NEW FIRST: LinkShare- Lands’ End Versus The Affiliate on Typosquatting

Lands’ End recently sued several of its affiliates for typosquatting on its trademarks. According to Lands’ End, defendants Eric Remy, Thinkspin Inc., Braderax Inc, and Michael Seale registered:

www.lnadsend.com
www.klandsend.com
www.landsende.com
www.landdend.com
www.landswnd.com
www.landrnd.com
www.landsene.com
www.landsenc.com
www.landsennd.com
www.landse.com
www.landind.com
www.landswend.com
www.landwend.com.

Each of these domains redirected users to Lands’ End via LinkShare affiliate links.

Last week the US District Court for the Western District of Wisconsin issued an opinion, allowing Lands’ End’s typosquatting, breach of contract, and fraud claims to move forward to trial. See: Lands’ End, Inc. v. Remy [PDF]

I found one blog covering this rather interesting twist:

Plaintiff sued for violations of the Lanham Act, ACPA, and state law based on its payment of commissions to defendants, as part of plaintiff’s affiliate agreement, that allegedly turned out to be generated by typosquatting, in violation of that agreement.

Defendants operate websites such as www.savingsfinder.com, www.poshshops.com, and www.shopperseguide.com. They were Lands’ End affiliates. When an internet user clicks on a link on an affiliate’s website, connects to www.landsend.com and makes a purchase from plaintiff, the affiliate earns a 5% commission on the purchase. Along with agreeing not to use “infringing” content, affiliates agreed to use links provided by Lands’ End network servers or other Lands’ End-approved means; if they wanted to use other methods of generating traffic to Lands’ End, including third-party serving mechanisms, they needed Lands’ End’s approval. They were also requried to disclose information about the websites they proposed to link to the Lands’ End site, but here defendants didn’t disclose their interests in www.lnadsend.com, www.klandsend.com, www.landsende.com, et cetera.

(Defendants no longer own or operate these sites, but they did during the relevant periods.)

I added emphasis to the fact they no longer own the domains. Doesn’t change history, just making a note.

The affiliates made $7,000+ in commissions through this setup- from LinkShare alone apparently with one merchant. Doing some basic domain acquisition, redirection and labor math- that’s an easy take of well over $6500.00 for doing- nothing really. It does scale, but I don’t think that makes it Web 2.0, more like Web 0.2

Intrigued I hit my network of contacts and ended up speaking with Ben Edelman, who, in full disclosure, is serving as an expert in this case. From ad injection to typosquatting it seems Ben and I always end up looking at a merry-go-round of frivolity.

Ben tells me that this same affiliate targeted numerous other merchants in the same way. It’s hard to know how much they made, but I took it he was alluding that Lands’ End is just the tip of the iceberg. Could this single cluster of typosquatters be all over the place?…As a researcher I check into stuff and while this is a bit out of scope and my time schedule (I would run packet traces, etc, etc but I am not taking them to court)…and, well hell, it is like an iceberg.

There is more, but pressed for time I put together just a few hundred possibles on one box. Porter’s Typo Checklist Fun List. Enjoy! Oh there are more red flags around that IP Block….but let’s keep it simple.

I find these practices are particularly embarrassing for LinkShare. LinkShare runs a “network quality” group that’s supposed to catch scams and rule-breakers- I haven’t read the LinkShare TOS lately but I have a feeling this is out of bounds. While I really like Steve Denton, current President, (despite the fact his home school, WVU hammered mine on the gridiron, Marshall University, this weekend) somebody in QA needs a lesson or a compass, or a clue or some training.

Not that I don’t see LinkShare links in all kinds of “weirdness” (among others — not just typosquatting, but other questionable activity too, and they are not the only ones- other networks, portals, etc..) LinkShare could do better if it made a concerted effort. I have toured CJ’s QA department and talked to them extensively. They aren’t perfect either, as my .xls sheet shows, but they (eight people I think) were willing to show me it existed, and overview that satisfied they did something and real people were behind the effort.

