Digital detectives: companies turn to cybersleuths to protect their assets from an online black market - Technology - selling counterfeit products on the Internet - related article: KeyBank Uncovers Cybersquatters and Hate Sites

The email was addressed to the CEO of a large Midwestern manufacturer of consumer electronics. "Send us $250,000," it read, "and we'll supply you with the names of individuals running a factory counterfeiting your product."

The CEO knew that cheap knockoffs were eroding his company's market share and believed the products were reaching the United States through South America. He hired a prominent Great Lakes law firm to dispatch investigators to track down the counterfeiters, without success.

After nearly nine disappointing months, the CEO turned to Online Security, a Los Angeles firm that specializes in cyber investigations. "We examined the emails and decided to use the tools of the hacker against the bad guys," says Online's CEO, Erik Laykin, who asked that his client's name not be used.

Laykin instructed the chief executive to respond to the extortionist's email and agree to his terms. Embedded within the response was a Trojan Horse: virus-like code that would infect the extortionist's computer and send a beacon to Laykin's firm whenever the culprit logged on to the Internet.

"Every night around 3 a.m. the guy would log on for two minutes and send email," says Laykin. "Our programmer slept next to his computer; whenever the extortionist went online an alarm went off and our guy would jump up and try to trace the signal back to its source."

Within two weeks, Laykin had tracked the email to a firm in Malaysia. The extortionist turned out to be a mid-level manager at a factory hired by the manufacturer to produce bona fide goods. "The CEO of that factory had the bright idea of producing 15 pieces for every 10 ordered," Laykin explains, "and shipping five of them out the back door. The manager thought he could cash in by blowing the whistle."

Armed with this information, the company contacted Malaysian authorities and filed suit against the factory. The manager was arrested and the operation shut down. "The good guys won this one," says Laykin.

Counterfeiter crisis

Such stories aren't unusual. The Internet's explosive growth brought with it a surge in counterfeiting and intellectual property theft that has galvanized CEOs to call on private firms to protect their company's assets.

The International Chamber of Commerce estimates that sales of counterfeit goods totaled nearly $400 billion in 2001, with about 10 percent of those goods sold online. Worldwide intellectual property losses, meanwhile, climbed as high as $59 billion in 2001, up from $46 billion in 1999, according to PricewaterhouseCoopers. From footwear to pharmaceuticals, cybercrooks are moving knockoffs across the Internet.

"Counterfeiters can be a company's biggest competitor, says Jeffrey Unger, co-founder and CEO of GenuOne, a Boston firm that tracks unauthorized Internet sales for companies like Intel and Hewlett-Packard. The Internet has been a boon to the black market, Unger contends. "Pop up a Web site and suddenly you have access to millions of people," he says. "'Where better to sell something you're not supposed to be selling?"

Counterfeit and unauthorized goods erode more than just market share, notes Marie Myers, vice president of internal audits for H-P in Houston. When the knock-offs don't work as advertised, customers feel betrayed and the manufacturer's reputation suffers.

Law enforcement organizations simply don't have the resources to police the Internet, says Laykin, who adds that in some cases the FBI has referred corporate clients to him. Jurisdiction is another issue; Internet crime often crosses continents, making it difficult to pinpoint which government agency has the authority to investigate. And like the anonymous consumer electronics manufacturer, most companies prefer to avoid the public exposure that a criminal prosecution would bring. So top executives hire private "Internet intelligence" firms like Online Security, GenuOne and others to thwart cyber thieves.

The trouble is, many companies don't have a clue how large a problem they really have. "At first, clients would come to us with big, innocent eyes and say, 'We found two companies selling our products illegally on the Internet; do you think there are more?"' laughs Panos Anastassiadis, CEO of Cyveillance, a cybersecurity firm in Arlington, Va. "Odds are there are a lot more than two."

The Web posse

A cottage industry of Internet sleuths has emerged alongside the digital black market to keep CEOs apprised of trespasses on their intellectual property.

VeriSign, a Mountain View, Calif., company that provides authentication and brand-protection services, patrols the Internet using technology developed by Cobion AG, a maker of sophisticated optical recognition software headquartered in Kassel, Germany. Each day Cobion's software crawls the Web looking for stray Adidas pyramids or hijacked Bayer aspirin insignia--any misappropriated image that matches a client's trademark.

Each search Cobion performs for the familiar Adidas logo, for instance, turns up thousands of hits. Some of the sites are legitimate dealers. But many are selling counterfeit or unauthorized versions of Adidas footwear and using the logo to confuse consumers. Others have appropriated the logo for their own companies or are simply using it to drive traffic to their site.

The software is sophisticated enough to determine if a site contains a nude photo or to distinguish between pictures of, say, Bill Clinton and George W. Bush, says Cobion General Manager John Matera. But humans must make the ultimate judgment about whether an image violates a trademark. And paying high-priced copyright lawyers to pore over thousands of images isn't how most corporations want to spend their money.

The problem with a lot of Web search firms is that they simply do a data dump, says Cyveillance's Anastassiadis. "They say, 'Here are 2 million occurrences of trademark violations. Good luck.' What are you going to do with 2 million URLs that use your company name? How are you going to triple-distill it?"

Cyveillance uses what it calls 'relevancy engines' to distill data, according to criteria set by clients, from millions of hits into the 10 or 20 worst offenders. GenuOne uses a similar process to single out the most egregious dealers of counterfeit or unauthorized goods. Beyond that, however, it's up to the corporations to decide how to deal with individuals or sites that don't play by the rules.

Anastassiadis argues that monitoring the Internet goes well beyond looking for counterfeiters and copyright scofflaws; he believes modern CEOs should look on it as a necessary part of doing business in the digital age.

"We provide an early warning system," he says, "so you know if people are making threats against your corporation, or planning a product boycott or leaking critical information. We can even detect class-action suits that might be coming because people are discussing it before they've served you the papers.

"The Internet touches everything," he adds. "You can either embrace it or you can fight it. We know who will win that one.

[GRAPH OMITTED]

RELATED ARTICLE: KeyBank Uncovers Cybersquatters and Hate Sites.

Executives at KeyBank thought they'd done a good job of protecting their digital assets. But two years ago the Cleveland-based institution, which operates more than 900 banks in a dozen states, hired MarkMonitor to assess its portfolio of domain names. The Boise, Idaho, firm used specialized search engines to scour the Web for site names containing KeyBank trademarks.

What it found wasn't pretty: 102 unprotected trademarks. For example, the company had registered Keybank.com but not Keybank.net. it also hadn't registered domain names for its Line of mutual funds, its toll-free number or its corporate motto, "Achieve Anything."

Some domains were owned by cybersquatters hoping to be bought out by KeyCorp, KeyBank's $7 billion parent company. Others were anti-company sites operated by disgruntled ex-employees, including one featuring photos of executives alongside graphic depictions of bodily functions.

"Our first response was embarrassment and outrage," says Senior Vice President Trina Evans. "Then we began to think rationally about what we could do, what was technically possible and how much we were willing to spend."

Thanks to federal anti-cybersquatting laws, KeyBank was able to obtain domains for most of the firm's trademarks, even the ones it hadn't yet registered, without paying a dime. First Amendment considerations prevented the bank from shutting down the hate sites, but it was able to force the sites to remove any trademarks or links to the company's Web pages.

KeyBank is ahead of the game; many companies don't even know which domains they own, says Maigred Eichten, vice president of digital brand management for site authentication company VeriSign.