iEstates.com

This spring contained, as usual, the spring “conference season”.  And, DomainTools attended a variety of them.   The back-to-back-to-back conferences we exhibited at were FS-ISAC, IACC and INTA.  Each of the three conferences had sessions covering the pervasiveness of cybercrime generally, but each also focused in on areas specifically pertaining to their own discipline: the security of financial networks and accounts, the sale of counterfeit goods, and online intellectual property/brand protection, respectively.

No matter how long I have been “in this business”, I continue to be awed by the vastness, ingenuity and determination of cybercrime and cybercriminals themselves.  It is big business.  Cybercrime has many impacts starting with potentially significant financial loss, both to individuals and companies, data and intellectual property loss, brand and reputation damage, and overall network and infrastructure abuse.  In 2012, Internet Crime Complaint Center (IC3) published their annual report which contains a fabulous overview of reported cybercrime such as automobile fraud, extortion scams, scareware tactics and others.  It also states reported losses by consumers above $525 million, an increase of 8.3% from 2011 — and those are only the reported losses.  IACC claims counterfeiting is a $600 billion a year problem.  Any way you look at it, crime is big business.

To combat this trend, security tools have changed.  They had to.  Fraud detection and prevention must adapt at a very fast pace to keep up with the online criminals’ ever-changing tactics. Entities must protect themselves, their employees, their network and their customers.  Rarely does a week go by without some new malware, email phishing scam or counterfeit takedown broadcast in the news.

Organizations are getting smarter through intelligence sharing, leveraging best practices, engaging with social media, and employing the use of big data.   Utilizing these various tactics can make it easier to identify suspicious behaviors earlier and monitor ongoing threats more surgically.  This is where DomainTools data can be useful:  Domain name and IP Whois data can help identify bad actors, either by utilizing Whois history which can often defeat Whois privacy services, or by associating domain names and IP addresses to each other through common variables.  DomainTools has the best Whois data, and therefore gives our clients the best chance of finding out who is behind a cybercrime.  Our data helps protect companies, networks, employees, customers and internet users worldwide.  And we’re just getting started.  Later this year DomainTools will be releasing powerful new investigative tools which will set the standard for how whois and DNS data can inform critical cybersecurity efforts across the globe.  Stay tuned!

All too often the Support Team here at DomainTools receives disconcerting stories from registrants who have no control over their domain names or websites.  What is entirely surprising is how many registrants shift control of their business’ domain and/or website to outside resources without building a solid understanding  as to how to manage their own domain assets.

With many trustworthy Registrars in today’s domain registration marketplace, with their volumes of Help and Support knowledge resources, it is mind boggling at times that people still blindly trust others to handle what may very well be one of their most crucial business decisions.

 

I have found that there are five basic tips that can be useful, to even the most novice domain registrants:

1. Registering your own domain name is simple. If you sign up for Facebook, you can create a user account at a Registrar of your choice.  The information fields you will be asked to fill out are pretty basic and take only minutes to fill out.  You should expect a confirmation email in order to verify your account.  Again this is a fairly standard protocol in today’s online world.  The verification email is also a great way to become familiar with how your registrar contacts you and so you can add them to any ‘safe’ lists you may have.  This will ensure that you don’t miss any important communications from them during the registration lifecycle. Help and Support information links are usually provided with these communications as well.

 

2. Don’t let anyone else register your own domain name. Avoid the “I let my sister’s, in-law’s, brother’s aunt whose son’s girlfriend’s, sisters hair dressers, cousin who work down at the docks and dabbles in web design, register my domain name” scenario. Friends and family are great, don’t get me wrong.  However, YOU should be the point of contact managing your domain assets. DomainTools receives at least half a dozen inquiries each day from registrants trying to access or reclaim their names because they allowed someone else to register it.  One day a registrant is communicating with their ‘web person’ then the next they have disappeared into thin air, leaving them with no access or ability to manage their domain asset. By choosing to use one of the more popular or well known domain registration providers you can rest assured that they will be there when you need them.  Many have 24 hour online and phone support and likely live chat with a real customer service representative.