LinkShare- if you care to fly me in to see just how big your Q&A team is? I don’t need your trade secrets- odds are I have far more than you, but I would love to verify what is there.

Porter’s Advice: Take it or leave it…

Best Practice for Networks: Kick out the typosquatters- really even if it were “ok”, which is what the case is about, it is not ethical. The spelling help argument doesn’t work for me. Automated systems could generate permutations and auto-block the blatant registrations. Match referring traffic in real time to black lists- kick it out. Show merchants you have their best interests and brands in mind.

Best Practices for Agencies: Don’t rely on networks Q&A- as systems grow bigger they tend to fail, become less efficient in some ways….well go read up on systematics. Ultimately that’s your job if you are a good agency. Show the merchant the situation, explain the ramifications. Having been in that position before I know some merchants turn a blind eye and take it- some want it? If they want to burn their money- you can’t stop them, but it is your duty to warn them.

Best Practice for Merchants: Whether outsourced or not- monitor referral traffic, learn how to handle your system’s information system and make a firm decision on policy. If you want to throw away money why not buy IHateWaynePorter.com merchandise and raise money for Ona Little Leauge- if you are more pragmatic spend it here and support Revenews, and reach a quality base of readers.

Ultimately this problem is tangentially linked to some of the things I see in security at FSL, only in this case I don’t think they were tactically smart enough to use triple obfuscated javascript injected into the header of a page to spoof a series of valid redirects that make it real hard to unravel. You have to wonder if and when security companies and legitimate networks will unite? Or would they? It’s like Javascript and the case above, once it gets used for foul play- it becomes tainted and it hurts all legitimate parties. In the end security companies WILL block the offending technology- it is happening now. Look at Google who stands wide open with a dual technological and revenue concentration risk linked to sloppy JavaScript implementation. Makes you see why LMI is potential distribution suicide.

In closing I am curious how merchants might feel about the same typo traffic being redirected to portal pages e.g. Google Ads. Is this ok with you? Are Google advertisers unhappy about having their ads placed onto typosquatting web sites? Let me know: wporter@gmail.com or skype me: wporter

Or Yahoo! maybe. Check out this complaint. Note: Paragraphs 45-47. It may or may not be new to you- but again- let me know your thoughts either here or in private: wporter@gmail.com or skype me: wporter

Happy Hunting…or Blissful Ignorance- the choice is yours.

About Wayne Porter

Wayne Porter is one of the original founders of ReveNews.com, and served as the CEO and founder of XBlock Systems a specialized research firm on greynets and malware research before being acquired by unified communications security leader, Factime Security Labs. His work includes serving as a panlist at the Federal Trade Commission to shape legislation on software and the creation of two patent-pending technologies for corporate networks. Wayne is a frequent speaker at e-commerce & business events including CJU, ASW and RSA and frequently cited in the press. He has been designated a Microsoft Security MVP three times and is recognized on Google’s Responsible Security Disclosure page- in addition to receiving the first Summit Legend Award. Wayne currently works as a Security Consultant on Social Media and operates a consultancy on digital worlds. His hobbies include reading science fiction, playing chess, fishing, writing, collecting shiny digital gadgets, playing racquetball and studying memetic engineering. He maintains a personal weblog at WaynePorter.com detailing his explorations in security, web 2.0, and virtual worlds.
You can follow Wayne on Twitter: @wporter.

15 Responses to NEW FIRST: LinkShare- Lands’ End Versus The Affiliate on Typosquatting

  1. Mike Hyland says:

    Great find Wayne as this sure was just the tip of a typo squatting scheme to stuff network cookies. I tested several of your trademarked merchant typos and they all forced set a tracking cookie during redirect.

    Great merchant service would be to identify these typo squatters stuffing cookies and charge the real merchant management a recovery fee based upon a % of un-earned commissions paid. Let the merchants then sue the AM firm and network for allowing this to go undetected.

