A bit over a month ago, I discovered thanks to Google Alerts, that a fraudulent website was using my business name and excerpts of my copyrighted website content without my permission to advertise their dishonest services. The site has been taken offline a few weeks ago and has been offline ever since.
Fraudulent site offline
Here is the timeline of my actions which led to this positive outcome, which may help you if you are ever in a similar situation.
Step 0: Set up Google Alerts
If I hadn’t set up several Google Alerts to inform me whenever my name or my business name appears on a new site online, I would have never known about the impostors. I wrote a blog post about how to do that here.
Step 1: Post a disclaimer on my website
I posted an alert immediately after the discovery of the fraudulent website, in which I disassociated myself and my business from the website and all its activities. If I had had the slightest suspicion, that the impostors could contact my existing clients or solicit new clients under my name outside of that website, I would have also proactively contacted my existing clients and posted another alert/disclaimer on all my public and semi-private social media and professional accounts.
Step 2: Find out who is behind the website
Unfortunately, this step proved to be quite difficult, because the real host of the website was hidden under several layers of anonymized entities. I began by looking at the internet registry information, which you can find via any Whois domain service, for example http://centralops.net/co/DomainDossier.aspx. The domain and the network whois record indicated that this particular website was registered in Panama. Unfortunately, contacting the registrar (see step 3) proved not very useful, because they claimed they were only responsible for registering the domain name, not for the content. I was referred to another entity in China, which also claimed not to be responsible for the content.
However, the domain name registrar was helpful enough to suggest to run a ping traceroute, which gave me the domain name and the IP address of the entity that actually hosted the content on their servers. One such service is for example http://ping.eu/traceroute/. The last entry of the route is the IP address and domain name of the server that I was looking for. With this information, I went back into the Whois domain lookup and got the record of the actual host. The host is supposedly based in Canada, but the IP address of the server is actually located in Utah, USA, as an IP location service such as https://www.iplocation.net revealed. Now I had enough legal ammunition to take action.
Step 3: Cease and desist letter
After peeling back all the layers of the onion, I sent a very official sounding cease and desist email to the aforementioned hosting service. Actually, I had sent cease and desist letters to all the involved parties/layers, but although I received nearly immediate responses, they just referred me to the next layer. But when I sent a cease and desist letter to the hosting service, the site got taken down the very next day, although I never received a response from the hosting service!
Regarding the content of the cease and desist letter, I looked up a template online for the proper legal phrases. I mentioned that my business name, which was used fraudulently, is registered in the State of California (since 2010), and that the content of my website, which was used without my permission, is copyrighted. More on that below. I was prepared to take further action, but luckily, this was not necessary.
Step 4 (not taken): Invoke US copyright law
According to US Copyright law, all work is under copyright the moment it is created and fixed in a tangible form, without actually having to register for a copyright. Aside from the standard “All rights reserved” disclaimer on my website, I also use a WordPress plugin to take snapshots of the content that I deem worthy of copyright. This serves as “fixing it in a tangible form,” as required per the US copyright law quoted above. There are many such plugins available.
If the site had not been taken down, I was prepared to send a takedown notice according to the US Digital Millennium Copyright Act to the service provider that was hosting the offending site. The steps to send a DCMA takedown notice are described here. Luckily, this was not necessary.
All is well that ends well. I want to thank my colleagues who helped me peel back the layers of this fraudulent onion. I hope that I can help other people in a similar situation by sharing this experience. I also hope that potential criminals will be sufficiently deterred to try something similar in the future.