A new kind of brand risk is showing up in plain sight, and it doesn't come with the usual signals. The string .interpublic exists as an onchain top-level domain registered on Freename, a Web3 alternative DNS registry that sits outside ICANN's system. That matters because the checks many brand teams rely on, search results, registrar lookups, and classic WHOIS, often won't surface anything useful in this context.

For TLDs Observer, The Record, the point isn't novelty, it's visibility. When a TLD lives onchain, the absence of Google results or a standard WHOIS record is normal, and it doesn't mean the name is unregistered. Instead, ownership and status are typically confirmed through the Freename Whois and publicly available blockchain data.

In the case of .interpublic, those records indicate it's currently held by an independent onchain investor (a private wallet identified via the Freename Whois), not Interpublic Group (IPG) itself. That creates a familiar problem in an unfamiliar place: a brand-matching "dot" exists outside the company's control, yet it can still be seen, shared, and potentially used in ways that look official to non-experts. What happens when clients, job seekers, or partners see a familiar brand ending in a new dot that the company does not run?

This is the Web3 brand protection gap in its simplest form. Traditional controls like trademark monitoring and DNS enforcement don't always map cleanly onto onchain registries, even when the brand at issue belongs to a major marketing holding company with deep experience managing identity and trust.

What IPG is, and why a naming gap is a business risk (not a crypto curiosity)

Interpublic Group (IPG) is a global marketing services holding company with major agency networks and specialist firms across media, creative, PR, experiential, and data. That scale is the point. When a name as recognizable as "Interpublic" appears as a top-level domain on Freename (outside ICANN), the risk is not that Web3 is weird. The risk is that people trust names faster than they verify systems.

A naming gap happens when a brand-matching "dot" exists outside the company's control, yet still looks official to everyday audiences. Traditional domain workflows often assume ICANN rails, standard registrar records, and familiar dispute paths. Onchain TLDs don't always fit those assumptions, so brand governance can lag behind visibility.

In brand security, the most expensive incidents often start as a small moment of confusion.

IPG's brand surface area is huge, so attackers only need one convincing address

Brand surface area is simply the total set of places where a company's name shows up, and the number of audiences trained to trust it. For a holding company like IPG, that surface area isn't just a corporate homepage. It includes dozens of well-known agency names, plus the short-lived sites that pop up around campaigns, awards, and new business.

Think of the routine pages people expect to find and use:

• Agency network sites (for example, creative and media agencies under the group umbrella)
• Campaign microsites (product launches, event activations, regional promos)
• Investor relations (earnings materials, press releases, governance pages)
• Careers and recruiting (job listings, interview scheduling, onboarding forms)
• Vendor portals (AP, invoicing instructions, SOWs, file transfer links)

Attackers don't need to control many of these touchpoints. One convincing domain, or even one subdomain, can be enough to start a fraud chain. A look-alike address can support common plays like phishing for credentials, changing bank details on an invoice, or impersonating HR to target job seekers. None of that requires breaking into IPG's systems. It only requires a believable destination and the right pretext.

This is why the existence of a brand-matching onchain TLD matters. Even if most people never type it, they may still click it in a message, scan it on a document, or see it in a browser bar and assume it is part of the corporate web footprint.

A holding company brand has two audiences, the public and the enterprise supply chain

A holding company brand carries trust with the general public, but the higher-stakes audience is the enterprise supply chain. That includes procurement teams approving new vendors, finance staff processing payments, creative partners exchanging files, and freelancers moving fast across multiple client accounts.

In that environment, trust is often practical, not philosophical. People rely on signals that save time:

• Does the email address match the brand?
• Does the link "look right" at a glance?
• Does the request fit a normal business process?

Business email compromise and vendor payment fraud stay common threats because they exploit routine. The message often sounds like normal operations: updated remittance details, a revised invoice, a new portal, a late-stage payment request. A believable domain ending can reduce skepticism, especially when the recipient is juggling deadlines and approvals.

