As some tech companies will unfortunately be aware, dealing with cyber criminals who register domains names similar to their brands for fraudulent activities can be time consuming, costly and involve reputation crisis management. However, it is also costly and cumbersome to attempt to register every variation or misspelling of a brand as a domain name to guard against such potential criminal activities. Tech companies will therefore welcome the initiatives recently announced by Nominet (the registrar for the .uk domain) that aim to tackle the ongoing threat of cyber criminals who use public and private sector names to lure internet users to their site or to open malicious links via phishing activities.
The main announcements are:
Nominet operates Domain Watch, an initiative which combines manual and automated checks to help it to identify which new domain name applications are likely to be used for phishing. Those applications which look suspicious on these checks are suspended until the registrant provides Nominet with evidence of good intentions regarding use of the domain name. According to Nominet, most applications caught by Domain Watch are not pursued by the registrant. These have included: netfllx.uk, barcleys.uk and hmrc-taxrefund-gov.co.uk.
As a first step, Nominet will change its registration T&Cs to allow Nominet to cancel, or block the use of, any domain that Nominet believes is at high risk of being used for malign purposes (such as virus or malware distribution, phishing or denial-of-service attacks) or that it believes is already being used in this way.
Nominet also considered whether brands could buy ‘phishing protection’ from Nominet - this option was not pursued at this stage due to concerns about the criteria to be implemented and whether it would impact free speech and human rights.
2. Landing pages
Any visitor to a suspended domain would see an error message instead of being able to access the website. During the consultation round table, stakeholders agreed that it would be preferable for any web traffic associated with a suspended domain to be directed to a law enforcement information page. The wording for such an information page should be simple, concise, not scare people, use official government agency logos and avoid further links (as these could be hijacked, spoofed or undermine trust and wider messaging regarding staying safe online).
As a first step, Nominet will introduce a 12 month pilot system for linking/redirecting visitors from suspended domains to secure pages containing law enforcement information, such as consumer advice for potential victims of the sale of counterfeit goods. The pilot will aim to draw on varied experience and expertise to: test the operational and technical process; refine the messaging; and, monitor traffic to the domain over time.
3. Extending Suspension Period
To minimise the risk of re-registering suspended domains, Nominet will also extend the suspension period for domains suspected of being associated with criminal activity to 24 months.
4. No drop list yet
A .uk domain name can be registered with Nominet for between 1 and 10 years. If a renewal request is not received within 30 days of renewal date, then Nominet suspends the domain name. If a domain name has been suspended for 60 days without renewal, then it is cancelled at a random time and available for re-registration. Not surprisingly, this can create a virtual stampede to re-register attractive generic domain names.
For now, Nominet will not be creating a drop list - a publicly accessible database of dates and times when non-renewed domains are to become available to register. Nominet noted that its practice was inconsistent with other prominent registrars, most notably ICANN. Nominet may consult later regarding alternative release mechanisms for highly desirable domains, such as registry auctions, landing pages and ballots.
This is the first time a national registry will facilitate the provision of trusted information and guidance from law enforcement agencies following the suspension of domain names for criminal activity.