Domain name scams

Domain name scams are types of Intellectual property scams or confidence scams in which unscrupulous domain name registrars attempt to generate revenue by tricking businesses into buying, selling, listing or converting a domain name. The Office of Fair Trading in the United Kingdom has outlined two types of domain name scams which are "Domain name registration scams" and "Domain name renewal scams".^[1][2]

Domain slamming

Domain slamming (also known as unauthorized transfers or domain name registration scams) is a scam in which the offending domain name registrar attempts to trick domain owners into switching from their existing registrar to theirs, under the pretense that the customer is simply renewing their subscription to their current register. The image on the right shows the initial domain slamming phishing email sent by Network Solutions to OpenSRS customers. The term derives from telephone slamming.

Prevention

In 2004, ICANN, the domain name governing body, made changes to its policy for transferring domains between registrars. They introduced a single protective measure that can help prevent unauthorized transfers: domain locking. Critics, although advising owners to apply the new feature, said that this was an "unnecessary and customer-unfriendly change".^[3][4]

False offers to buy, or to find buyers

Scam methods may operate in reverse, with a stranger (not the registrar) communicating an offer to buy a domain name from an unwary owner. The offer is not genuine, but intended to lure the owner into a false sales process, with the owner eventually pressed to send money in advance to the scammer for appraisal fees or other purported services. By mimicking aspects of the legitimate sales process and agencies, the scheme appears genuine in the early stages. The prospect of an easy, lucrative sale disarms the owner's normal suspicion of an unsolicited offer from a stranger with no earnest value. Since an actual transfer through the registration system is never involved, legal safeguards built into the official transfer process provide no protection.

Fake trademark protection

Although less common than domain slamming, another domain name scam primarily coming from registrars based in China involves sending domain owners an e-mail claiming that another company has just attempted to register a number of domains with them which contain the targeted domain owner's trademark or has many keyword similarities to their existing domain name. Often, these domains will be the same as the one(s) owned by the targeted individual but with different TLDs (top-level domains). The scammer will claim to have halted the bulk registration in order to protect the targeted individual's intellectual property, and if the email recipient doesn't recognize the entity attempting to register these domain names, that they should respond immediately to protect their trademark. If the scam target does respond by email or by phone, the scammer will then try to get them to register these domain names for several years upfront with the registrar running this scam.^[5]

Other variations of this type of scam include registrars that target their own existing customers with similar made-up threats of another entity trying to register the same domain as theirs under different TLDs. As well, some domainers are known to search for available TLDs for already registered domains, then emailing the owner of the registered domain and offering to sell the unregistered variations to him/her for a marked up amount. If the target agrees to the deal, the domainer will then purchase the domains on the spot for the regular $7~20 registration fee and immediately sell it back to the victim for a few hundred dollars.

Timeline

This section outlines reported domain scams as a timeline of events, showing how they have evolved, the companies involved and the outcome of complaints.