Here's the uncomfortable question that belongs in every risk review: How many external partners verify a wallet address or onchain ownership before clicking a link that "looks official"? Most won't, and they shouldn't have to. That is the point of brand governance.

When a brand-matching TLD sits outside the company's control on a separate naming system, it can create a gray zone. Some recipients will treat it as official by default. Others will be unsure, which still causes harm through delays, escalations, and broken workflows. Either way, the cost shows up in time, incident response, and strained partner relationships.

The Omnicom merger context raises the cost of identity confusion

Public reporting has described the Omnicom and IPG merger as closing in late 2025, followed by integration work and organizational change. Any integration period increases identity risk because so much is in motion at once. People expect new names, new org charts, new systems, and new URLs, so they become more tolerant of "this is the new portal" messages.

During a merger integration, normal friction points multiply:

• Vendor onboarding and payment processes get reworked.
• Legacy tools migrate, and login flows change.
• Leadership and team pages update, sometimes across many properties.
• Agency portfolios get renamed, consolidated, or redirected.

Attackers often exploit change because it provides cover for unusual requests. That is risk logic, not a claim about any specific abuse. When staff and partners expect disruption, they also expect exceptions, and exceptions are where fraud hides.

For brand protection, this is why governance matters right now. The practical question is not whether an onchain TLD is mainstream. The question is whether it can be mistaken as part of the official web identity during a period when "official" is being redefined in real time.

How Freename onchain TLDs work, and why classic domain playbooks don't fit

Freename TLDs sit outside the ICANN system that most brand teams know. That single fact breaks a lot of muscle memory. You won't always find a registrar account to subpoena, a standard WHOIS record to pull, or a familiar dispute path to start.

Instead, an onchain TLD behaves more like a transferable digital asset with public breadcrumbs. Ownership, changes, and many records can be checked through Freename's own tools and public blockchain data. That transparency helps investigators, but it also changes how enforcement and recovery work in practice.

Minting turns a name into a wallet-controlled asset, and that changes enforcement

On Freename, "minting" is the step where a purchased name becomes an NFT (a unique digital item) recorded on a blockchain. Before minting, a platform account may look like the control point. After minting, the controlling wallet becomes the control point.

NFT ownership here is simple in effect: whoever controls the wallet that holds the NFT controls the TLD. If the wallet sends the NFT to another wallet, control moves with it. That transfer can happen quickly, and it can happen without asking permission from a registrar in the way brand teams expect with classic DNS.

This is where the usual recovery playbook starts to fail. With an ICANN domain, a registrar can often lock a name, reverse a change, or restore access after account compromise. With a wallet-controlled NFT, there may be no practical rollback. Even when a platform wants to help, it might not be able to reverse an onchain transfer, because the blockchain record is meant to be permanent.

Two implications matter for enforcement:

• Speed matters more: once a transfer happens, the name can move again, just like other crypto assets.
• Control is technical, not contractual: legal rights and practical control can diverge if the asset has already moved.

For investigators, the key shift is this: post-mint, you're often tracking asset custody, not registrar account access.

Freename Whois and public chain data are the new paper trail

Onchain TLDs still have a "Whois," but it's not the classic registrar directory. A Web3-style Whois generally shows enough to answer the operational questions brand teams actually have, such as which wallet currently holds the TLD, which chain it's on, and what onchain records are set (for example, pointers that can relate to websites, apps, or payment addresses).

That's why reporting around .interpublic relies on Freename's Whois plus publicly available blockchain data. The holder can be described as a private wallet identified via the Freename Whois, without implying a real-world identity.

Public blockchain explorers then act like the audit log. They can confirm:

• When the NFT was minted (the mint transaction).
• Whether it was transferred, and when.
• Which contract governs the asset (the smart contract address).
• Whether the holding wallet shows related activity that suggests active use (without guessing who is behind it).

