With technology becoming increasingly widespread and sophisticated, brandjacking has become a more common threat for businesses. Brandjacking is a concern organizations should be aware of and guard against, as it can lead to revenue loss and irreparable damage to your company’s image.
Your brand is your identity, and the perception of your company and its success depend on how you manage it. In this blog post, we'll define brandjacking, discuss the most common methods, and identify measures your organization can take to protect itself from malicious actors.
What Is Brandjacking?
A blend of the words "brand" and "hijacking," brandjacking is the unauthorized use or acquisition of a company’s, brand’s, or individual’s online identity. Brandjacking has become more prevalent and high profile because of social media and the ease of creating fake accounts.
Brandjacking can be challenging to conceptualize because the common understanding of “brand” can encompass various definitions. Often the term is used interchangeably with brand name impersonation. Even more surprisingly, brandjacking isn't illegal for all the reputational damage it can cause. The brandjacking upside? Malicious actors are not original, and your business can be aware of some routine instances of brandjacking.
The Different Forms of Brandjacking
Here are some of the primary forms of brandjacking:
Brand Name Impersonation
Brand name impersonation is using a brand’s name or likeness to promote a product without consent. This type of trademark infringement often occurs online and can be performed by individuals or companies posing as legitimate brand representatives. It may take on the form of deceptive advertising campaigns, attempts at getting customers to sign up for services using a genuine brand’s reputation, or even fake accounts created in a brand’s name. The damages this practice can have on a brand’s reputation are vast, making it difficult for victimized companies to recover.
In 2005, Target made headlines when it revealed that it was removing gender descriptions from in-store signs in the children's toy section. This decision caused controversy, with people flocking to Facebook to share their opinions. Seizing this opportunity, an account named "Ask for Help," using Target's logo as the profile picture, began responding inappropriately to disgruntled customers.
Ultimately, Target had to issue an official statement indicating that a fraudster penned the inflammatory responses.
Social Media Piggybacking
Social media piggybacking (or piggyback marketing) involves taking advantage of a popular post, hashtag, or piece of content on social media from another brand to redirect users to your page or website. Piggybacking also refers to interacting with, posting about, and sending messages to that brand’s intended audience. Social media piggybacking allows brands to gain visibility and engagement without creating content from scratch.
Established banking brands US Bank, Chase, Citi, and Capital One have recently broadened their social appeal by piggybacking their brands on popular social media celebrities. In essence, this tactic helps the institutions mentioned above to cut through the internet noise and use a well-known social media brand name to build their own.
Brand Name Mentions
Brand mentions are online references to your company, product, or brand. These mentions appear in product reviews, blog posts, social media posts, and news articles. Writing a blog, article, or content containing a competitor’s brand name is one of the most common and fundamental forms of brandjacking.
A prime example is creating a list-type article, or "listicle," about a subject within a specific market or geographical region. For example, a competitor law firm specializing in patent law might create a post entitled "The 10 Best Patent Law Firms.” By mentioning other law firms, the competitor increases the chances that its website or ad will appear on search results if a customer looks up competing brands online. It’s important to monitor brand mentions because they can cause customer confusion or revenue loss if the mention is negative.
Cybersquatting is “squatting” on a domain name with the intent to profit from the goodwill of the rightful owner's trademark. It includes registering, buying, or using a domain name identical or similar to an existing brand in bad faith. This practice takes advantage of internet users who mistakenly type in a word believing they will connect to the trademark holder's website.
Cybersquatting is not a new phenomenon. The well-known organization, People for the Ethical Treatment of Animals (PETA) has an established reputation for animal protection and anti-fur activism. As a nonprofit organization, its website, peta.org, has the ".org" top-level domain (TLD). In 1995, Michael Doughney discovered that the domain name, peta.com, was available for purchase. He registered it and branded it “People Eating Tasty Animals.” He then used the website to sell leather goods and meats.
Michael Doughney’s actions contradicted PETA’s mission and were considered detrimental to PETA’s brand. PETA successfully sued him and won, attaining legal rights over the domain peta.com. Today, PETA owns peta.com, and the site redirects website visitors to peta.org.
Interestingly, although the court ruled in PETA’s favor, Doughney did not pay for damages because his act was not judged malicious. This ruling underscores why it is so vital for organizations to remain vigilant in protecting their brands.
Google Ads Brandjacking
This is a common practice that involves bidding on keywords that include another brand's name, which can lead to competitor ads appearing in search results for that brand, even if the company itself did not create the ad.
How to Protect Your Organization from Brandjacking
There are several different approaches organizations can use to mitigate brandjacking:
- Pre-emptive registration of trademarks and domain names. Buying key domain names like your existing domain is one of the most effective ways to protect your brand against brandjacking. Buying relevant domain names will prevent others from purchasing and using them with malicious intent. For example, www.googel.com takes users to www.google.com.
- Use social listening tools. One of the best brand protection tools, social listening tools, allows you to track conversations in real-time to stay on top of public opinion about your brand. These tools give you alerts that immediately notify you of suspicious activity. Establish a listening protocol for your team and adjust your notification settings accordingly.
- Have a crisis management plan. A possible response is sending a “cease-and-desist” letter to brandjackers. As mentioned before, brandjacking is not technically illegal, so the threat of legal action might not have strong teeth. However, a “cease-and-desist” letter does help to send a clear message that your organization will not tolerate brandjacking if it goes on for a prolonged period. Generally, a week is a reasonable period for a brandjacker to stop the attack.
- Learn from other organizations. Top brands are proactive about protecting their reputation. PayPal, which has been victimized by brandjackers multiple times, routinely alerts customers about new scams. Additionally, PayPal uses media to educate its employees and customers about the most common and emerging online risks.
By combining these methods in your overall security strategy, your brand can remain safe from potential threat actors.
How Can OSINT Help Protect Your Organization from Brandjacking?
Due to the publicly available data explosion in recent years, organizations recognize the value of using open-source intelligence (OSINT) techniques in their security strategy. At LifeRaft, our unified intelligence platform, Navigator, automates data point collection and filtering, and features investigative tools that explore and validate threats across the board. Navigator is a valuable OSINT tool with many applications, including safeguarding your organization against brandjacking. With Navigator, your business can stay ahead of emerging threats and make informed decisions quickly.
The Bottom Line on Brandjacking
Brandjacking can devastate reputation and bottom-line profits, so proper safeguarding is essential. Understanding the most common forms of brandjacking and developing a strategy will give you the best chance of success in protecting your hard-earned reputation. At LifeRaft, we understand the complexities of protecting your brand and OSINT can be a valuable part of your security toolkit. Contact us today, and let's start a conversation about crafting a strategy tailored to your organization's needs.