Domain name scams

From Wikipedia, the free encyclopedia
  (Redirected from Domain slamming)
Jump to: navigation, search

Domain name scams are types of Intellectual property scams or confidence scams in which unscrupulous domain name registrars attempt to generate revenue by tricking businesses into buying, listing or converting a domain name. The Office of Fair Trading has outlined two types of domain name scams which are "Domain name registration scams" and "Domain name renewal scams".[1][2]

Domain slamming[edit]

Example of Domain Slamming phishing email by Network Solutions.png

Domain slamming (also known as unauthorized transfers or domain name registration scams) is a scam in which the offending domain name registrar attempts to trick domain owners into switching from their existing registrar to theirs, under the pretense that the customer is simply renewing their subscription to their current register. The image on the right shows the initial domain slamming phishing email sent by Network Solutions to OpenSRS customers. The term derives from telephone slamming.

Prevention[edit]

In 2004, ICANN, the domain name governing body, made changes to its policy for transferring domains between registrars. They introduced a single protective measure that can help prevent unauthorized transfers: domain locking. Critics, although advising owners to apply the new feature, said that this was an "unnecessary and customer-unfriendly change".[3][4]

Fake trademark protection[edit]

Although less common than domain slamming, another domain name scam primarily coming from registrars based in China involves sending domain owners an e-mail claiming that another company has just attempted to register a number of domains with them which contain the targeted domain owner's trademark or has many keyword similarities to their existing domain name. Often, these domains will be the same as the one(s) owned by the targeted individual but with different TLDs (top-level domains). The scammer will claim to have halted the bulk registration in order to protect the targeted individual's intellectual property, and if the email recipient doesn't recognize the entity attempting to register these domain names, that they should respond immediately to protect their trademark. If the scam target does respond by email or by phone, the scammer will then try to get them to register these domain names for several years upfront with the registrar running this scam.[5]

Other variations of this type of scam include registrars that target their own existing customers with similar made-up threats of another entity trying to register the same domain as theirs under different TLDs. As well, some domainers are known to search for available TLDs for already registered domains, then emailing the owner of the registered domain and offering to sell the unregistered variations to him/her for a marked up amount. If the target agrees to the deal, the domainer will then purchase the domains on the spot for the regular $7~20 registration fee and immediately sell it back to the victim for a few hundred dollars.

Timeline[edit]

This section outlines reported domain scams as a timeline of events, showing how they have evolved, the companies involved and the outcome of complaints.

