquatting:
Lastly, we looked at domain arbitration activity since the Facebook re-brand to determine if brand owners are beginning to see increased enforcement costs relating to the spike in registrations. We observed the following activity occurring since October of 2021. By contrast, only one case was filed prior to October 2021 which represented a clear instance of a brand conflated with either the meta or metaverse term. 80% of domain names were .com, again reflecting a need to prioritize defensive .com registrations:
Conclusions and recommendations
Brand targeting is primarily occurring in the .com TLD and defensive strategies should make this TLD the focus. Brands looking to expand coverage beyond the .com TLD should first look to .net, .xyz, and .io. The most heavily targeted domain variants in descending order are metabrand.com, brandcoin.com, brandnft.com, and cryptobrand.com.
Each business is best positioned to judge risk levels for its own individual brands and should have a firm understanding of the level of targeting each brand is subject to in the domain space. Joining observations presented here to that knowledge provides an actionable framework for defensive registration strategies. MarkMonitor customers may also contact a MarkMonitor Domain Portfolio Advisor for deeper lists of targeted suggestions as deemed necessary.
If you would like to learn about the brand protection solutions available through MarkMonitor we invite you to read our latest whitepaper: Brand Protection: Blocking, Monitoring & Enforcing Domain Name Rights. We also invite you to join our webinars, regularly held all year round. This year in addition to domain brand protection strategies we will also dive into NFT domain names and the impact of blockchain on IP. Register here.
Chris Melka is a Senior Consultant, Domain Strategy with MarkMonitor at Clarivate and has more than 15 years of experience in the domain industry, having worked in a variety of operational and strategic roles over that time.
 Source: Dataprovider.com. Including long-tail variants, e.g., metabrandlogon.tld.
 bitcoin, blockchain, coin, crypto, dao, defi, digitalwallet, meta, metaverse, nft, wallet, web3.
 The top 500 MarkMonitor customer brands as determined by current scope of domain registrations supporting the brand.
 Sources: Darts-IP domain arbitration database & udrpsearch.com. Cases involving three domain names were filed and withdrawn over this time.