Steps to quickly address the reputational risks of this internet hoax
Recently a bank in Wisconsin experienced the event know as website spoofing that resulted in customers receiving emails that appeared to come from the bank, but were part of apparent malicious activity related to the copy of the website. Website spoofing is the act of creating a website as a hoax or potentially as a theft of the images, or this may simply be mimicking your website in order to send out malicious (phishing) emails. In either case, the spoofing website potentially could contain copyrighted material. The intent could be of simply misleading readers attempting to perform malicious activity such as theft of customer credentials, or simply an abuse to the reputation of the impacted institution. Normally, the spoofed website will adopt a very close design from the target website and may simply have a similar URL, often using the spoofed website URL with a letter or two changed.
A more sophisticated attack results in the attacker creating a "shadow copy" of the "www" by having the victim's traffic go through the attacker's machine, causing the attacker to be able to obtain the victim's sensitive information.
Spam, Copyright, Trademark, Morally Objection Content, and Defamation Complaints can all be part of what you are experiencing. If you believe the domain using your services is engaged in spam, abuse, or any illegal or unlawful activity you will want to take action quickly.
The Digital Millennium Copyright Act (DMCA) criminalizes the act of circumventing an access control, whether there is actual infringement of copyright itself or not. A DMCA takedown notice is sent by a copyright holder to a web host or hosting registrar, requesting removal of infringing content or take down/blocking of the offending URL. DMCA identifies that a hosting company must remove content from a user's website that may appear to constitute copyright infringement after the host receives proper notice or the host loses safe harbor and can be sued. Material does not need to be registered with the U.S. Copyright Office in order for you to request a takedown. It is possible to take action on what the law already supports. Consider involving legal counsel when taking these types of actions.
There are really quite simple steps required to request a takedown and stop the offending actions.
- Take screenshots of the infringing site, and document the URL.
- Locate the website's host.
- Determine the Copyright Agent.
- Draft the takedown notice.
- Reach out to the registrar and/or to the hosting company, inform them of your copyrighted material on the spoofed site, any other malicious activity (phishing) or problems (reputation issues), and the site will hopefully be taken down promptly.
WhoisProtectService.net is an example of a service that can assist with the takedown process. They are a provider of domain names, registration privacy, and proxy services. The company has been involved in the domain name registration business for many years. WhoisProtectService.net registration privacy service conceals your domain's public WHOIS record, containing your actual contact and personal information, from common harassments such as spammers, scammers, stalkers, telemarketers, identity thieves, and any other third parties who might be using your personal and contact information without your consent.
Another source of assistance and place that the issue should be reported to is the Wisconsin Statewide Intelligence Center (WSIC) at www.wifusion.org, email@example.com or call them at 888-DCI-WSIC (324-9742).
There are also very good resources available from the Anti-Phishing Working Group's sponsoring members that can be found at https://apwg.org/sponsor-solutions.