Someone is stealing your identity
Cyber forensic experts and lawyers say that the phenomenon of Cybersquatting, which is the unauthorised occupation of someone's identity on the web, is assuming "extortionist and threatening" dimensions. Beware of cybersquatters!Updated: Jun 25, 2008 21:22 IST
yournameisnotavailable.Com. This is not a website address but the virtual consequence after your identity is being "encroached upon" by someone known as a "squatter", on the internet.
Cyber forensic experts and lawyers say that the phenomenon of "Cybersquatting", which is the unauthorised occupation of someone's identity on the web, is assuming "extortionist and threatening" dimensions.
"For example, the new Miss World is announced in the wee hours, but by the crack of dawn a 'squatter' may have registered a website on her name to extort money and harass the "new and fast-to-become-popular individual," says Supreme Court lawyer Pavan Duggal.
A new craze like cricketer Ishant Sharma or actress Deepika Padukone can be sitting ducks for such domain baiters or "squatters" as known in the internet parlance, Duggal adds.
A check on the domain name of the Congress President Sonia Gandhi, who has recently completed a decade as the party president, results in -- .Com, .Net, .Org, .Tv, .Co.Uk, .In, already being "taken".
A squatter registers websites in the names of popular brands and personalities, who incidentally do not have websites of their own, cyber experts explain.
This leads to misrepresentation in the internet media about the individual or the brand and the victim is forced to cough up money to regain his legitimate identity or the business revenue he would have earned, thereby making it "extortion" business, they contend.
Now-a-days the revenue model of the squatters is based on the pay-per-click advertising model, and is part of a larger 'click fraud'. The squatted sites are also very useful to 'phishers', who may use the site to phish-out personal data.
"For example, a squatter may book a bank's name and sell it to a phisher who can construct a login interface similar to that of the bank and collect login/passwords," says Pradeep Akkunoor, a Certified Fraud Examiner. This is "threatening" the legalities of the cyber transactions, he adds.
"The Information Technology Act, 2000 is completely silent on any issues of cybersquatting. There is no remedy for a victim, either if he is a common man or a celebrated one," Duggal avers.
Sections 65 and 66 (1) of the IT Act, 2000 define tampering with computer source documents and hacking with a computer system respectively, both of which are awfully distant to address the menace of cybersquatting, say cyber law experts.
"The Indian grievances of cybersquatting have been majorly dealt under the Trademark Act, as the IT Act 2000 does not have a word about cybersquatting. The silver-lining is that the Indian courts have been consistent and encouraging enough to give 'injunctions' to the aggrieved parties," Duggal says.
The online registration of ".In" (the domain name for India) names opened on February 16, 2005. In a report prepared by India Forensic Research Foundation, an anti-cyber fraud body, surveyors found that banks are the most vulnerable organisations to be squatted as they are huge chests of money, which can be phished by squatters, causing loss of money and reputation to the bank and also to the investor.
"One such widely known scheme of fraud is phishing which is fraudulent acquisition of sensitive personal information such as passwords and credit card details by masquerading as someone trustworthy," the report said.
"The most prominent squatting attack was observed on Reserve Bank of India (www.Reservebankofindia.Com) and it was hijacked on July 31, 2001 by Hensan Net," it said.
"Second big attack was noted on the State Bank of Indore, with domain name www.Indorebank.Com and is re-directed towards some e-commerce site having domain www.Indiaplaza.Com," the report goes on to add, indicating the magnitude of the illegal operation in cyber world.
Echoeing the threats of phishing through cybersquatting, Former Delhi Police Commissioner Ved Marwah says, "A lot of banks cautioned their internal mechanisms to secure against such traps. An ordinary person does not know much about such illegal sophistications on the internet".
Many of the domain names that were squatted find their "tech savvy owners" in the foreign world. Popular names like those of politicians, film actors and cricket players are "ready-to-be-sold" on the links provided on these portals.
A visit on links reveal that the sale offers to brand names is made in lucrative terms -- offer amount (to begin with), world relevance (of the individual or the brand), domain name length, live website, domain extension and traffic ranking.
The authentic owner of such domain names has to pay the purchasing amount in dollars, which runs into thousands.
Providing relief to the victims of cybersquatting, the World Intellectual Property Organisation (WIPO) headquartered at Geneva has been "relatively successful" in its efforts of returning domain names to their legitimate users, analysts say.
The entry-level in terms of money to fight a case is high, say Rs 25,000-30,000, which is a far-fetched remedy for a common user.
"But in seven years, 85-90 per cent of domain names have been awarded to their legitimate owners by the mediation of WIPO," claims Duggal, who is also a panelist at the International arbitration and mediation forum for Domain Name Dispute Resolution, WIPO.
A victim of cybersquatting can move for arbitration on three grounds, viz, he has to show his legitimate rights on a domain name, the opposing party has no legitimate claims on the domain name and the domain has been registered or is being used in bad faith," experts say.