News from “Bloomberg” about a Twitter(TWTR)buyout saw Twitter’s shares shoot up 8% on Tuesday, and then drop back down when traders figured out the story was fake. The SEC is looking into the hoax, but the agency won’t be able to solve the underlying problem that made it possible in the first place: anybody can get their hands on a company name website to make mischief.
Tuesday’s con, for instance, appeared on “Bloomberg.market,” a site that has nothing to do with the financial giant, but was bought by the scammers and tarted up to look like a real Bloomberg site. Now, it’s just a matter of time before someone tries again in the hopes of making money off a share price spike.
Think it’s hard to pull off such a scheme? Nonsense, all you need is a competent web developer and a realistic web address to post your fake story. And those addresses are incredibly easy to get. One tempting target might be “NewYorkTimes.market,” which was for sale on Wednesday for $34.99:
The screenshot above is taken from Name.com, which is one of many domain name brokers where anyone can purchase a website name. This means the perpetrators of the Twitter hoax, or other enterprising scammers, could buy “NewYorkTimes.market” and mock it up to look like the real Times (NYT) site in the hopes of moving the market.
In the past, it would have been more difficult to buy a “company” website since there were only a handful of domain endings, including .com and .org, and the company in question likely owned them. But now, thanks to ICANN’s decision to open up naming rules, there are literally hundreds of options (such as .office or .forex or .luxe, and so on).
While ICANN and media outlets have portrayed the arrival of these names as a “land rush,” companies have quickly found the names to be a gigantic nuisance; corporations are put into the untenable position of either buying and paying renewal fees for hundreds of sites they don’t need, or else watching cyber-squatters or scam artists acquire the name. Now, after the Twitter-Bloomberg hoax, the companies can add market manipulators to their worries of how their names will be abused.
While the ICANN system includes some nominal protection for trademark holders, it is hardly airtight. Meanwhile, the interests of the domain name operators, which make money from registrations, are typically not aligned with the companies. For instance, the operator of the “.sucks” domain asked companies to pay $2,500, or else see the name sold to the general public for $10.
Already, the Twitter episode has led to renewed criticism of ICANN’s policies.
“ICANN needs to do a better job of insisting that registrars ascertain the legitimacy of folks they register and do it beforehand, rather than after a major problem like this,” said Jon Leibowitz, a lawyer with Davis Polk and former FTC chairman Jon Leibowitz, to the National Journal.