    Places I post offer safehaven for the cookie stuffing and “tricks for Clicks” perps under the guise affiliate competitors would copy their sites… LOL. These 3 defendents operate website fronts such as http://www.savingsfinder.com, http://www.poshshops.com, and http://www.shopperseguide.com and some idiot AM’s think those non-ranked places generate 5 figure monthly commission incomes for a variety of brand merchants… LOL.

    Linkshare sure as hell could care less about these type affiliates until their own bottom line gets whacked by the real merchant management sueing them for commission fraud. Fat chance the AM’s running the merchant programs shown on their sites gave them a through DNA test as they too take a bonus cut from TOS violators skirting the rules.

  2. Kellie says:

    Defintely just the tip of the iceberg Wayne. Lots of money in it. I’ve never gotten why Merchants would pay for it myself. When the typo traffic gets redirected through a ‘legit’ affiliate site, some merchants probably don’t realize how much they are really paying. There’s actually one guy (not listed in the above suit) that runs a couple of different businesses where he actually promotes what he is doing…typosquatting. Spins it of course, but it’s obvious what it is. Even runs one of them as an ‘affiliate network’ with directtrack technology. Guy owns close to 4000 typosquatted domains that I know about (not all of them are tied to affiliate links..some of search parked domains). A good part of them do use redirect affiliates links though. Large networks, small networks, indie programs…all show up.

    It’s like the Networks are saying..it’s a trademark issue so it’s up to the Merchant if they want to allow it or not. But the majority of the time when I talk to Merchants/Managers about it, they may not like it but don’t seem to think it’s that big of a problem or that they are losing that much money from it so it’s just not a priority for them. Maybe this suit will bring about some education. Personally, I’ve never thought the practice was good for the industry.

  3. Fraser says:

    “tip of the iceberg” is exactly right, stuff like this has unfortunately been getting exploited for years.

    The other one that is widely used is to register the domain with www in front i.e.

    wwwlandsend.com

    At least Lands End managed to pick this one up themselves but there are many others out there
    i.e.
    wwwwalgreens.com is under dispute at the moment.

  4. Best practices for networks (revised to reflect reality):
    Strike financial arrangements with clients based on their ignorance; keep them ignorant for as long as possible; pretend to have a commitment to quality assurance.

    To be honest, Wayne, I’m surprised that this is even given air time. Your best practices advice has been given in various forms, by you and by others for YEARS now. It’s all fallen on deaf ears and, IMO, will continue to.

  5. Wayne:
    Also, I think everyone is missing the real news/best practice here.

    This case demonstrates that typo-squatting isn’t “advertising” in the eyes of a judge. More specifically, it’s illegitimate.

    Defendants profited, but they did so by not publicizing their activities.

    The Lanham Act failed and the best way to move forward against such affiliates is via a false advertising, breach of contract and fraud claim(s)… since “consumers were not in any relevant sense confused by the relationship between plaintiff and defendants.”

    I have a very difficult time seeing how Lands End will love its marketing channel so much that it’s willing to let things like this go on moving forward — with any similar vendor let alone Linkshare.

  6. Actually, what I just wrote is completely incorrect w/ regard to how to move forward. I mis-interpreted what was going on here.

    Lands’ End attempted to use the Lanham Act (Trademark law) and Wisconsin State law to do battle with this affiliate. This case demonstrates that typosquatting isn’t “false advertising” in the eyes of a judge. More specifically, it’s totally legitimate because they didn’t intend on profiting based on diverting consumers away from LandsEnd.com. HOWEVER in cases (like this one) where the affiliate profits through a means that does not publicize its activities, leverages the marketer’s famous trademark and takes active steps to hide what they are doing the gloves come off for marketers.

    Click my name in this comment entry should you be interested in more details.

  7. Wayne Porter says:

    One moment jeff- i prefer you would use trackbacks if you are going to provide more details. That is just the preferred form of etiquette on blog.