 

3. Understand the WHOIS requirements.  All ICANN (Internet Corporation for Assigned Names and Numbers) accredited registries must comply with the WHOIS database requirements.  As such, when you register a domain name, ICANN requires your domain name registrar to submit your personal information to the WHOIS database.  Once your listing appears in the online directory, it is publicly available to anyone who chooses to check it using a WHOIS search tool such as DomainTools.  ICANN does a very thorough job of providing information on Registrant Rights & Responsibilities.

 

4. WHOIS privacy services are available to every Registrant. There is no disputing the potential risk of falling victim to hackers, spammers or other nefarious players by having your personal information made publicly available.  However, you (and other registrants) should know the may absolutely use a privacy protection service to mask their public WHOIS data details.  Most of the major registrars offer privacy services and if registrants. Not sure if your own registrar does? Ask and find out.

 

5. Get peace of mind through multi-year registrations.  Just before submitting the final check out button to pay for your domain name purchase, many Registrars will offer you the opportunity to register the domain name for multiple years.  This may seem like an upsell but in fact this is an opportunity for the registrant to lock in their name for years to come.  Many will offer 2, 3, 4, or 5 years registration.  The main benefit is that you will not have to worry about the yearly renewals and the possibility of missing the notification.  If you decide to choose the single year option, a domain-monitoring tool such as Domain Monitor from DomainTools can be a handy tool in your management ‘tool box’.  Access to Domain Monitor is free with a Novice account from DomainTools.

A BIG thank you to all of you who entered the Santas Favorite Whois contest! Santa had a wonderful time reading all of the entries and drew the following names out of the entry bag. The following three people won a FREE DomainTools Professional membership for one year (or a FREE Professional membership renewal for one year) if he or she is a current DomainTools member):

 

“DomainTools is one of the critical weapons that we have in combating counterfeiting on the Internet.  We use it on a daily basis to monitor domain names and keep track of registrant information.”

Joseph C. Gioconda
Attorney, Counselor at Law and Founder
Gioconda Law

“Small web professionals need all the help they can get to protect their ideas and future plans on their assets, what better way than to use the awesome Domain Tools to catch up with what other similar sites are doing to protect theirs! Without tools like it its like walking down a blind alley knowing you probably will get mugged.”

Anita Sudhakar
CEO
SmartWebby

 

“DomainTools is a very valuable service to be because it allows me to do bulk registration lookups and greatly aids me in trying to attribute network based attacks against my customers. I have used your tools for years and find that they are really the only player in this space to date.”

Chuck Yarbrough
Senior IT Security Instructor/Developer
SAIC

 

Congratulations to Joseph, Anita and Chuck! We’ll be be in touch shortly to set up your FREE DomainTools PRO account yearly access or renewal!

Thank you again to everyone who contributed a quote and cheers to 2013!

 

-DomainTools and Santa

Whois Privacy is an important topic here at DomainTools.  After all, a primary use of our Whois History product is to get behind Whois Privacy if possible.  Just this week Brian Krebs wrote an interesting blog post that does a good job of showing the power of DomainTools’ Whois History.

Whois is also a prevailing topic seemingly every year at ICANN Conferences, and no debate about Whois data is complete without also discussing the benefits and costs of allowing domain owners to utilize Whois proxy services in order to shield their domain ownership from the public eye.

With the recent celebrity of Nate Silver, data is now in vogue more than ever.  Data, assuming it is accurate, is fact not opinion.  Data helps inform qualitative conversations, can lend momentum to important decisioning processes, and can uncover unknown information in unique ways.  Take the first list in this article, below:  That 94% number shocked me so I pulled up the Above.com homepage and sure enough, every domain at Above.com gets free privacy protection.  Never knew that!   So in the spirit of featuring more of our DomainTools data on this blog, we offer some insights below on the proliferation of whois privacy at the registrar and TLD levels.

It must be noted upfront that, due to the imperfect nature of both Whois data and privacy identifiers, no data set in this arena can be 100% accurate. Specifically we identify these caveats with the data:

• DomainTools does not have Whois records on all registered domains worldwide.
• We only focused on privacy services with over 1,000 domains under management.
• ccTLD data skews the numbers in cases such as .de, .es, and .eu where registrant data is not provisioned publicly.