A careful cross-check usually follows a simple pattern:

1. Start with Freename Whois to capture the current wallet, chain, and any visible records.
2. Confirm the contract address and token details associated with the TLD on that chain.
3. Verify timestamps across events, minting, transfers, and record updates, to build a clean sequence.
4. Review wallet activity context for patterns (for example, repeated NFT transfers), while keeping conclusions narrow.

The result is a defensible timeline. It won't tell you who the wallet belongs to, but it can show what happened, when it happened, and what the current state is.

Resolution is optional, so a quiet TLD can still be a live risk

A Freename TLD can exist and change hands even if it doesn't "resolve" in a normal browser the way .com does. In other words, lack of browser behavior is not proof of inactivity. Some users reach these names through Web3-enabled apps, wallet prompts, or extensions, and those paths don't always look like traditional web navigation.

That's why a brand-matching TLD can create risk even when it seems quiet. It can still appear in places where people make fast trust decisions: screenshots in pitch decks, QR codes on event signage, wallet payment prompts, social posts, or in-app links inside Web3-enabled browsers and communities. If a user sees something.interpublic in a message thread, can they tell the difference at a glance between an official corporate domain and a third-party onchain name?

From a brand protection view, this shifts the question. The issue is not only "does it load in Chrome." The issue is whether the string can carry implied affiliation in high-speed contexts, especially when recipients already expect new portals, new payment flows, or new recruiting links during periods of corporate change.

The Web3 brand protection gap, what .interpublic exposes at a glance

The simplest way to understand the Web3 brand protection gap is to look at what a brand-matching onchain TLD makes possible, even before anyone builds a real site on it. With .interpublic registered on Freename (outside ICANN) and held by an independent onchain investor (as identified through the Freename Whois and public blockchain data), the risk isn't abstract. It's about how quickly a familiar brand pattern can show up in places where people make fast trust calls.

In classic DNS, brand teams know the terrain. In onchain naming, the terrain still exists, but the signposts change. That mismatch creates three practical risks: impersonation, reputational drift, and defensive spending that arrives late, and usually costs more.

The first risk is impersonation, because subdomains can look official fast

People don't read URLs the way security teams do. They scan for familiar structure and move on. That's why subdomains work as a trust shortcut. When a web address starts with something that looks like a department or function, many readers assume the rest is legitimate.

Common corporate patterns train that instinct over years, for example:

• billing. for invoices and payment updates
• careers. for recruiting and job applications
• investors. for earnings releases and governance material
• login. or sso. for access to portals
• support. for tickets and account changes

Once an onchain TLD exists, those patterns can appear under it and still look "normal" at a glance. The danger isn't that everyone will be fooled. It's that enough people will be fooled, especially in high-volume workflows like vendor payments, recruiting, or partner onboarding.

Email-like contexts make this worse. Most phishing doesn't need a perfect replica of a corporate site. It needs a plausible destination and a reason to hurry. A link that looks like a routine internal function can lower a recipient's guard, even if they've never heard of Freename and don't know the difference between ICANN DNS and onchain naming.

A login page adds another layer of risk because it asks for something users already expect to give. Credentials, multi-factor prompts, and "verify your account" flows feel ordinary now. Put that on a believable address, and it can pass the quick test many people apply, which is, "Does this look like the usual format?"

Impersonation doesn't require technical magic. It mostly requires a believable pattern, timed around a believable request.

For a holding company brand, the human factor matters most. Employees, vendors, freelancers, and job seekers all sit outside the core security perimeter. They still respond to messages that look like standard operations, especially when the sender claims urgency or authority.

The second risk is reputational drift, because "dot brand" expectations are changing

The public learned to trust brand domains slowly. First, it was the move from random URLs to consistent corporate domains. Later, it was the push for secure browsing and familiar patterns like "go to the official site." Over time, many audiences picked up a simple rule: the company's name in the address equals the company.

That rule breaks down in Web3 naming, because there isn't one shared namespace. There are many endings, many platforms, and many ways to present an address in a screenshot, a slide deck, or a message. Even careful readers can't easily tell which names a company controls, and which names sit with a third party.

