Now that you understand the concept of a domain and how we identify cases of Similar Domain Names, we will explain how the treatment works for domains that send fraudulent emails (Spoofing) in the name of a brand.
What are the requirements for a ticket in this offer?
The domain does not necessarily need to have active content; however, it is essential to know which email is engaging in fraudulent activities.
The email header must be attached to the ticket.
It must be attached to the ticket in .eml, .txt, or .pdf format and allow us to copy the text for proper notification completion.
For information on obtaining a header, refer to the article Complete Email Header.
If possible, it is also helpful to attach evidence from the body of the received text.
Attention!
When creating a ticket, the ticket URL field should only contain the domain responsible for the fraud, and the ticket type should be Similar Domain Name.
Example: It was identified that the email “[email protected]” is sending fake invoices for a customer. In the ticket, only the domain, in this case, frauds.com, should be entered as the URL.
For more information on manual ticket creation, refer to the article Manual Addition and Search of Tickets.
Cases of gmail.com or outlook.com emails
As these are reputable domains, it is not possible to create tickets with gmail.com or outlook.com in this offer. Therefore, the ticket creation should be for Fraudulent Brand Use, following this pattern in the URL:
https://[email protected]
https://[email protected]
As it is a fraudulent email, the attachment of the message header is also mandatory in this creation.
For more information on manual ticket creation, refer to the article Manual Addition and Search of Tickets.
What we do not handle?
Any email with a .gov domain.
Emails where fraud cannot be proven, emphasizing the importance of the header.
Domain disputes.
Check the articles “What is Takedown?” and “Similar Domain Name” for more information on limitations.
Why don't we handle a Similar Domain Name without content?
The process of registering domain names on the Internet follows the principle of "first come, first served," which determines that the domain is granted to the first applicant who meets the requirements for registration, without the need for a deeper analysis of potential conflicts with trademarks or trade names previously registered with other bodies, such as the National Institute of Industrial Property (INPI) in Brazil.
If the domain, even if similar to the original, lacks content or has content unrelated to the brand, it is not considered fraudulent use by the responsible entity and, therefore, is not subject to removal measures.
What is the treatment flow of the offer?
We send a notification to the Registrar and email provider holding the domain registration, informing them of the email responsible for the fraudulent activity, and how it is affecting the customer, and attaching the header as evidence. The case is monitored by the Takedown team, which conducts relevant analyses for 45 days. After this period, the ticket will be closed.
If you have any questions, feel free to reach out at [email protected] 😊