  • In 2001, the federal Competition Bureau (of Canada) issued a warning about documents that appeared to be invoices sent out by a business called the "Internet Registry of Canada".[6]
    • "Complaints received by the Competition Bureau indicate that the mailings from the 'Internet Registry of Canada' give the impression that it is affiliated with the Government of Canada or that it is an officially sanctioned agency registering domain names in Canada. The 'Internet Registry of Canada' is not associated with any government agency," the Competition Bureau advisory stated.[7]
  • VeriSign was sued in 2002 for their actions in sending ambiguous emails informing people, often incorrectly, that their domain was about to expire and inviting them to click on a link to renew it. Renewing the domain resulted in the registration company being transferred to VeriSign from the previous registrar.[8]
  • In March 2002, the FTC shut down "TLD Network Ltd", "Quantum Management (GB) Ltd.", "TBS Industries Ltd." of London, England for selling bogus domain names ".USA", ".BRIT", which they deceptively marketed as usable suffixes.[9]
  • In April 2002, the FTC charged National Domain Name Registry, Electronic Domain Name Monitoring, Corporate Domain Name Monitoring, and owner Darren J. Morgenstern, founder of the adult infidelity website Ashley Madison, with making false and misleading statements to domain name holders whereby they duped consumers into needlessly registering variations of their existing domain names by deceptively contending that third parties were about to claim them.[10]
  • On 2 July 2002, the "Domain Registry" served papers against Canada-based domain registrar Tucows Inc for alleged defamation and sought $21 m in damages.[11][12] Tucows later said: "The Company (Tucows) does not believe it will be liable for any damages and accordingly has not accrued any amounts at June 30, 2002."[13]
  • In 2002, Register.com sued Domain Registry of America (aka "Domain Renewal Group"), claiming the company illegally lured away thousands of customers by tricking them into transferring their domains.[14]
  • In 2002, the UK Advertising Watchdog Authority (ASA) slammed Domain Registry of Europe over similar mail shots.[15][16]
    • In response to this, Alan Freeman, Relations Manager for DRoE, said that the company - which also trades as Domain Registry of America and Domain Registry of Canada - had registered 1.1 million domains for customers and was registering between 5,000 and 7,000 new domains a day.[11]
  • In 2003, Dutch hosting provider Deinternetman pondered legal action against Domain Registry of Europe for sending their customers letters urging them to renew their domain contracts.[17]
  • In 2003, VeriSign was found not to have broken the law but were barred from suggesting that a domain was about to expire or that a transfer was actually a renewal.[18]
  • In 2003, the Federal Trade Commission reached a settlement with the Domain Registry of America for practices such as transferring domain registrations to their service under the guise of domain renewal, a practice known as domain slamming, and having hidden fees.[19][20][21][22]
  • In July 2004, Daniel Klemann and 1480455 Ontario Incorporated, operating as Internet Registry of Canada (IROC), was sentenced to a $40,000 fine and a five-year prohibition order for deceptive Internet domain name renewal mailouts that targeted 73,000 businesses and non-profit organizations across Canada.[23]
  • In April 2005, the Australian Competition & Consumer Commission warns of a domain name renewal scam where domain name holders have received a letter that looks like an invoice for the registration or renewal of a domain name, where the domain name in question is very similar to your actual domain name except has a different ending, for example it will end in “.net.au” instead of “.com” [24]
  • In March 2006, Consumer Fraud Reporting reports about a company called “Domain Listing Service” sending out emails to domain name holders that look like a bill to register/renew their domain name listing a “final notice”.[25]
  • In 2006, reports appeared from New Zealand that Blair Rafferty had resurrected his bankrupt brother Chesley's domain name service, "domain slamming" New Zealand and Australian registrants.[26]
  • In 2007, a company known as "Domain Renewal SA" operating from Brussels was sending out emails that told you that you need to renew your domain.[27]
  • In August 2007, the Internet Centre reports of a wave of emails originating from China from “Asian Domain Registration Service”, implying that a domain name will be lost, or all Asian TLDs of the domain name will be taken away shortly by a foreign company. The Internet Centre has found no indication that any of these are valid, and in fact they appear to be a scam [28]
  • In 2007, it was reported that a company under the name of Liberty Names of America (or Liberty names of America Inc., also referred to as "Lnoa Inc." or "Lnoa.com") too has been sending out "Domain Name Expiration Notices", which one expert said is "not exactly domain name slamming. But it is sleazy marketing."[29]
  • In March 2008, PC News Digest reports “Network Solutions Scam”. When searching on the Network Solutions website to see if a name was available for registration, Network Solutions was actually registering the name and then attempting to sell that name at an inflated price.[30]
  • In 2008, ICANN said: "we are aware of accredited registrars in North America with officers that have been convicted of mail fraud, that continue to be associated with the deceptive marketing practices employed by the Domain Registry of America. We do not consider this an acceptable situation. Accreditation processes must be reviewed, and that review must be released for public scrutiny".[31]
  • In 2009, ASA released an adjudication on Domain Registry of America t/a Domain Renewal Group.[32]
  • As of 2010, the company mailing as DROA, French Internet Registry, Domain Renewal Group or Company Directory, is doing so in order to achieve domain slamming.[33] McAfee Labs also reports that the domain slamming solicitations continue.[34]
  • In September 2010, Brandon Gray Internet Services Inc. had its licence with the authority responsible for Canada's .ca domain names, Canadian Internet Registration Authority terminated as a result of domain slamming carried out under the name of Domain Registry of Canada.[35][36] The officer registered with the Ontario government for Brandon Gray Internet Services is Marilyn Benlolo.[37]
  • In August 2010, the FTC charged Internet Listing Service with sending fake invoices to small business and others listing the existing domain name of the consumers Website or a slight variation on the domain name.[38]
  • On March 31, 2011, the law office of Ostrolenk Faber LLP warned about Trademark and Domain Name Scams where its clients received fake warnings of usurpers of internet domain names. Clients were allegedly receiving phony "Trademark Office Notices" from the "United States Trademark Agency" [39]
  • In July 2014, ICANN suspended Brandon Gray Internet Services (including its various resellers, like Domain Registry of America and Namejuice.com) for subjecting domain name holders to false advertising, deceptive practices, or deceptive notices.[40]

References[edit]