This is where reputational drift sets in. The brand starts to feel "spread out" across multiple dots, even if the company only operates on one. Confusion becomes a background noise, then a story angle, then a governance question.

Midway through any incident, perception matters as much as technical truth. Ask yourself, what does a reporter or regulator assume when they see a brand name after a dot? Most will assume the company approved it, or at least had the chance to prevent it.

That assumption creates friction in places that are hard to measure but easy to feel:

• A procurement team pauses because a portal link looks unfamiliar.
• A journalist includes a questionable domain in a screenshot, then issues a correction.
• A partner asks legal to confirm "this new site," slowing down work.
• A social post spreads an address that looks official, then lingers in search and chat logs.

In the ICANN world, "dot brand" programs, corporate domains, and long-standing enforcement norms created a baseline expectation. In the onchain world, the baseline is still forming. Until it forms, brand names after a dot can carry implied affiliation that the company didn't choose.

For IPG, that's the gap that matters. If .interpublic remains outside IPG control, the brand's web identity can appear to extend into a space where the company may have limited policy tools. Even when nothing bad happens, the brand still absorbs the cost of uncertainty.

The third risk is defensive spending, because recovery can cost more than early action

Brand protection budgets tend to reward visible work, like campaigns, product launches, and core domain hygiene. Onchain naming can slip through because it doesn't look like a standard registrar problem. Then an incident arrives, and the costs stack up across teams that rarely budget for the same event.

The spending usually lands in predictable buckets:

• Monitoring: tracking brand-matching onchain TLDs and related names, plus watching for changes in records or public promotion.
• Legal review: assessing trademark posture, platform terms, jurisdiction limits, and what "control" means when a name is wallet-held.
• Incident response: triage, investigation, coordination with security, and documenting what happened for stakeholders.
• Customer support: handling inbound confusion, complaints, and remediation requests, sometimes at high volume.
• PR containment: correcting the record, guiding partners, and reducing repeat sharing of suspect links.
• Potential buyback: exploring whether a negotiated purchase is cheaper than a long dispute, especially if a name changes hands quickly.

None of these categories require a worst-case scenario. Even a small wave of confusion can trigger internal escalation. The time cost alone adds up, because leadership wants answers fast when the brand sits in the headline.

Early action often looks boring by comparison. Registering key onchain names, setting internal policy, and documenting what the company does and doesn't control can cost less than a later scramble. That can be true even if the company never plans to "use" the name, because the value is defensive. You're paying to reduce ambiguity, not to launch a site.

The practical lesson from .interpublic is that onchain naming changes the timing of brand risk. You can't wait for search visibility, a registrar notice, or a classic WHOIS trail to tell you something exists. By the time a confusing address circulates, the expensive part of the work has already started.

What trademark law can and can't do for onchain domains in 2026

Trademark law still anchors brand enforcement, even when a name lives onchain. The problem is that trademarks don't control the rails of an onchain registry the way they can influence outcomes in ICANN's DNS. With Freename TLDs, ownership can be verified through the Freename Whois and public blockchain data, but the usual "file, wait, transfer" rhythm often breaks.

So what does trademark law actually give you in 2026? It gives you claims and pressure points, not automatic switches. You can document confusion, send demands, and build a case for platform action or court relief. However, if your team expects a predictable takedown path, a Web3 namespace can turn that expectation into delay.

Why UDRP instincts can mislead teams when the registry sits outside ICANN

UDRP (the Uniform Domain-Name Dispute-Resolution Policy) is the standard shortcut brand teams know for many ICANN domains. At a high level, it's an arbitration-style process that lets a trademark owner argue, "This domain matches my mark, the registrant lacks legitimate rights, and they registered it in bad faith." If the panel agrees, the remedy is narrow but powerful: transfer or cancellation. No damages, no discovery, no drawn-out trial.

