Join our subscribers
Proofpoint sues Facebook over lookalike domain names used in security training
Friday, February 12, 2021
Although the idea of using misspelled or fake domain names for security testing on the surface seems to be a solid idea, some question whether Proofpoint taking legal action is the right way to deal with the issue at hand.
“I think, litigation over the issue is a very bad idea,” Ilia Kolochenko, founder and chief executive of web security company ImmuniWeb, told SiliconANGLE. “First, Proofpoint uses the domains in question for commercial activities, or at least to further its direct commercial interests and business. Second, Facebook still has the right to prevent trademark dilution: in the specific context, Facebook may successfully argue that leveraging their platform as a phishing example – may scare away existing or new users and otherwise damage Facebook’s reputation.”
Kolochenko added that he thinks Facebook has a good chance to prevail in court. “Eventually, this dispute being taken into a court may create a dangerous legal precedent that would hinder most of the legitimate anti-phishing exercises and training by cybersecurity companies,” he said. “The best solution would probably be to get contractual permission from Facebook to use its name for specific purposes and pay Facebook a fair consideration for this.” Read Full Article
The Daily Swig: Software supply chain attacks – everything you need to know
CSO: Supply chain attacks show why you should be wary of third-party providers