    Second- do you operate the service you recommend at the end of your blog?

  8. Jonathan (Trust) says:

    I'm guessing you were asking a question where you already knew the answer. Yes, that's Jeff's service:

    http://www.protectmymark.com/about.html

  9. You would think that if Lands' End was serious about protecting their trademark they would register these typos. If you look up the list of domains in question, half are available for registration, and the others are now owned by new entities that I am sure Lands End will sue. Perhaps Lands' End is making more from litigating then owning these names themselves.

  10. Wayne:
    With regard to etiquette; sorry, I simply chose this route as I'm a busy person and don't always have time to do things perfectly in terms of what bloggers consider to be good form.

    To answer your question, yes. Why do you ask?

    Chris, I read somewhere (the litigation document?) that the affiliate under fire had released the URL's… to whom I'm not sure. It would seem that your research indicates "to the free market." Interesting. Makes it difficult for Lands' End and I'd think the affiliate would not want to further irritate them.

  11. Mike Lamb says:

    Wayne, one question as it pertains to clever affiliates who create domains that benefit the company they are promoting with their affiliate program.

    If an affiliate is going to use those domains for promoting a company’s products with their affiliate program, why would or should a company care?

    A company must pay an affiliate for bringing them business, but isn’t that the purpose of promoting an affiliate link.

    And with more and more link cloaking going on,
    along with other creative methods, isn’t the practice of disquising a link to bring in more business to the company ultimately a good thing?

    The more business an affiliate brings one company the more money the company makes in the long term.

    Am I missing something? Or is this simply the practice of keeping a trademark ownership intact?

  12. Mike:
    I find your questions interesting — in particular the aspect that suggests that rules set up by advertisers and, short of that, the networks themselves should be overlooked in consideration of potential benefit for the advertiser. Isn’t the rule there to protect advertisers from something that everyone agrees to is bad practice?

    From my vantage point a company cares for the reason you point out (trademarks – they must actively protect it or lose rights to it). Secondly they have a concern over partnering with entities that hide and cloak their identity (risk is involved, as is a loss of control over these entities).

    While mis-spelled URL’s SHOULD be owned in common practice they are not; hence, advertisers are forced to, after the fact, take action on documenting and dissecting (understanding) the micro-economic and legal implications of partnering with such partners.

    Thus far, courts are having a difficult time with affiliates who break more than one set of rules under cloak. Double whammy.

    I’ll be happy to see Wayne chime in — and hopefully answer my question so that I might school him on what is and isn’t a recommendation… and when disclosures are needed and not needed.

  13. Wayne Porter says:

    “To answer your question, yes. Why do you ask?”

    Cause I can? and it was rhetorical.

    I think it is a good service (haven’t tried it yet- i guess you will let me trial it?) but on my turf i prefer you go ahead and let folks know you are a driving force behind it. just as on your turf- you could ask me what you wanted.

    Perhaps it was just wording

    “Click my name in this comment entry should you be interested in more details.”

    It just didn’t ring right with me. personal preference. I support your end goals, but either trackback promotional messages or expound on them in comments. Personal preference. I know you are busy.

    For those who missed it because jeff was busy http://www.protectmymark.com

    -wayne

    Unless i am being paid to post…then I can’t. So maybe we have to diclose it all in the future.

  14. Let’s kiss and make up.

    BTW, this service is vastly mis-understood and unfortunately by you as well. I should, apparently, say the word “audit” before anything else. One cannot “use this service” or “try it.” One can only agree to bring in a team of consultants to harvest data out of their affiliate program… sit back, have coffee as the deliverable document quantifies and qualifies all the rule-breakers. You literally see how much marketing spend is being wasted on rule-breakers, sypware/adware, etc. (and related network fees).

  15. […] If you’ve ever had the notion to do some typosquatting, you really must read Wayne Porter’s most recent blog post at Revenews. […]