That muscle memory can backfire when a TLD sits outside ICANN, as Freename onchain TLDs do. If there's no UDRP hook, then there's no default venue, no standard timeline, and no registrar obligation to implement a panel's order. In other words, the brand claim may be strong, yet the enforcement channel may be weak.

The practical result shows up inside companies as a false sense of speed. Someone spots a brand-matching onchain TLD and asks, "Can we UDRP it?" That question assumes a shared rulebook. If your team moves forward on that assumption, you lose the one thing that matters most in asset systems: time.

A useful way to frame it for non-lawyers is this: UDRP is like calling building security in a tower you lease in. Freename onchain TLDs can feel more like a deed recorded off-site. Your rights may still exist, but the doorman doesn't work for you.

Gotcha: A trademark can support enforcement arguments, but it doesn't guarantee a rapid takedown when the naming system doesn't recognize UDRP.

For IPG and .interpublic, that gap matters because the name's existence is verifiable (through Freename Whois and chain records), yet the fastest familiar remedy may not be available.

Bad faith is hard to prove, so documentation and timing matter

"Bad faith" is the hinge in most domain disputes. In plain terms, it usually means the registrant targeted the brand on purpose, for example to sell it back, divert traffic, impersonate the company, or create confusion for profit. In ICANN disputes, panels infer intent from patterns like a famous mark, a matching domain, and no credible legitimate use.

Onchain domains complicate that inference because the actor is often a wallet, not a person. A pseudonymous wallet can register, hold, and transfer a Freename TLD without a public identity. That doesn't make enforcement impossible, but it does raise the burden on proof and narrative. If you can't tie the behavior to a real party, you end up arguing from circumstantial facts, and timing becomes part of the story.

That's why record-keeping is not busywork here. It's the case. The goal is to preserve what you saw at a specific moment, because onchain assets can move quickly and display data can change.

Keep a tight evidence packet that's easy to hand to outside counsel, internal security, or a platform team:

• Screenshots of the Freename Whois output for the TLD (capturing the wallet, status, and any visible records).
• Transaction records from the relevant blockchain explorer (minting, transfers, and record updates tied to the asset).
• Resolution evidence, if any (what a user sees in Web3-enabled contexts, including redirects, hosted content, or wallet prompts).
• Timeline notes written like an incident log (who observed it, when, what changed, and what triggered concern).

Ask one question early, because it changes your posture midstream: are you documenting a potential negotiation, or building toward a formal claim? A negotiation file prioritizes clarity and credibility. A litigation file anticipates pushback on authenticity and dates.

In onchain disputes, the cleanest timeline often matters more than the loudest allegation.

For brand teams, the safest habit is simple: capture first, interpret second. Once the asset transfers again, you can't go back and screenshot yesterday.

When platforms, courts, and contracts intersect, who has jurisdiction?

Onchain naming forces legal teams into a cross-border mindset even when the business issue looks local. The company operates globally, the audience sits everywhere, and the wallet does not come stamped with a country. Meanwhile, platforms involved in the ecosystem, registries, marketplaces, hosting providers, social networks, each run their own rules and escalation paths.

So where do you "file" something? The answer depends on what outcome you want.

If your goal is to stop distribution or reduce visibility, platform policy can matter more than a courtroom. A marketplace may delist a listing. A social platform may remove posts that impersonate a brand. A browser or wallet interface may warn users, even if it can't change ownership. Those actions won't transfer the TLD, but they can reduce harm quickly.

If your goal is control of the asset, courts and contracts enter the picture. Yet jurisdiction gets messy fast. Which country's court can order which party to do what, when the asset sits on a blockchain and the holder is a private wallet identified through the Freename Whois? Even when a court asserts authority over a person or a company, it may not be able to compel a blockchain state change. That gap often turns "win" into "win on paper."

As a result, many teams adopt a blended approach:

• Platform policy to limit active misuse and cut off distribution channels.
• Negotiation to explore transfer or settlement when it's cheaper than prolonged conflict.
• Risk-based decisions about escalation, based on evidence of confusion, fraud, or reputational harm.

