Irish Business and Brand Owners under attack by IP Scammers.

In recent times there has been a significant increase in fraudulent activities targeting Irish businesses. 

Scammers are nowadays using names, logos, certificates and even forged signatures to impersonate legitimate persons and institutions, attempting to abuse the trusted structures and processes of national and international registration for undue financial gain.

IP scams are more sophisticated and targeted nowadays resulting in substantial financial losses to businesses and Intellectual Property (IP) owners. Europol conservatively estimates the annual profit of IP criminals to exceed EUR26 million. 

Fraudsters have existed since time immemorial. There are always opportunistic parties seeking to make a quick buck off their unsuspecting fellow humans. The advent of the Internet-age has enabled white-collar criminals to commit crimes on a larger scale with greater ease particularly as considerable information about businesses and brand owners is now publicly available. Generative AI is also playing its part in this problem as fraudulent communications can now be generated quickly and cost-efficiently by scammers and has considerably increased their reach. 

In Ireland, scam emails are often directed at owners of Irish and European trademarks and patents in a seemingly official manner i.e. by including information such as the registration number of a trade mark or patent to create the illusion of legitimacy. It is suspected that criminals are now also using information from the Companies Registration Offices to contact businesses which do NOT own registered IP rights to alarm them into supposedly securing these rights.

There are three distinguishable types of scams:

•    Requesting for a registration fee for supposed IP protection

•    Sending notifications to registered IP holders seeking a renewal fee

•    Pretending there has been an application for the target’s brand or domain name from another party and urging them to secure these rights immediately

REPUTATIONAL DAMAGE

There is also reputational damage suffered by the EUIPO and the national IP Offices, as well as law and IP firms, not forgetting the attorneys, whose names or logos are being used to offer fraudulent services. 

These emails, email attachments or letters might mimic the logos of the European Union Intellectual Property Office (EUIPO) or the respective national office, like the Irish Intellectual Property Office (IPOI). Often times, the scammers use names such as “European”, “World”, “Intellectual Property”, “Trademark”, “Agency”, “Services”, “Office” and use e.g. the colours blue and yellow as well as star symbols to create an association with the European Union and their offices. 

The email address can also be similar to the official email of e.g. the EUIPO by adding letters to the real address and using a .eu TDL (top-level domain). These emails can also include links or QR-codes leading to websites maintained by the scammers, creating the illusion of an existing office or legitimate business. Usually, the email also includes a fake certificate, containing the confirmation of registration. 

Some of this problem arises from the fact that IP registration system worldwide require information on IP rights and right-holders to be shared in the public domain, which in turn makes this industry a ripe target for exploitation by unscrupulous criminals. Trade Marks, Patents and Designs Registers ensure the functioning of the IP registration process. According to Article 111, paragraph 9 of the EU Regulation 2017/1001 of the European Parliament and the Council of 14 June 2017 all data, including personal data of applicants and owners of registered IP rights are considered public interest and may be accessed by any third party. This means that IP Offices are required by law to keep publicly accessible registers. 

THE ROLE OF ARTIFICIAL INTELLIGENCE IN IP FRAUD

The impact of technical advancements on financial fraud, especially the rise of generative AI, remains to be seen. Recent cases have displayed shown us how generative AI and advanced spoofing techniques allow criminals to prosper. Deepfakes make it possible to impersonate anyone in a video or telephone message. This lead in 2024 to the most expensive scam in recent history, where fraudsters used an AI deepfake to steal £20 Million from UK engineering firm Arup by impersonating the company’s chief financial officer. 

AI closes gaps for scammers in a way that humans could not manually achieve. They can now access online databases, create authentic sounding texts instantaneously, and even automate scams by assessing individual targets and making contact without any human interaction. 

In 2023, the USPTO was the subject of impersonation fraud. Victims would receive a call from a USPTO number requesting payment of a fee. Imitating telephone numbers is a spoofing technique - criminals manipulate the phone system into displaying a seemingly “legitimate” number. This is also conducted using text messages, seemingly from IPO officials. 

Scam like these - which would previously have required human skill and time - can now be outsourced to AI. It is predicted that these possibilities will increase with the advancement of the technology until little or no human oversight will at all be required. Drafting convincing scam letters and emails to sound professional and legitimate can now be easily created and then translated into different languages with the help of artificial intelligence. 

Studies on AI-enhanced crime show that fraud and especially financial fraud are expected to become more frequent and damaging through the use of generative AI and Large Language Models. The implications this has on a digitized, global business world are unclear because of the rapid, unpredictable developments. If no one can be sure about the authenticity of a call or an email, these communication channels would either need to be reformed to heighten security standards, or would become obsolete. Even video-calling platforms such as Zoom can be used by scammers through generative AI deepfakes. It is becoming increasingly tricky to determine new ways to authenticate a source when even a signature, telephone number, voice or a face is no longer fail-proof.