Now to the data:

• DomainTools identified 130 different privacy services across almost 225 million unique domain name Whois records.
• Almost 32 million domains were identified as private, or about 15% of the total population we reviewed.

 

 

 

Privacy Concentration for Registrars with between 100K and 1MM Domains Under Management:
1.  Above.com PTY LTD  94%
2.  April Sea Information Technology Corporation 93%
3.  New Dream Network (DreamHost) LLC  91%
4.  Brandon Gray Internet Services (NameJuice.com)  80%
5.  Bargin Register 76%
6.  BigRock Solutions pvt LTD  47%
7.  Cloud Group Limited 47%
8.  Netart Registrar Sp. z.o.o. 47%
9.  Net Earth One (Net Earth)  43%
10.  FBS Inc.  43%

Privacy Concentration for Registrars with over 1MM Domains Under Management:
1.  GMO Internet (Onamae.com)  51%
2.  Fabulous.com pty LTD 48%
3.  PDR (PublicDomainRegistry.com)  37%
4.  DomainSite  33%
5.  Moniker Online Services  26%
6.  Register.com  25%
7.  Enom  25%
8.  Network Solutions  23%
9.  Tucows  22%
10. GoDaddy  21%

Privacy Concentration for TLDs with over 1MM Domains in DNS:
1. INFO  28%
2.  CN  20%*
3.  ORG  20%
4. COM  19%
5.  NET  19%
6.  BIZ  18%
7. MOBI  17%
8.  CO  17%
9.  JP 12%
10  IN 1%

* Nearly all the ‘private’ domains in .CN are associated with one registrar and privacy provider, and there are indications of underlying domain tasting on .CN as well.  Absent this registrar, privacy on .CN is virtually nil.

 

We’re putting this new data to work at DomainTools as well.  Our Whois History product uses color scheming to let users more easily identify privacy records in the reams of historical Whois records we have on file.  The work our R&D team has done to update our privacy detection is going into production shortly, making related tools all that more accurate.  Look for a redesign of our Whois History product coming soon!

The onslaught of domain spammers emailing solicitations to acquire domain names that are dropping or pitching domains for sale seems to have increased dramatically over the last month.  Seeing that there is no rest for the wicked, I woke to find these devious elves had filled my Christmas morning in-box full of left-over fruit-cake domains (see image for examples).

The domain spamming appears to be increasing as new drop-catching services, email out domain names that may have some correlation to a domain name that the recipient of the email owns.  Companies like Intrust Domains have been soliciting people to “express interest” in a domain that Intrust then attempts to acquire.  I’m sure that anyone with a portfolio of even a handful of names has likely seen an email from one of these companies.  Clearly these spams have worked a reasonable rate of success or there wouldn’t be an increasing number of companies doing the same thing.

The sender of these emails tend to either be

Domain Opportunity which includes the address :
Backorder Division
200 E Colfax Ave # 100
Denver, CO 80203

Domain Inquiry
Marketing Development Team
111 N Canal St Suite 1890
Chicago, IL 60606

Domain Alert
The Domain Team
25 First Street, 2nd Floor
Cambridge MA 02141

Available Domain
The Domain Team
25 First Street, 2nd Floor
Cambridge MA 02141

I suspect that these are all the same group. Each email is formatted similarly and contains an opt-out at the bottom. Additionally all 3 senders above uses a link to an obscure domain name. For example http://cellsearches.com/4215015mepafu-KLY , which at the time of this writing and in all cases links to NameBind.com

Another increasing form of domain spamming comes in the form of “new” sales letters. In a similar fashion to the expiring domain spam, these “marketers” tend to email domains that they have in some way deemed related to a domain you may own, at least that’s the story I’ve been given.

As an example, in the last 5 days I’ve received over a dozen an emails about “High SEO” domains such as thehaj.org, lacieheart.com, golfstandbags.com, smallbusinessservices.net and zipbags.com from “Robert Parker” robertparker.tm@gmail.com or “ADAM SMITH” adamsmith.tm@gmail.com, Michael Thomas thomasmichael.tm@gmail.com and ”George Hunt” georgehunt.dn@gmail.com, who happen to have the same phone number : +91.939.277.4412

When I emailed and asked where they got my email address, they informed me “My email program found your email address from the whois data of similar domains.”   There’s no telling what “similar” domains means.

