Jump to content

Domain Slamming

From ICANNWiki

Domain slamming, or domain name slamming, which is similar to telephone slamming scams, refers to the practice of sending fake renewal notices or bills to domain name registrants that are actually disguised service transfer notices.[1][2] Responding to a fake renewal notice often results in a higher fee for the registrant's domain name and an unauthorized transfer to a different registrar or service provider.[1][3] Registrar Domain Locking can help defend against domain slamming attempts.

Public Perception[edit | edit source]

Domain slamming is perceived as a deceptive and dishonest practice. As the domain name industry claims to value ideals such as "transparency" and "good faith," slamming seems to be particularly discordant and harmful.

Outcome[edit | edit source]

Domain slamming can result in the unauthorized transfers of domain names and higher renewal rates or fees. It also erodes user confidence with fraudulent offers or statements.

Historical Use[edit | edit source]

  • Domain slamming is used to trick users into unknowingly switching their registrar often at the users' expense. The fake renewal notices utilized by slamming registrars frequently claim that the registrant's domain name is expiring and needs to be renewed quickly; however, the company or registrar sending the notice IS NOT the registrar the domain name is currently using.[4] Registrants may not be sure which registrar their domain name is registered with.[2] This confusion, combined with official looking emails, mail, or phone calls may be enough to trick the registrant into "renewing" their domain name with the slamming registrar.[2]
  • Domain slammers may get contact information including phone numbers, email addresses, and postal addresses by using public data such as the WHOIS data base. [2] ICANN recently released a study on WHOIS misuse; although it does not specifically address slamming, it does look at the misuse of email addresses, postal addresses, and phone numbers found through the WHOIS data base.[5]
  • Industry giant Verisign was taken to court and investigated by the FTC over allegations of domain slamming notices sent in the mail.[6][7] While it was determined that Verisign did not break the law,[7] Verisign agreed not to send out notices similar to the ones previously used, and it had compensate those tricked by the notices. Verisign was also sued in class-action lawsuits for domain slamming but settled out of court.[2][7] Other registrars have also been accused of domain slamming, such as Brandon Gray Internet Services' Domain Registry of America (DROA), which has a reputation for consistently using slamming techniques.[8] Brandon Gray Internet Services was given an ICANN breach of notice of its RAA for a failure to disclose information relating to the transfer of a domain name in 2013.[9] In July of 2014, DROA was suspended by ICANN due to violations of the 2013 RAA.[10]. If its compliance issues and the compliance issues of its resellers are not fixed, the registrar may lose its accreditation.[10]

ICANN Policy[edit | edit source]

  • Additionally, a Generic Names Supporting Organization (GNSO) working group was tasked with an investigation of fake renewal notices in order to decide if a full issue report was necessary.[11] A survey of registrars within the report found that they were divided on the issue of fake renewal notices, "either viewing this as a serious problem or not a problem at all."[11] Registrars reported registrant confusion as a main result of fake renewal notices and also cited wasted time and customer service resources.[11] On a larger scale, fake notices may "reflect negatively on the domain name industry as a whole."[11]

Legislation[edit | edit source]

The Federal Trade Commission (FTC) is charged with investigating fraud and deceptive marketing used to take advantage of consumers.[13] Therefore, domain slamming cases have been addressed by the FTC and U.S. court system. [14] In the cases mentioned above, both Verisign and DROA were ordered to stop sending fake renewal notices.[14] Additionally, DROA was ordered to provide "monetary redress."[14]

Additional Resources and Tips[edit | edit source]

  • Some tips for avoiding domain slamming include:
  1. Knowing what registrar your domain name is registered with
  2. Contacting your registrar when you receive emails or calls warning you about any expiring domain names[1]
  3. Keeping records of when your domain names expire [15]
  4. Using the domain locking service provided by most registrars that prevents any transfer of the domain name unless the registrant calls and requests that the name is "unlocked"[15]
  5. Familiarize yourself with Fake Renewal Notices.

Related Articles[edit | edit source]

References[edit | edit source]

  1. 1.0 1.1 1.2 Domain Slamming Scam – Fake Domain Renewals, Positive Projections
  2. 2.0 2.1 2.2 2.3 2.4 Domain Slamming by Dishonest Registrars (July 4, 2007), DomainMonster.com
  3. My domain name has been kidnapped, help!, EuroDNS
  4. Beware Fake Domain Renewal Notices by Larry Seltzer (July 16, 2007), eWeek.com
  5. Study on Whois Misuse, Internet Corporation for Assigned Names and Numbers (ICANN)
  6. VeriSign slammed for domain renewal scam by Kieren McCarthy (September 25, 2003), The Register
  7. 7.0 7.1 7.2 Verisign accused of DNS slamming by Thomas C. Greene (March 26, 2002), The Register
  8. Domain Registry of America still slamming, still scamming by Kevin Murphy (October 6, 2011), Domain Incite
  9. 9.0 9.1 Finally, domain-slamming registrar gets ICANN breach notice by Kevin Murphy (December 17, 2013), Domain Incite
  10. 10.0 10.1 http://domainincite.com/17106-domain-slammer-finally-gets-suspended-by-icann Domain "slammer" finally gets suspended by ICANN by Kevin Murphy (July 21, 2014)
  11. 11.0 11.1 11.2 11.3 Fake Renewal Notices Report-Final-6 March 2012 (PDF), ICANN
  12. Policy on Transfer of Registrations between Registrars | Takes effect 1 June 2012, Internet Corporation for Assigned Names and Numbers (ICANN)
  13. 13.0 13.1 About Domain Slamming, JMG Enterprises
  14. 14.0 14.1 14.2 Court Bars Canadian Company from Misleading Consumers in Marketing of Internet Domain Name Services (December 23, 2003), Federal Trade Commission
  15. 15.0 15.1 Domain Name Hijacking – Domain Slamming, InfoSec Institute