  1. ^ "Domain name scams". Types of business scams. Office of Fair Trading. Retrieved 27 July 2011. 
  2. ^ Richardson, Tim (12 July 2002). "Three domain name scams". The Register. Retrieved 27 July 2011. 
  3. ^ Rohde, Laura (November 12, 2004). "ICANN domain transfer policy takes effect". InfoWorld. Retrieved 22 July 2011. 
  4. ^ Lake, Matt (November 22, 2004). "Why it's easier than ever to lose your domain". CNET. Retrieved 22 July 2011. 
  5. ^ Lev, Amir (2009-12-09). "Beware Domain Registration Scams". PCWorld Communications, Inc. Retrieved 2012-05-04. 
  6. ^ MARRON, KEVIN (Nov 6, 2002). "'Domain slamming' surfaces on the Web". The Globe and Mail. Retrieved 12 July 2011. 
  7. ^ Charles, Bergeron. "Competition Bureau Issues Warning to Canadians about Misleading Mailings for Internet Domain Name Registrations". Competition Bureau. 
  8. ^ TheRegister.co.uk: VeriSign hit with slamming lawsuit
  9. ^ Federal Trade Commission: Court Shuts Down Website Selling Bogus Domain Names ".USA," ".BRIT," Deceptively Marketed as Useable
  10. ^ http://www.ftc.gov/opa/2002/04/morgenstern.shtm
  11. ^ a b Richardson, Tim (17 July 2002). "Domain Registry of Europe defends tactics, sues Tucows". The Register. Retrieved 12 July 2011. 
  12. ^ Michener, Lang. "1446513 Ontario Limited v. Tucows Inc. et al.". TuCows. Retrieved 13 July 2011. 
  13. ^ COOPERMAN, MICHAEL. "Legal Proceedings". QUARTERLY REPORT. Tucows Inc. Retrieved 13 July 2011. 
  14. ^ Register.com says rival duped customers. By Lisa M. Bowman; Staff Writer, CNET News September 18, 2002 12:37 PM PDT
  15. ^ Richardson, Tim (17 July 2002). "ASA slams ‘intimidating’ Domain Registry of Europe mailshots". The Register. Retrieved 12 July 2011. 
  16. ^ Richardson, Tim (16 August 2002). "Ad watchdog critical of Domain Registry of Europe". The Register. Retrieved 12 July 2011. 
  17. ^ Libbenga, Jan (6 August 2003). "Legal action threatened against domain slammer". The Register. Retrieved 12 July 2011. 
  18. ^ TheRegister.co.uk: VeriSign slammed for domain renewal scam
  19. ^ Federal Trade Commission v. Domain Registry of America, Inc.
  20. ^ Federal Trade Commission: Court Bars Canadian Company from Misleading Consumers in Marketing of Internet Domain Name Services
  21. ^ The Register: Court bars Canadian domain slammer
  22. ^ Stephen Lawson (31 December 2002). "Judge Halts Domain Deception". PC World. Retrieved 24 May 2008. 
  23. ^ King, Julie (July 2, 2004). "Toronto man sentenced in Bogus Invoice Scam". CanadaOne. Retrieved 14 July 2011. 
  24. ^ http://www.scamwatch.gov.au/content/index.phtml/tag/domainnamerenewalscams#h2_10
  25. ^ http://www.consumerfraudreporting.org/domainnamescams.htm
  26. ^ SAARINEN, JUHA (August 7, 2006). "Rafferty brother continues domain slamming scam". Fairfax Media Business Group, Fairfax New Zealand Limited. Retrieved 12 July 2011. 
  27. ^ Seltzer, Larry (2007-07-16). "Beware Fake Domain Renewal Notices". eWeek. Retrieved 21 July 2011. 
  28. ^ http://www.incentre.net/content/view/113/1
  29. ^ Mitchell, Robert (November 7, 2007). "The not-quite-domain-name-slamming school of marketing". Computerworld Inc. Retrieved 13 July 2011. 
  30. ^ http://pcnewsdigest.com/network-solutions-scam/
  31. ^ ICANN: ALAC Statement to the Board of ICANN on Amendments to the Registrar Accreditation Agreement Sun 14 Sep 2008
  32. ^ "ASA Adjudication on Domain Registry of America". ASA. Retrieved 15 July 2011. 
  33. ^ Most of the renewal of a domain name Posted May 26, 2010 by Marina Legrand
  34. ^ Schmugar, Craig (30 March 2010). "Persistent Domain-Renewal Scam Alive and Kicking". McAfee Labs Blog. Retrieved 6 May 2010. 
  35. ^ Jackson, Brian (9/22/2010 5:57:00 AM). "Alleged 'domain slammers' lose dot-ca licence, sue CIRA $10 million". ITworldcanada. Retrieved 12 July 2011. 
  36. ^ Shea, Dave. "Domain Registry Scam". mezzoblue. Dave Shea/mezzoblue. Retrieved 15 July 2011. 
  37. ^ Jackson, Brian (2010-09-22). "Alleged 'domain slammers' lose dot-ca licence, sue CIRA $10 million". ITworldcanada. Retrieved 7 August 2011. 
  38. ^ http://www.ftc.gov/opa/2010/08/ils.shtm
  39. ^ http://www.ostrolenk.com/publications/trademark_articles.html?PID=75
  40. ^ Neylon, Michele (19 July 2014). "Domain Registry Of America Suspended By ICANN". Domain Industry & Internet News. Retrieved 20 July 2014. 

See also[edit]