Trademark Policing: Ninja Techniques Of Online Reputation Management

  • Ignoring infringement can result in erosion of your brand, warns columnist Chris Silver Smith. He offers up some tips for online trademark policing.

    Trademark Infringement - Domain Names, Search Engines, Social Media

    For medium-to-large companies, proper trademark management is a vital component of business strategy and online reputation management. Many consider a brand to be a company’s most valuable asset. As such, the core identifying marks of a company must be secured and policed, particularly on the Internet where consumers research products and engage in commerce.

    Here are some ninja-level tips for policing and proactively blocking infringement.

    Online reputation management (ORM) is often concerned with minimizing chances of defamation or mitigating it once it’s already occurring. But a more subtle and potentially riskier issue is when a trademark is infringed on or eroded and negated.

    It’s one thing to have some dirt thrown on your name — that can be potentially washed off later. It’s quite another to have your name stolen from you completely, or for it to be eroded down until it can no longer be protected.

    The Elements Of Good Trademark Management

    Most business and marketing schools teach a number of skills for protecting brands through management practices that are based on legal realities of trademark law. Such practices can include things like writing corporate collateral use rules that may dictate the precise print and online colors used for brand marks, how much distance must be maintained around the marks, and other style conventions.

    Good trademark management also includes policing for unauthorized use of brand names and shutting them down, and most marketers totally get this. But it often eludes them as to how to go about effectively policing for common online trademark infringements.

    While working at Verizon, I learned a number of methods for online trademark policing, and I frequently assisted in providing information to the intellectual property department for potential enforcement.

    Since leaving Verizon and working for search marketing agencies, I’ve learned yet more methods and assisted on some trademark infringement lawsuits as well. I’m relating a few policing methods here and providing some proactive management tips as well.

    I think that most brand managers will either discover infringement as a matter of course, or they will search in Google for their trademark names, click through a few pages in the search results, and count themselves done — if they do that much policing. Indeed, you may uncover some flagrant trademark infringers in this way, but those usually would get caught anyway.

    Policing Tips & Techniques

    Here are additional policing techniques:

    • Search for brand knockoffs — Search through your top non-branded keyword phrase combinations, and click through every link on the first pages of search results for each — you may be surprised at what you find.

    Brand product knockoffs used to be relegated to street vendors like the shadowy backs of stalls along Canal Street in Manhattan. But brand counterfeits and knockoffs can also be found in Google and Bing. Pirates and counterfeiters are often quite savvy with online marketing, so the better ones may be flying below the radar, selling their goods even more effectively than the originating companies.

    I’ve seen cases where trademark infringers are actually being paid by the companies they infringe upon — as affiliates! You’ve invested a lot in your brand, so if someone else is using your identity elements to imitate you to increase consumers’ trust in them, you can’t allow that to continue.

    • Check your common misspellings — If you monitor your Web analytics, you’ll often discover that common misspellings of your brand name may be the most frequent keywords referring folks to your website from search engines.

    Google’s algorithms often learn these and will auto-correct for it. (Try searching for “coccacola”, for instance, and you’ll still see at the top of the search results.) But the problem is that if you have any brand recognition at all, your customers may often come to your website via direct navigation — typing your domain name into the browser address bar.

    If they misspell your domain name, where do they go? Brand infringers often register misspelled domains — i.e., “typosquatting” — in order to intercept that traffic, and they’ll either try to trick that hijacked traffic into buying a competitor’s products, or sell them your own products through affiliate links.

    Even more fun are the cases I’ve seen where the misspelled brand squatter is making advertising dollars off their website — and your company’s ad agency isn’t policing the fact that you’re now paying the cybersquatter for infringing!

    (Note: There is some complexity and difference in assessing where generic term combinations give coincidental appearance of infringement versus clear-cut/intentional infringement, so don’t always assume the worst.)

    • Do your research — Common misspellings can be easily discovered by doing a little research. There are guides to commonly misspelled words. You can also predict misspellings by considering how people are most likely to spell a name. I recall vividly how I used to be unable to spell “Motorola,” and I would misspell it with two “l”s — which was registered to a porn cybersquatter.

    Try spelling your domain as homonyms, spellings which sound like the originating name. Also try logical variations, such as singular/plural alternatives. For instance, “” vs. “”

    Finally, it’s useful to also explore misspellings based upon nearby letters on the keyboard for each letter in your name, as well as dropped letters. Like “” vs. “”.

    • Homographs and homoglyphs — Some of the most challenging policing involves attempting to detect domain homographs and homoglyphs.