• In 2001, the federal Competition Bureau (of Canada) issued a warning about documents that appeared to be invoices sent out by a business called the Internet Registry of Canada (a Brandon Gray reseller^[1]).^[6]
  • "Complaints received by the Competition Bureau indicate that the mailings from the 'Internet Registry of Canada' give the impression that it is affiliated with the Government of Canada or that it is an officially sanctioned agency registering domain names in Canada. The 'Internet Registry of Canada' is not associated with any government agency," the Competition Bureau advisory stated.^[7]
• VeriSign was sued in 2002 for their actions in sending ambiguous emails informing people, often incorrectly, that their domain was about to expire and inviting them to click on a link to renew it. Renewing the domain resulted in the registration company being transferred to VeriSign from the previous registrar.^[8]
• In March 2002, the FTC shut down "TLD Network Ltd", "Quantum Management (GB) Ltd.", "TBS Industries Ltd." of London, England for selling bogus domain names ".USA", ".BRIT", which they deceptively marketed as usable suffixes.^[9]
• In April 2002, the FTC charged National Domain Name Registry, Electronic Domain Name Monitoring, Corporate Domain Name Monitoring, and owner Darren J. Morgenstern, with making false and misleading statements to domain name holders whereby they duped consumers into needlessly registering variations of their existing domain names by deceptively contending that third parties were about to claim them.^[10]
• On 2 July 2002, the "Domain Registry" served papers against Canada-based domain registrar Tucows Inc for alleged defamation and sought $21 m in damages.^[11][12] Tucows later said: "The Company (Tucows) does not believe it will be liable for any damages and accordingly has not accrued any amounts at June 30, 2002."^[13]
• In 2002, Register.com sued Domain Registry of America (a Brandon Gray reseller^[1]), claiming the company illegally lured away thousands of customers by tricking them into transferring their domains.^[14]
• In 2002, the UK Advertising Watchdog Authority (ASA) slammed Domain Registry of Europe (a Brandon Gray reseller^[1]) over similar mail shots.^[15][16]
  • In response to this, Alan Freeman, Relations Manager for DRoE, said that the company - which also trades as Domain Registry of America and Domain Registry of Canada - had registered 1.1 million domains for customers and was registering between 5,000 and 7,000 new domains a day.^[11]
• In 2003, Dutch hosting provider Deinternetman pondered legal action against Domain Registry of Europe (a Brandon Gray reseller^[1]) for sending their customers letters urging them to renew their domain contracts.^[17]
• In 2003, VeriSign was found not to have broken the law but were barred from suggesting that a domain was about to expire or that a transfer was actually a renewal.^[18]
• In 2003, the Federal Trade Commission reached a settlement with the Domain Registry of America (a Brandon Gray reseller^[1]) for practices such as transferring domain registrations to their service under the guise of domain renewal, a practice known as domain slamming, and having hidden fees.^{[19][20][21][22]}
• In July 2004, Daniel Klemann and 1480455 Ontario Incorporated, operating as Internet Registry of Canada (a Brandon Gray reseller^[1]), was sentenced to a $40,000 fine and a five-year prohibition order for deceptive Internet domain name renewal mailouts that targeted 73,000 businesses and non-profit organizations across Canada.^[23]
• In April 2005, the Australian Competition & Consumer Commission warns of a domain name renewal scam where domain name holders have received a letter that looks like an invoice for the registration or renewal of a domain name, where the domain name in question is very similar to your actual domain name except has a different ending, for example it will end in “.net.au” instead of “.com” ^[24]
• In March 2006, Consumer Fraud Reporting reports about a company called “Domain Listing Service” sending out emails to domain name holders that look like a bill to register/renew their domain name listing a “final notice”.^[25]
• In 2006, reports appeared from New Zealand that Blair Rafferty had resurrected his bankrupt brother Chesley's domain name service, "domain slamming" New Zealand and Australian registrants.^[26]
• In 2007, a company known as "Domain Renewal SA" operating from Brussels was sending out emails that told you that you need to renew your domain.^[27]
• In August 2007, the Internet Centre reports of a wave of emails originating from China from “Asian Domain Registration Service”, implying that a domain name will be lost, or all Asian TLDs of the domain name will be taken away shortly by a foreign company. The Internet Centre has found no indication that any of these are valid, and in fact they appear to be a scam.^[28]
• In 2007, it was reported that a company under the name of Liberty Names of America (a Brandon Gray reseller^[1]) had been sending out "Domain Name Expiration Notices", which one expert said is "not exactly domain name slamming. But it is sleazy marketing."^[29]
• In March 2008, PC News Digest reports “Network Solutions Scam”. When searching on the Network Solutions website to see if a name was available for registration, Network Solutions was actually registering the name and then attempting to sell that name at an inflated price.^[30]
• In 2008, ICANN said: "we are aware of accredited registrars in North America with officers that have been convicted of mail fraud, that continue to be associated with the deceptive marketing practices employed by the Domain Registry of America (a Brandon Gray reseller^[1]). We do not consider this an acceptable situation. Accreditation processes must be reviewed, and that review must be released for public scrutiny".^[31]
• In 2009, ASA released an adjudication on Domain Registry of America t/a Domain Renewal Group (both Brandon Gray resellers^[1]).^[32]
• As of 2010, the company mailing as DROA, French Internet Registry, Domain Renewal Group or Company Directory, is doing so in order to achieve domain slamming.^[33] McAfee Labs also reports that the domain slamming solicitations continue.^[34]
• In September 2010, Brandon Gray Internet Services Inc. had its licence with the authority responsible for Canada's .ca domain names, Canadian Internet Registration Authority terminated as a result of domain slamming carried out under the name of Domain Registry of Canada.^[35][36] The officer registered with the Ontario government for Brandon Gray Internet Services is Marilyn Benlolo.^[37]
• In August 2010, the FTC charged Internet Listing Service with sending fake invoices to small business and others listing the existing domain name of the consumers Website or a slight variation on the domain name.^[38]
• On March 31, 2011, the law office of Ostrolenk Faber LLP warned about Trademark and Domain Name Scams where its clients received fake warnings of usurpers of internet domain names. Clients were allegedly receiving phony "Trademark Office Notices" from the "United States Trademark Agency".^[39]
• In Dec 2011, NameCheap accused GoDaddy of putting technical barriers to frustrate its customers from transferring their domains to Namecheap in breach of ICANN rules.^[40]
• In July 2014, ICANN suspended Brandon Gray Internet Services (including its various resellers, like Domain Registry of America and Namejuice.com) for subjecting domain name holders to false advertising, deceptive practices, or deceptive notices.^[41]

See also

• Copyfraud
• List of confidence tricks: Online scams
• Scams in intellectual property
• Telephone slamming
• Transfer secret

Notes

1.^{a b c d e f g h i} Entities and resellers associated with Brandon Gray include Namejuice.com, Domain Registry of America, Domain Renewal Group, Domain Registry of Australia, Domain Registry of Canada, Domain Registry of Europe, Internet Registry of Canada, Liberty Names of America, Registration Services Inc, Yellow Business.ca and Internet Corporation Listing Service.^[42]

References