THE DEFENCE STRATEGY

Anecdotally, the preferred defence is currently to simply ignore the fraudulent messages. This unfortunately does not contribute towards prevention or prosecution of this type of crime. To date, the problem does not appear to have impacted the business world sufficiently to attract substantial legal or legislative action. However, if this problem starts growing exponentially, there will no doubt be a more pro-active stance taken by the affected parties, which could include the scammed businesses/rights holders or Intellectual Property institutions worldwide. 

In terms of legal action to date, there has been litigation in Sweden, Germany and in the US since 2017, which demonstrates a growing frustration in a number of jurisdictions with this issue. 

-    Germany, 2024: Three defendants were found guilty of commercial gang fraud, each sentenced to one year and 10 months prison, suspended with a three year probation period, confiscation of the EUR20K obtained through the scam.

-    Sweden, 2017: Twenty defendants charged with completed gross fraud, four sentenced to imprisonment, all claims of damages approved.

-    USA, 2021: One defendant sentenced to 4+ years in prison and paying over USD4.5 million restitution.

In addition, Europol, the EUIPO, the national IPOs and Eurojust have been working collaboratively to combat IP fraud. Legal action has been taken in different jurisdictions with a view towards seeking closure of the scammers bank accounts. The EUIPO is also working together with Europol, the Anti-Scam Network and other law enforcement authorities to gather data and exchange information.

Education is the first step in protecting the targets from harm. Reporting these scams to the police and the IPOs would also be very useful as it would track the extent of this problem. 

There is a growing need to focus on the regulation of IP systems in terms of its accessibility, secure payments and communication channels in light of AI technology. 

THE IRISH POSITION

In Ireland, the Association of Patent and Trade Mark Attorneys (APTMA) has been collaborating with the Intellectual Property Office of Ireland (IPOI) as well as the Law Society of Ireland on this growing issue. The recommended practice is to check with a legitimate IP attorney/solicitor before making any significant payment or even engaging with these scammers.

Below are practical steps recommended by the Law Society to solicitors to prevent and respond to these scams: 

1)    Verify contact details with IPOI;

2)    Ensure that your email address is up to date on the register of the IPOI. This will allow the Registry to contact you promptly should they become aware of any fraudulent use of your name;

3)    Report fraudulent activity if you believe that your name has been used fraudulently to An Garda Síochána; and The European Union Intellectual Property Office (EUIPO).    

When reporting to the EUIPO, include the relevant case number and the EUIPO will forward this to Europol to support cross-border investigations. Please retain the original scam email and send this as an attachment, rather than forwarding the email, as this allows for IT analysis of the message origin.

For individuals in Ireland concerned about being approached by online IP scammers, it is suggested that they report it to their local Garda Station.    

 

Sumi Nadarajah with Cora Schnelle 

FRKelly


  • / By Sumi Nadarajah with Cora Schnelle
  • / 12th September 2025

Privacy Settings

Essential
Privacy Settings
Saves the current privacy settings.
Retention period: This cookie will remain for 30 days.
PHP SESSION ID
Saves the current PHP session.
Retention period: This cookie will only remain for the current browser session.
Performance and Analytics Cookies
These technologies allow us to analyze website usage in order to measure and improve performance.
Google Analytics
This is a web analytics service. It allows the user to measure advertising ROI, track flash, video and social networking sites and applications.
Provider: Google Ireland Limited - Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland
Technical name: _ga,_gat_gtag_UA_120928533_6,_gid
Show more details

Data Purposes

This list represents the purposes of the data collection and processing.
- Marketing
- Analytics

Technologies Used

- Cookies
- Pixel

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

- App updates
- Click path
- Date and time of visit
- Device information
- Downloads
- Flash version
- Location information
- IP address
- JavaScript support
- Pages visited
- Purchase activity
- Referrer URL
- Usage data
- Widget interactions
- Browser information

Legal Basis

In the following the required legal basis for the processing of data is listed.

- Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

- European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.
The Retention Period depends on the type of the saved data. Each client can choose how long Google Analytics retains data before automatically deleting it.
Data Recipients

- Google Ireland Limited, Alphabet Inc., Google LLC

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://support.google.com/policies/contact/general_privacy_form

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data outside of the EU/EEA and to a country without the required data protection standards. If the data is transferred to the US, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. This can be for different reasons like storing or processing.

United States of America,Singapore,Chile,Taiwan

Click here to read the privacy policy of the data processor https://policies.google.com/privacy?hl=en

Click here to opt out from this processor across all domains https://tools.google.com/dlpage/gaoptout?hl=de

Click here to read the cookie policy of the data processor https://policies.google.com/technologies/cookies?hl=en

Storage Information

Below you can see the longest potential duration for storage on a device, as set when using the cookie method of storage and if there are any other methods used.

- Maximum age of cookie storage: 2 years

  Accept all

This tool helps you to opt-out and opt-out of various tags/trackers/analytics tools used on this website.

Cookie Policy
Please upgrade your browser. This website is not compatible with Internet Explorer.