Note: This page is provided for general information only and is designed to help you learn more about caniphish.com (operated by CanIPhish) and our security awareness offerings.
CanIPhish is not a law firm, and the information here should not be taken as legal advice. It may not reflect the most current developments and is subject to change without notice. Our representatives are not lawyers and do not offer legal counsel. If you require legal guidance, we strongly recommend seeking advice from a qualified lawyer. No confidential relationship is created or implied between you and CanIPhish or any of our representatives.
The misconception
Using another company’s logo (or similar branding) in a simulated phishing exercise will automatically expose customers to trademark or copyright liability.
The reality
The main question in a trademark infringement case is whether there is any confusion among consumers about who is providing a particular product or service. When CanIPhish customers include someone else’s logo (or similar branding) in a simulated phishing email, it is done in a way that does not mislead individuals into believing those goods or services originate from, are related to, or are endorsed by the company whose logo is displayed. CanIPhish customers are not branding goods or services with another company’s logo; rather, they are conducting security awareness training.
Any chance of confusion is addressed through a dedicated landing page and/or accompanying educational video that appears at the end of a simulated phishing test, reminding participants to be vigilant against phishing attempts. CanIPhish provides sample text on its “Oops! That was a phishing website!” landing page, making it clear that any third-party logo (or similar branding) is used solely for illustrative or educational purposes and that there is no affiliation or relationship between the logo owner and CanIPhish or CanIPhish’s customers. It is important not to remove this disclaimer when customizing landing pages.
From a copyright perspective, using a third-party logo (or similar branding) in a simulated phishing email serves a transformative purpose aimed at security awareness and public education on how to recognize and avoid phishing scams. The logo (or similar branding) is employed differently (not for offering or selling goods or services) and is directed toward educating users. Because this educational use does not undermine the copyright owner’s market or otherwise harm their interests, it generally qualifies as fair use under applicable laws in Australia and globally.
Comments
0 comments
Please sign in to leave a comment.