A helpful internal framing is to separate three questions that often get mixed together: Who owns it today? Who can change what users see? Who can be compelled to act? Onchain domains can split those answers across different parties. That's why jurisdiction feels less like a map and more like a chain of custody, with policies and contracts as the handoffs.

A practical playbook for IPG, and any enterprise facing onchain TLD exposure

When a brand-matching onchain TLD exists outside ICANN, the right response looks less like a one-off legal fire drill and more like operational hygiene. The goal is simple: reduce confusion, reduce fraud paths, and make internal decisions faster when the next alert hits.

This playbook assumes one reality that trips up even seasoned teams: the absence of search results or classic WHOIS data can be normal in Web3 naming. For Freename TLDs, you validate state through the Freename Whois and public blockchain data, then you act based on risk, not on familiarity.

Start with a naming inventory, then map what you actually need to control

Begin with an inventory that reflects how people get tricked in the real world. Don't start with every trademark filing, start with the names that show up in invoices, recruiting emails, and client workstreams. Then connect each name to an audience and a likely abuse path.

At minimum, inventory:

• Core corporate marks: Interpublic, IPG, "Interpublic Group", and common abbreviations used in signatures and slide decks.
• Major agency brands: the networks and flagship agencies that clients and talent already trust.
• Common misspellings and spacing variants: the "looks right at a glance" set, especially ones that survive spellcheck.
• Executive and leader names used in scams: names that appear in press releases and earnings calls, plus common short forms used internally.
• High-risk functions: payroll, procurement, accounts payable, treasury, recruiting, IT helpdesk, SSO, and vendor onboarding.

Next, rank what matters. A clean way to do it is a two-axis score:

1. Risk (harm potential): Can this name plausibly support money movement, credential theft, or data access?
2. Audience exposure: Who will see it, clients, candidates, vendors, or only employees?

A payroll look-alike aimed at employees often outranks a niche campaign brand, because the "ask" is predictable and the payoff is immediate. Meanwhile, a procurement-themed name may matter most during merger integration, when partners expect process changes and new portals.

Treat naming like perimeter mapping. You're not protecting a logo, you're protecting the workflows that sit behind it.

Set monitoring for onchain TLDs and wallet activity, not just web traffic

Classic web monitoring focuses on what resolves in browsers and what ranks in search. Onchain TLD exposure needs different tripwires because activity can start before a site ever looks "live" to most users. The safest posture watches both name events and wallet behavior tied to the onchain asset.

Useful monitoring signals include:

• New mints of brand-matching strings or close variants on Freename.
• Transfers of a brand-matching TLD between wallets, especially rapid hops that look like laundering custody.
• Changes to onchain records associated with the TLD (for example, updates that could point users to content, redirects, or payment endpoints).
• Sudden creation of many subdomains under a single onchain TLD, which can signal phishing kit setup or spray-and-pray targeting.
• Look-alike TLD purchases that cluster around the same theme (for example, corporate name plus finance or HR terms), which can indicate a coordinated play.

Operationally, set an escalation path before the first incident. Brand teams often see the signal first, security teams own response, and legal teams control outreach language. If nobody owns the inbox, alerts become background noise.

Assign:

• Primary owner: usually brand protection or corporate security, accountable for triage and routing.
• Backup owner: a second team in a different time zone or function, to prevent weekend gaps.
• Response SLA: a simple internal standard (same day for high-risk functions like payroll and procurement).
• Evidence capture: a repeatable snapshot process using Freename Whois output and the relevant blockchain explorer views, stored in a shared case folder.

The key is to treat the wallet like the registrar account in traditional DNS. If the wallet moves the asset, the situation changes, even if the public can't "see" a new website yet.

Decide your stance early, acquire, coexist with guardrails, or prepare enforcement

When a brand-matching onchain TLD is held by an independent onchain investor (as verified through Freename Whois and public blockchain data), delay sends a signal even if you never meant to send one. Internally, silence often means "we haven't decided." Externally, silence can look like consent, confusion, or disorganization.