    Homographic domains appear to be spelled identically to a targeted domain, but one or more letters has been replaced by a lookalike from another character set. For instance, if you replaced an English letter “A” in a domain with a lowercase Greek letter “Alpha” (e.g., www.cocα -colα.cn).

    Homoglyphic domains may look closely similar to the targeted domain, but one or more letters has been replaced by a character that resembles the replaced letter. For instance, if you replaced the letter “L” in a domain name with the number one, “1”, or replaced the letter “O” with zeros (e.g.,

    I would guess that most cases of these types of domain spoofing are done by unscrupulous individuals desiring to use the domains to trick consumers into giving their passwords so they can steal their identities or compromise financial accounts.

    The domains would allow them to send out Trojan-horse style emails pretending to be from your banks and credit cards — though simply cracking passwords for other websites and social media accounts often compromises everything for those who use the same passwords for accounts.

    Some technologists, including volunteers from Google, IBM and Microsoft, composed a list of “confusables” which might help you explore possible alternative homograph/homoglyph spellings of your domain name if you’re looking to police for this.

    • Police for possible infringement in competitor ads — For pay-per-click (PPC) advertising infringement, some marketers may not be aware that their brand names should not be incorporated in the ad copy used by competitors in most cases.

    Here’s the deal as I understand it (obvious disclaimer: I’m not an attorney, so don’t assume this is gospel legal advice nor that it necessarily applies identically in all states). It’s generally a “fair use” for a competitor to use your name in making comparisons (for example, the “Coke vs. Pepsi Challenge”).

    But it’s not OK for them to merely use your name in promotional materials such as ad copy. The search engines may allow competitors to target each other’s brand names as keywords, but the ad copy should not include your brand name if it’s your competitor’s ad.

    In fact, I’ve seen that Google attempts to automatically detect this, and disallow ads from running if it appears to contain a registered competitor mark. But don’t trust this protection in all cases — you still need to police for possible infringement in competitor ads.

    Newer or nonregistered brand names may not be automatically suppressed for your competitors’ ads. Even worse, I’ve seen cases in which very cagey PPC managers can bypass Google’s automated policing algorithms by using homographs/homoglyphs as I described above.

    And the trickiest method of all, which I even hesitate to mention publicly lest it give unethical marketers ideas: Incorporating a zero-width character into the ad copy can make a word appear identical to your brand name while it’s technically spelled differently so as to avoid detection by Google.

    • It’s not just domain names — Brand hijacking isn’t isolated to domain names, of course. It occurs daily on hundreds of different social media services platforms such as Facebook, Twitter, Instagram, Pinterest, etc. It’s particularly an issue for those services that allow individuals to specify unique usernames which may then be incorporated into the profile URLs (for example:

    It’s useful to check out the usernames of all the variations I mentioned above — alternate spellings, plural/singular, homographs, and homoglyphs.

    Tools You Can Use

    I used to use Microsoft’s experimental tool, Strider Typo Patrol, in policing for domain name infringement, but it wasn’t updated over time and doesn’t work on contemporary PCs.

    VeraLab’s free domain typo detection tool is pretty good, if a little clunky — it will automatically generate a number of misspellings for you and then check to see if there are domains registered for them. I ran it while writing this for “” and discovered a few potential typosquatters like:,,,,,,,,,, and (WARNING: I advise that you don’t go to these because some appear to be malware infector sites. The folks overseeing Search Engine Land might now explore whether they wish to do anything about these domains.) The VeraLab tool doesn’t appear to check for the homographs/homoglyphs, so you’d still want to check some of the more obvious possible combos separately.

    You can also diligently generate a whole set of variations on your brand name by listing out misspellings and incorporating the list of Confusables I linked above, and then checking those periodically for domain registrations and social media profile names.

    If you have a whole list, you could use Hexillion’s free Domain Dossier tool to check for up to 50 domain names per month for registrations and return the domain name owner information for matches.

    If you have many more combination names to check, it may be well worth contracting with them for bulk checking or to use their API. KnowEm provides a free search box that will check for both domain and social media names on its website.


    If you’re not somewhat familiar with what to look for or how to go about it, you may be better off contracting with a firm to monitor for potential infringement on your behalf.

    MarkMonitor is perhaps the best-known of these, although I suspect their pricing may not be practical for many smaller companies. (Disclosure: MarkMonitor is operated by Thomson Reuters, and I am a member of the SEO Advisory Board for FindLaw, another company operated by Thomson Reuters.)

    There are a number of other companies and services for various types of brand monitoring as well. It’s my experience that no one company or tool is really sufficient for this brand policing — thorough policing requires a mixture of a few different companies, tools and methods.

