Registrar Accreditation Agreement and potential scams

As of the 1st January the new Registrar Accreditation Agreement came into force, meaning that domain name registrars now need to take steps to verify exactly who is actually registering domain names.   The new changes have been driven by law enforcement agencies to try and help unmask criminals who have previously hidden behind bogus contact details within the WHOIS database.  The new rules mean that the contact details have to be verified by Registrars within a short period post application for a domain name.

The actual format of the verification is not stipulated under the new RAA – it can be by phone, letter or email.  Not surprisingly, email will be the dominant medium used because of cost effectiveness.  However, with some great irony, these verification messages are being used as a vehicle for phishing attacks just a few days after the agreement came into effect.

A number of examples have already been received, by domain name registrants, asking them to follow a verification link where they can confirm their username and passwords on fake major domain name registrar websites.  Once a fraudster has these details they can then attempt to transfer a domain name away causing untold misery and brand damage, often before the actual holder is aware of what has happened.

Unfortunately, it is still far too easy to find publically available details on new domain name registrations on any WHOIS database, meaning that cybercriminals can quickly target legitimate domain name holder with the objective of gaining access to their accounts, whether that be to transfer domain names out of their control or simply lock out the legitimate user and hold them to ransom.

If you do receive any notices where you are asked to enter personal details such as usernames or passwords then don’t.  Call the registrar in question and verify your details that way.

Written by Stuart Fuller, Director of Commercial Operations and Communications, NetNames