I’m all in favor of receiving an email about a domain opportunity that I might be interested in and I’ve been inclined to send out the occasional email about a domain I’m selling.  I’d like to think that these emails would be highly targeted to the recipient and may even be coming from tools like Estibot’s lead generation tool, but the recent ones I’ve been flooded with seem far too obscure and untargetted to be sourced via this tool.

This new breed of “domainer” seems to pay no mind to who they are emailing or why. The pitches are canned and automated at best, some containing the mistakes of non-native English speakers. Rather than sending out a targeted message, it seems domain spammers, like those spamming prescription medicine offerings, find it much easier to flood every possible in-box with their ridiculous pitches.  I suspect that much of the email harvesting that these spammers do comes from checking the new whois information of sold domains harvested via DNJournal.com or Namebio.com.

All signs indicate that there’ll be an increase in these emails in the coming year. Unfortunately, the results of this will likely also increase the number of domains bought under privacy as well as the number of domain sales that go unreported.

What do you think about this issue?

(c) 2011 DomainNameNews.com (1)

---

Advertisement
DomainTools is giving away a free Reverse Whois Report for up to $99 to a winner in a giveaway they launched recently. In order to enter, visit their site to send an email to Santa before January 2nd, 2011.

The namespinner company Domainsbot today announced a relaunch of their main site, featuring a real-time search experience and new tools that make it easier for people and companies to search for domain names, Twitter handles and Facebook Page Names. By offering an integrated domain and social identity search, the new service makes it easier for users to find and obtain
unique, brandable identities. In addition to adding social identity search and revamping its website for speed and ease of use, DomainsBot also offers a downloadable mobile application, for identity searches on the go.

“Five years ago we only needed to worry about checking domain availability before naming a new business or product. Today’s challenge is to take care of domains and social media identities, such as Facebook and Twitter. Our goal is to simplify an important and time consuming process creatively,” said Emiliano Pasqualetti, DomainsBot, CEO.

The new domainsbot.com also features premium domains from GoDaddy and Sedo, the two largest marketplaces of names for sale. These partnerships will enable users to browse for the largest selection of domains available on the secondary market. Additional features of today’s release include the introduction of DomainsBot Deals, a selection of top discounts for domain
registrations and renewals in partnership with some of the most popular registrars, and a whole new selection of B2B services for domain registrars, registries and new TLD applicants. The services for new TLD applicants will provide statistics based on existing registrations estimating potential for new TLDs.

 

(c) 2011 DomainNameNews.com (6)

---

Advertisement

A web address for great ideas. What a great idea.

.CO is for creators. For the people and businesses who make the world turn.
From products and stories to brands and beliefs, .CO is the web address that makes “making your idea a reality” a reality.

Find your .CO today

With the launch of .xxx domain names coming soon, I thought now would be a good time to address an important topic sometimes overlooked by domain buyers: how to avoid accidentally purchasing a domain that was once used for pornography.

Almost as long as the web has been around, companies have been selling content filtering software. Parents and network admins can use it to stop their kids, employees or users from accessing inappropriate web sites at work and at home, or in colleges, schools and libraries.

It can be quite difficult to get a domain name removed from one of these legacy block-lists, especially if the company that originally compiled it is no longer around.   You may find yourself cut off from some potential customers when purchasing a domain on a blocked list.

As a result, if you plan to invest in a domain name that was once used to host pornographic content, you may find that its resale value is not what you thought. The same can be said if you are interested in purchasing a domain for the value it has in adult traffic.   So it’s important to know what a domain has been used for before deciding whether to buy it and how much to offer.

As you can see from the small number of premium names already released by the .xxx registry, it’s sometimes not easy to tell whether a domain has hosted adult content just by looking at the domain name itself.

It should be obvious what you will find if you point your browser to casting.xxx or muscle.xxx, which were some of the first .xxx domains to be sold, but can you say the same about casting.com or muscle.com? They could be porn, or they could just as easily belong to a Hollywood casting agency or be used to sell dietary supplements and home gym equipment.

