Domain names have become a critical component of business branding, allowing a business’s website and email address to be easily identified by the public. Consequently, issues pertaining to fraudulent domain names are not a new occurrence. To minimize the risk of falling victim to scams, misleading customers or damaging your brand, it is essential for businesses to actively monitor for potential domain name fraud. Prompt intervention can often mitigate these risks.
In this three-part series, we provide an overview of domain name fraud as it stands today by focusing on the following topics:
- Part I: The current landscape of domain name fraud and helpful identification methods
- Part II: Best practices for preventing and preparing for such threats
- Part III: Effective ways to respond once a fraudulent domain has been identified
Responding
Once you have identified a fraudulent domain name, it is important to respond quickly to reduce any further risks to your organization.
1. Understanding the Structure
At the top of the domain name system (DNS) is ICANN (Internet Corporation for Assigned Names and Numbers), which oversees the global coordination of domain names and delegates the governing authority for each top-level domain (TLD) (such as “.ca,” “.com,” “.net”) to a top-level domain registry. Each top-level domain registry, such as CIRA for “.ca” domains, maintains the official database of all domain names under its TLD and ensures each one is unique and properly configured. These domain registries also accredit domain name registrars, which are companies that sell and manage domain names for businesses and individuals.
When a company registers a domain through a registrar, the registrar submits the domain information to the domain registry. The company then configures DNS settings through the registrar to route traffic appropriately. This layered structure ensures that domain names are globally coordinated, functional and securely managed, giving businesses control over their online presence.
All levels of this structure are involved in the domain name complaint process.
2. Contacting the Registrar
The first step in responding to domain name fraud is to contact the appropriate domain registrar and request that the fraudulent domain name be rendered inactive and non-transferable. Most registrars provide online forms or email-based procedures for reporting abuse. It is possible to identify the registrar by consulting the WHOIS database, a publicly accessible directory that stores information about registered domain names.
Prior to contacting the registrar, however, it is best practice to consult your breach coach or legal counsel to facilitate the complaint process and ensure compliance with the registrar’s procedures. These professionals can:
- Assist in drafting a cease-and-desist letter that clearly outlines the basis for the complaint, citing applicable intellectual property laws and the registrar’s policies
- Gather the necessary supporting evidence, such as proof of trademark ownership, instances of consumer confusion or fraudulent activity linked to the domain
- Facilitate communication with the registrar, whose responsiveness and enforcement policies may vary
- Keep a written record of the incident and the response taken by the organization to prevent any further illegal activity
It is important to note that the registrar may not comply with such a request. Additionally, deactivating a fraudulent domain is not a permanent solution, as scammers can use multiple variations of a brand’s domain name to continue to perpetrate fraud. Scammers may register new domain variations, switch top-level domains (e.g., from “.com” to “.net”), or re-register the same domain with a different registrar that has weaker enforcement mechanisms as discussed in Part I of this series. As such, it is important to remain vigilant once an incident occurs.
3. Domain Name Dispute Resolution
The registration and use of domain names are governed by dispute resolution policies, which means that registrants may be subject to arbitration in the event of a conflict. These proceedings are generally cost-efficient and quick and can result in the transfer of the domain name to the complainant or the cancellation of the domain name. Filing such a complaint can be effective when a registrar fails to remove a fraudulent domain name. It also creates a documented record of the scam, demonstrates the complainant’s interest in the domain name and shows that the complainant acted with due diligence when confronted with fraudulent activity.
We note that a complainant may alternatively chose to file their claim with the court, especially if the complainant has other causes of action and/or remedies sought. However, litigation is more costly and time-consuming than arbitration.
Should you wish to file a complaint, it will be governed by the applicable dispute resolution policy, which varies depending on the top-level domain of the domain name in question, and typically resolved through arbitration. The most widely recognized dispute resolution mechanism is the Uniform Domain Name Dispute Resolution Policy (UDRP), which covers generic TLDs (gTLDs) such as “.com,” “.org,” “.net,” and some country-code TLDs (ccTLDs) that have adopted it.
Other domain-specific dispute resolution governing entities and policies exist, such as the Canadian Internet Registration Authority (CIRA) Domain Name Dispute Resolution Policy (CDRP) which manages disputes for “.ca” domain names, the EURid’s ADR (Alternative Dispute Settlement Rules) for “.eu” domain names and the Nominet DRS (Dispute Resolution Service) for “.uk” domain names.
While each policy has distinct procedural rules, they generally follow the UDRP framework. Prior to filing any complaints, it is important to determine which policy or policies apply to the fraudulent domain name and decide which dispute resolution service to engage with.
Filing a Complaint
When filing a complaint under the UDRP framework, the complainant must establish that:
- The registered disputed domain name is confusingly similar to the mark;
- The registrant has no legitimate interest in the domain name; and
- The registrant registered the domain name in bad faith.
Once a complaint is submitted, the defendant can submit a defence. While in most cases a scammer will not provide a defence, the complainant is nonetheless required to present a convincing and well-documented case to the arbitration panel to facilitate a favorable outcome. The complaint is subsequently reviewed by an arbitration panel that assesses the presented evidence and legal arguments. If the panel decides in favour of the complainant, most complainants will request the transfer of the disputed domain name to them.
Given the procedural and evidentiary requirements involved, it is recommended that complainants consult legal counsel to ensure compliance with the applicable dispute resolution policy and facilitate the dispute process.
For more information on domain name dispute resolution and how your organization can file a complaint, please contact the authors or any other member of our Cybersecurity group.
Related Insights
Blakes and Blakes Business Class communications are intended for informational purposes only and do not constitute legal advice or an opinion on any issue. We would be pleased to provide additional details or advice about specific situations if desired.
For permission to republish this content, please contact the Blakes Client Relations & Marketing Department at [email protected].
© 2025 Blake, Cassels & Graydon LLP