A practical decision framework has three lanes:

1. Acquire (buy and control)
   Choose this when the string is a primary corporate identifier, when misuse would plausibly impact payments or hiring, or when the TLD could become a recurring distraction. Start with calm outreach, then move to structured negotiation if the holder engages. Keep security and legal aligned on what you will not do (for example, never paying to "validate" a wallet).
2. Coexist with guardrails (contain the blast radius)
   Choose this when the risk is moderate and you can reduce confusion without owning the asset. Guardrails include public clarification, internal blocking guidance, partner communications, and tighter approval rules for any Web3-related naming or wallets. Ask yourselves midstream, what message does the company want to send to clients about Web3 identity, curiosity, caution, or a clear "not us" boundary?
3. Prepare enforcement (document, warn, and be ready)
   Choose this when you see impersonation, fraud indicators, or repeated attempts to create confusion. Build an evidence packet early, capture changes over time, and draft notices that focus on user harm and trademark rights without overclaiming technical control. Enforcement also includes platform-level requests (for visibility and distribution) even if asset transfer is uncertain.

No matter the lane, plan communications. The best time to write your public language is before someone forwards a suspicious link into a client thread. One paragraph of clear guidance can save days of incident response later.

Close the human gap with clear public guidance for clients, talent, and vendors

Most brand damage in naming incidents doesn't come from the chain. It comes from people doing normal work, quickly. A vendor approves a bank change, a candidate shares documents, a freelancer clicks a portal link, all because the address looked familiar.

Publish a simple "how to verify" page on the official corporate site. Write it in plain language and keep it stable so teams can reference it without hunting. Make it useful in under a minute.

Include:

• Approved domains: your official ICANN domains, plus any approved Freename or other Web3 names if you actively use them.
• Approved wallet addresses (if any): only if the company truly accepts onchain payments or uses wallets publicly, otherwise say you don't.
• Payment warnings: state how the company handles invoices and bank changes, and the one or two steps vendors must take before sending money.
• Recruiting warnings: list the only channels used for interviews and offers, and confirm you never ask for upfront payments or "verification fees."
• Reporting path: a single email address and a short subject-line format for suspected impersonation reports.

Also tighten the basics of email trust, because many scams start there. You don't need a deep technical explainer, just a clear commitment that your domains use standard authentication controls like SPF, DKIM, and DMARC, and that partners should treat failures as a red flag.

One final rule belongs on the page because it prevents repeat victims: don't ask readers to click unknown links to "check" anything. Tell them to type your official domain directly, then navigate from there, or to contact known points of contact using saved details. That one habit breaks most impersonation chains.

Conclusion

.interpublic shows the Web3 brand protection gap in a clean, testable way. Onchain TLDs create a parallel naming layer outside ICANN, and many enterprise controls still focus on classic DNS, registrar accounts, and standard WHOIS. In that setting, the absence of search results or a traditional WHOIS trail doesn't mean a name is unregistered, it often means you are looking in the wrong place.

For this story, the Freename Whois and publicly available blockchain data indicate that .interpublic is registered on Freename and held by an independent onchain investor (a private wallet identified via the Freename Whois), not Interpublic Group itself. That single fact raises governance questions for IPG, even if the TLD does not resolve in a mainstream browser today. What should employees, vendors, job seekers, and clients assume when they see a familiar corporate name after a dot, especially when onchain ownership can change hands quickly and quietly?

The takeaway is simple, brand safety programs that ignore onchain naming leave a measurable gap. IPG does not need to "go Web3" to manage it; it needs clarity. Treat onchain naming as part of identity risk, assign a single owner across brand, security, and legal, write down what the company does and doesn't control, and set continuous monitoring for mints, transfers, and record changes. Thanks for reading, if your organization has not mapped its onchain exposure yet, now is the low-cost moment to do it.