Common dictionary words sometimes have special meanings in the adult entertainment world that might not be obvious to somebody from outside that industry, which is why it’s important to do your research before making an offer.

Adult content publishers often trade under generic-sounding company names, so a simple historical Whois search might not be enough to alert you to the domain’s past usage.

That’s one of the reasons why DomainTools offers a comprehensive screenshot history with most Whois queries. Not only can you see who owned a domain name in the past, you can also very quickly check to see what it was used for.

Take the generic-sounding domain WebmasterAccess.com, for example. It could be used to host a forum for webmasters to exchange technical tips, it could be a web hosting company, or it could be used as a jobs site for designers and developers.

In fact, it’s owned by a large adult entertainment publisher and is used to promote a porn webmaster show. The site may be almost safe-for-work today, but the DomainTools screenshot history clearly shows that as recently as January this year it contained very adults-only imagery. It’s easy to see that just from the thumbnails in our archive, too – you don’t need to look at the full-sized capture if you don’t want to!

If that domain was for sale, and you were thinking about buying it to develop or resell, that’s important background info that you’d need to know.

If you’re a DomainTools customer, you already know the value of Whois for researching the history of domain names, but not everybody is as savvy.

A hoaxer this week managed to fool some of the world’s most respected news organizations into reporting that Internet Explorer users are “dumber” than users of other browsers, and it was a Whois search that eventually blew the story open.

Dozens of outlets – including CNN, the BBC and Forbes – fell for a story put out by a fake Canadian company called AptiQuant, which claimed to have proved scientifically that IE users have below-average IQs.

AptiQuant said in a press release that it had offered free online IQ tests to over 100,000 people and then correlated the scores with the browser used to take the test. IE users, it said, were found to have much lower IQ scores than everybody else.

The media rapidly picked up the meme and ran with it. Headlines such as “If You’re Reading This On Internet Explorer, You’re Probably Dumb” and “Dumb people use Internet Explorer, survey says” were among the hundreds around the world that AptiQuant’s news generated.

But the story was completely bogus, as a simple Whois search could have revealed in an instant.

After the initial wave of reports, readers started doing a bit of digging. Most of AptiQuant’s web site content, they discovered, had been copied and pasted from a French company called Central Test. Even the photographs of AptiQuant’s non-existent staff had been copied.

But here’s the kicker: Whois shows that the domain name aptiquant.com was only registered on July 14 this year. That’s in contrast to the web site itself, which had content claiming to date back to 2005.

A developer named Tarandeep Gill has now confessed to being behind the hoax. He said that he just wanted to highlight what a pain IE 6.0 can be to support when building web sites.

“We are really surprised that it took so long for people to figure it out, a mere Whois on the domain could have revealed it all,” Gill wrote.

To make things worse, some of the news sites now reporting the hoax have claimed that Gill lives in San Francisco, whereas he in fact lives near Vancouver, Canada – as the Whois record clearly shows!

It’s not just the media that could benefit from making Whois part of their standard research toolkit. Just as reporters were fooled by a hoaxer telling them what they wanted to hear, there are a lot of bad guys out there making “too good to be true” offers who have less frivolous intentions.

If you find yourself on a web site that looks a bit fishy, Whois should be your first port of call.

We just got back from the International Trademark Association (INTA) conference in San Francisco! It ran May 14-18 and we had a great time meeting a good number of the 8,500 attendees from 140 countries. Each day, had engaging conversations about the industry, DomainTools, and it was awesome to see customers come up and introduce themselves with “We use you guys all the time”. For us, it was also enriching to hear about specific anecdotes about how specific tools like Reverse Whois, Trademark Alert, Whois, etc. are being leveraged. Be sure to read our press release about our INTA attendance if you haven’t seen it yet.

Here is a picture of our booth and staff before the exhibition hall flood gates opened the first day.

In just a few weeks, we will be showcasing DomainTools once again – this time at SMX Advanced in Seattle, June 7-8. If any of you SEO and Analytics gurus are in town, be sure to stop by booth #23 to say hello! By the way, DomainTools is looking to add an SEO and Analytics Manager to our incredible team! If you are interested or know of anyone with this expertise, feel free to read the full job description here.