Brandjacking: what is it, and what should you do if you find out the hard way?

Similar to identity theft for individuals, brandjacking is when a hacker tries to hijack your company’s brand. Essentially, a fraudster copies or recreates a business’s digital assets and then uses them to perpetrate fraud against customers, suppliers, employees or other stakeholders.

Here are some ways to battle back:

The assets in question can include the company’s logo, website, social media accounts and email domain.

Register your trademark. If you have not already, register your trademark with the U.S. Patent and Trademark Office and the World Intellectual Property Organization. Doing so will not stop a determined criminal from compromising your brand, but it can provide you with legal recourse should brandjacking occur.

Buy similar domain names. Fraudsters sometimes register similar-looking domain names and then set up fake websites to siphon money from customers. To prevent them from doing this to your business, register variations, including common misspellings, of your domain name. Additionally, consider buying other domain extensions — for example, .biz, .co, .org and .us.

Invest in cybersecurity. Cybercriminals may try to hack your company’s network to get ahold of certain digital assets. That is why strong cybersecurity is critical. At minimum, you need firewalls, antivirus software, malware scanners and intrusion detection tools. Consider engaging a qualified consultant to help ensure you have fortified all potential weak points. Also, require employees to change their passwords frequently and train them to exercise caution when opening emails and attachments.

Monitor online chatter. To prevent and detect brandjacking, you have to be vigilant about your brand and digital assets. A big part of this is monitoring online conversations about your brand. Invest in social media tools to look for mentions of your business, paying attention to both positive and negative commentary. Set up alerts through your preferred search engine for any reference to your company’s name. If something seems strange or suspicious, investigate.

Enforce your legal rights. If you are brandjacked, or even if you suspect it, contact your attorney immediately. Lawsuits can prove expensive and time-consuming, yet legal action is sometimes the most effective way to fight back. Your lawyer may want to bring in an attorney who specializes in intellectual property law to advise you on whether and how to proceed, as well as on how to better protect your brand online.

Communicate with stakeholders. In the event your brand is hijacked, let customers, suppliers, employees and other stakeholders know that they should be on the lookout for fake websites and emails that purport to be from your company. Doing so will help protect them from fraud. Also, they may be able to help you catch or stop the cybercriminals by reporting suspicious uses of your brand to you.

Be prepared to rebrand. If your brand is inextricably compromised, you may have to rebrand the business. This will entail substantial costs, but there could be a silver lining: Rebranding may create an opportunity to redefine your company, revise your marketing strategy and reengage with your customer base. Just make sure to fully protect your new brand using the previously mentioned tips as well as other best practices.

If you have any further questions on brandjacking and how to protect yourself and your brand contact your Rudler, PSC advisor to discuss at 859-331-1717.

RUDLER, PSC CPAs and Business Advisors

This week's Rudler Review is presented by Becca Thorman, CPA, CVA and Evan Kandra, CPA.

If you would like to discuss your particular situation, contact Becca or Evan at 859-331-1717.

As part of Rudler, PSC's commitment to true proactive client partnerships, we have encouraged our professionals to specialize in their areas of interest, providing clients with specialized knowledge and strategic relationships. Be sure to receive future Rudler Reviews for advice from our experts,  sign up today !

Posted in Uncategorized.