- Images comparison
- Domain name surveillance
- Pharma counterfeiting
- Domain name transfer
- Bank Phishing Scam
- LTU partnership
- IP Summit Brussels
- Combating online fraud
- LegitiName on RTL.lu
- Domain name strategy
- Domain name management
- Domain risk management
- .EU domain name launching
- R&D investments
- .EU domain news
- Communication Switzerland
- Blacklisting prevention
- Are .EU ready?
- Brand phishing
- Tamiflu® and avian flu
- Domain name recovery
- LegitiName Thailand
- Vanksen Group creation
- Domain name fraud warning
- BMW and Google
- Trademarks and sponsored links
- Tamiflu and UDRP
- ADR procedure and .eu
- Brand protection ROI
- E-mail fraud and registrar
- China: keyword registration
- Recover co.uk domain name
- IACC Conference
- Dot-asia registration launch
- Trademarks: .asia calendar
- Buzz monitoring
- Second Life and brand
Fraudulent e-mail from registrar: case study of a Chinese company
« Domain slamming » is not a new phenomenon. On the contrary, the number of abuse tends to increase. We have recently detected a fraud originated from a Chinese registrar. Though the text content is different from other cases previously described (see related article), the purpose remains the same : make the company subscribe to unwanted services by using deceptive practices.
Extract of the message:
“I am China Internet Network Information Center (CNNIC) Accredited Internet Keyword Registrars--- XXX XXX Co., Ltd.
We have a domain name instance to confirm with your company. We get a application [...] for internet keywords(XXX,芬芬), Chinese domain names (芬芬.中国)and CN domain names(www.XXX.org.cn). We want to make clear whether you have entrust a person named XXX XXX to submit an applicant for your company [...].
We have the obligation to inform you of this. If you did entrust him to do, so we’ll register it for him. If you want to keep the property, you will have to send me proof materials[...]. And the limit time is seven working-days [...], if the trademark is been registerd, it’s difficult to say how serious the result will be [...].
But, according to we know, your company didn’t make any protection about your trademark in the internet. and the internet keywords “芬芬”and Chinese domain name“www. 芬芬.com” has been registered by other people. and the domain name is for sale now.”
For more information about domain name protection, feel free to contact our team of domain experts.
1 - Decoding abuse:
The registrar sends an e-mail to the legal, marketing or IT manager. The registration service informs the company that an individual or a competitor requests for keyword and domain name registration :- the keywords are in latin and chinese character around the company trademarks
- the domain names in chinese characters (IDN) around the company trademarks
Extract of the message:
“I am China Internet Network Information Center (CNNIC) Accredited Internet Keyword Registrars--- XXX XXX Co., Ltd.
We have a domain name instance to confirm with your company. We get a application [...] for internet keywords(XXX,芬芬), Chinese domain names (芬芬.中国)and CN domain names(www.XXX.org.cn). We want to make clear whether you have entrust a person named XXX XXX to submit an applicant for your company [...].
We have the obligation to inform you of this. If you did entrust him to do, so we’ll register it for him. If you want to keep the property, you will have to send me proof materials[...]. And the limit time is seven working-days [...], if the trademark is been registerd, it’s difficult to say how serious the result will be [...].
But, according to we know, your company didn’t make any protection about your trademark in the internet. and the internet keywords “芬芬”and Chinese domain name“www. 芬芬.com” has been registered by other people. and the domain name is for sale now.”
2 - Analysis of the message:
- The message seems corporate, which can create an instant confidence towards the author of the message. The warnings are exaggerated because most of the requested domain names are already owned by the company ! We can therefore doubt about the reliability of this information and the seriousness of the registrar.
- The registrar also manipulates the Chinese language (IDNs, keywords) to derive profit from the situation.
- To increase the message legitimacy, the registrar abusively quotes the CNNIC, the legal authority that administers the database for .cn domain names. In fact, the CNNIC is mentioned in the electronic address, the body of the message and the signature.
- Finally, the Chinese registrar tries to force the company to react immediately.
3 - Recommendations:
- Do not panic and hastily register the domain name. This domain name fraud aims at making the company react without verifying the information veracity and the message legitimacy.
- Contact your registrar or domain name management experts to ask information.
- If you are victim of domain name fraud, stop the payment of the domain names if it is possible. If not, centralize the domain names in the company portfolio.
4 - Domain slamming consequences:
- The company victim of the fraud must face an unknown registrar.
- The domain name prices are usually much more higher than the standard prices.
- The domain name registrations are often not pertinent regarding the company strategy.
- The dishonest registrars can sometimes put fraudulent clauses such as long-term registrations and subscription to complementary services.
- The domain names can be lost to the profit of swindlers.
For more information about domain name protection, feel free to contact our team of domain experts.
