Short answer: use a DMCA notice for copied content (your images, text, or code), trademark/UDRP for a domain name that impersonates your brand, and a registrar or hosting abuse report to pull an actively malicious (phishing/malware) site offline fast. They're different tools for different problems — picking the wrong one costs days. This guide shows how to choose.
The three routes are not interchangeable
People reach for "DMCA" as a catch-all takedown button. It isn't. Each route acts on a different layer and a different kind of harm:
- DMCA acts on copyright — content that was copied from you.
- Trademark / UDRP / URS acts on the brand and the domain name — confusing use of your mark.
- Registrar / host abuse reports act on active abuse — phishing, malware, fraud — regardless of IP claims.
Match the tool to what's actually wrong.
DMCA — for copied content
A DMCA takedown notice is a copyright remedy. Use it when a site has copied your actual content: product images, page text, code, videos, or your logo as an image file. You send it to the host or platform's designated DMCA agent, and they remove the infringing material.
DMCA does not remove a domain name, and it does nothing about a site that impersonates you without copying your content. It also carries a real risk: filing a notice that contains a knowing misrepresentation exposes you to liability under §512(f), so the claim must be accurate and within what you actually own.
Trademark, UDRP & URS — for the domain name
When the problem is the name — yourbrand-login.com, a homoglyph lookalike, a confusing cousin domain — that's a trademark matter, not copyright.
- A registrar trademark complaint can act on clear infringement.
- A UDRP complaint can get the domain transferred to you (or cancelled) — you end up owning the name. It requires a trademark and resolves in roughly two months.
- URS is the faster, cheaper track for clear-cut cases on new gTLDs, but it only suspends the domain rather than transferring it.
A registered trademark is the key that unlocks all three, plus platform IP forms.
Registrar & host abuse reports — for active phishing/malware
When a lookalike is actively harvesting credentials or serving malware, speed beats ownership. A registrar or hosting abuse report that leads with "active phishing" is usually the fastest disruption available — ICANN obligates accredited registrars to act on DNS abuse, and hosts can pull the content within hours. Pair it with a Google Safe Browsing report to warn users immediately.
This route needs no trademark and no copyright claim — just evidence of the abuse.
How to choose
- Is a site copying your content (images/text/code)? → DMCA to the host/platform.
- Is a live page phishing or serving malware? → registrar + host abuse report (lead with phishing) + Safe Browsing. Fastest path.
- Do you need to own or kill the impersonating domain name? → UDRP (transfer) or URS (fast suspension, new gTLDs).
- Several at once? File in parallel — kill the live page now via the host, pursue the name via UDRP.
Lead with the strongest, fastest claim the facts support. Active phishing moves faster than a trademark argument at a registrar, and DMCA won't touch the domain name at all.
Where Brandfence fits
Choosing and routing the right notice — with the evidence each one needs — is the slow part. Brandfence resolves the registrar, host, and abuse contact via RDAP, packages the evidence (screenshot, DOM, certificate, hosting unmask), drafts the correctly-routed notice, and puts a human signature on every takedown before it's sent. Get a free brand exposure report.