    You should check for brand-jacking like this periodically for domain names and social media usernames. The frequency will depend partly on the popularity of your brand name. For super-popular brands, there’s likely to be some degree of infringement attempted monthly. For smaller companies and brands, it may be only necessary to check yearly or biyearly.

    If your policing uncovers any infringement, you may then need to engage in enforcement or defensive activities. Some of these may be done by marketing staff, such as submitting requests to social media companies to remove or obtain fake profiles that pretend to be operated by your company, or which may be otherwise infringing. But it’s likely you’ll need to work with your legal staff at this point before proceeding further.

    Proactive Management Tips

    A lot of policing might be avoided altogether if you employ fairly effective proactive brand management at the outset. So, here are a few more tips:

    • You may have branded names for products or services that are separate from your main company brand name. You may decide not to use a special domain name for those or separate social media accounts to promote them. But it’s still a good idea to proactively reserve those domains and social media profile names when possible so that you could opt to use them in the future.

    That helps to keep them from being hijacked. I once discovered for a client that one of their brand name domain names had been registered by a former employee — and was being used to sell products in competition with them!

    Obtain domains and brand names proactively when you begin planning to launch a brand name, or once you start to gain traction on the name you may find others trying to hold your names.

    Remember back when Bell Atlantic and GTE merged? They proactively registered hundreds of domain names prior to announcing their new company name, Verizon. You may not need to go quite that far with your company, but the concept is pretty good.

    Grab your most-common name variations before you launch a new brand name and you won’t need to worry about what other people are doing with them. I understand that a number of pharmaceutical companies do this when they’re about to launch a new drug name — all industries would benefit from the concept of obtaining names at the outset, before you announce your new brand asset.

    • Even if the cat’s already out of the bag, and you didn’t grab all the name territory for your brand, you can still proactively register these names if you believe you could be a target for brand-jacking. Just grabbing your primary domain name variations and usernames on most popular social media services can reduce your vulnerability.

    • Leverage a service to grab names in bulk. KnowEm, which I mentioned earlier, is a great service for rapidly reserving your name on multiple social media platforms. You can do this by hand, but unless you intend to be diligent, get it done quickly by using a service that is devoted to this.

    • Domain names are so cheap that it seems irrational not to buy one proactively when you’re about to launch a new brand name (or even a service mark or major tagline). Just because you don’t plan to operate a standalone website for a new brand doesn’t mean you don’t have the means to operate the domain — just redirect it to your main domain URL until, or if you want to, operate it separately.

    • Proactive development isn’t merely about promotion. This is an important consideration, particularly when your company isn’t all that motivated to invest in promoting a new or experimental brand offering.

    Proactive development is also about risk avoidance. You can set up social media accounts for a new brand name and practically mothball them by leaving them inactive until using them in the future. But you may be better off if you just learn to start operating them and developing them out so that they can rank effectively for brand name searches.

    As I mentioned before, having these assets rank for your brand searches can help insulate you from potential future reputation attacks.

    Using these methods, you can accomplish sufficient policing for trademark infringement and detect cases where people may be making improper use of your marks to intercept revenue that should go to your company directly, or they could be diluting and eroding your brand.

    You can also proactively block potential infringers by grabbing your names in the more popular places before they may be taken by unscrupulous marketers.

    Detecting infringement is sometimes the first step in gaining control of your marks if you’ve neglected policing activities in the past. Companies sometimes ignore this area until they’ve already lost some substantial amounts of revenue or brand value in some way.

    Once you’ve detected the infringement, the process may then need to segue into legal enforcement options. Stay tuned because I intend to later cover some methods for assessing trademark infringement “misimpressions” that occur online via search engines, directories, social media, and website visits.

    Whatever you do, don’t ignore your policing activities! Turning a blind eye to infringement can result in erosion of your brand to the point where your mark might become genericized — and the mark could be lost to you altogether.

    Policing isn’t rocket science. Once you’ve set up some consistent, periodic monitoring, it can easily become business-as-usual along with your other marketing activities.

    Some opinions expressed in this article may be those of a guest author and not necessarily Marketing Land. Staff authors are listed here.

    About The Author

    Chris Smith is President of Argent Media, and serves on advisory boards for Universal Business Listing and FindLaw. Follow him @si1very on Twitter.

    (Some images used under license from


    Marketing Land – Internet Marketing News, Strategies & Tips


    Leave a Reply

    This site uses Akismet to reduce spam. Learn how your comment data is processed.