Key Post: Domain Name nightmare warning

  • Thread starter XXXAnother PersonXXX
  • Start date
X

XXXAnother PersonXXX

Guest
I finally took the plunge and got a username registered.

I wanted to take this opportunity to warn people about euphemistically named 'cyber-squatters' (Or more aptly 'complete bastards')

We've spent the last couple of years promoting our domain name. We have it on search engines, products, stationary, email (which all our customers use for support etc.) We were quite surprised to find on the 13th Jan that a new company was occupying our web domain - with the option for us to buy back it back!

Apparently, our domain name expired on 12th, and this company registered it straight away. We didn't know it had expired because register.ie sent the warning to an email address we don't use.

ICANN provide an arbitration service, whereby you can win back your domain name. The cost of this service: about $1200. The company that now has our domain will sell it back to us for the convient price of $1150 - draw your own conclusions.

We are effectively are being held to ransom, as the domain name is completely meaningless, and no use to anybody (apart from us).

We simply can't afford this fee.
 
Domain Name

This happened to a friend of mine before. No way around it as far as I can see. Either:
1, pay the ransom
2, get a new domain name and incur costs of new stationary etc.
3, Take a chance on the cyber-squatters not renewing the domain name on time next year!
 
Re: Domain Name

We didn't know it had expired because register.ie sent the warning to an email address we don't use.

Don't mean to be smart or anything but surely registering your domain with an email address that you don't monitor was a bad idea?
 
Re: Domain Name

Don't mean to be smart or anything but surely registering your domain with an email address that you don't monitor was a bad idea?

Well, I'm not perfect... The email address in question had about 3000 spam messages in it.

We forgot that this was the email that we used to register the domain. This is understandable, because once we registered the domain, we had new email addresses. We also didn't know that this scam was in operation, and weren't ready for this.

Anyway, we aren't going to pay these bastards (or the arbitrators - they're obviously making a killing from this scam as well). Looks like we're going to have to start from scratch.

The damage is done with us, but I hope other people learn from our mistakes.
 
Re: Domain Name nightmare warning

As a technologist, I'm always dissapointed with the all-to-common casual attitude taken to email addresses. Over the Christmas holidays, I emailed one of the leading Irish online insurance brokers regarding my home insurance renewal, using the main 'contact us' email address given on their website. When I got no response & chased them up in January, I got the old 'Ah sure I haven't checked that address for ages' response.

I've no doubt that none of these businesses would take such a casual attitude to their phone or fax machine. Even if the receptionist goes sick, they will make 100% sure that someone answers the phones. By failing to take similar care with their email services, they give a very poor impression of their reliability and responsiveness.
 
Re: Domain Name nightmare warning

The whole domain name issue is a racket. My own mcgibney.com site spent a week offline last year as register.com had my email address from my former employment recorded as my contact address.

They would not facilitate me moving to another domain name registrar (a move I had requested long before it came up for remewal) unless I responded to an email sent to that address, or alternatively prepared a raft of legal documentationand sent it to them (which would have taken weeks, at least). Thankfully my former employer graciously allowed me access their system but register.com could really have really messed up my business and left me vulnerable to cybersquatters otherwise.
 
.

I too detest this attitude with email. That's why we make sure that we get back to anyone who emails us on our publicised company email address, gets a response within 24 hours. We don't advertise our defunct email address. Bringing up our webpage would have been sufficent to see our contact details.

We were a customer of register.ie. They must have too many customers.


(you don't get much sympathy on this board!)
 
Cyber squatting

A few questions:

1. Does the ICANN arbitration procedure not include an ability for the arbitrator to award costs against the loser?

2. If not, why don't you just sue these people in the courts? You will certainly be awarded your legal costs if you win, and there is the possibility (admittedly a remote one)that a judge may find their conduct so offensive as to merit an award of punitive/exempary damages against them.

3. How can they find out so easily that your registration of the domain name has expired? Is there someone out there who has devised software for tracking down blackmail prospects? (just curious)
 
Re: Cyber squatting

3. How can they find out so easily that your registration of the domain name has expired? Is there someone out there who has devised software for tracking down blackmail prospects? (just curious)

Quite possibly - I don't know. But to be fair to all reputable domain registration companies notify customer whose domain registrations are up for renewal in good time (as in this case), allowing for easy renewal and avoidance of any cybersquatting problems. Unfortunately if the customer provides inadequate contact details (as in this and Tommy's case) then the domain registration company can hardly be blamed if the registration lapses.

By the way, in my opinion Tommy's description of the domain registration business as a racket is way over the top.
 
.

1. Does the ICANN arbitration procedure not include an ability for the arbitrator to award costs against the loser?

No. Even if a case goes through arbitration, sometimes the cyber-squtters still have the domain four months later! It generally takes 2 or 3 months (of lost business) for the arbitration service to run its course.

2. If not, why don't you just sue these people in the courts? You will certainly be awarded your legal costs if you win, and there is the possibility (admittedly a remote one)that a judge may find their conduct so offensive as to merit an award of punitive/exempary damages against them.

They haven't done anything illegal. All they've done is register a vacant domain name. BTW, they want $1900 ransom.


Out of curiosity, does anyone here think that this practice is unethical? - or is it all fair game?
 
Re: .

They haven't done anything illegal. All they've done is register a vacant domain name. BTW, they want $1900 ransom.

Out of curiosity, does anyone here think that this practice is unethical? - or is it all fair game?


Seems to me that this is capitalism in a nutshell. Whether or not it's ethical is a subjective matter.
 
Re: .

Unfortunately if the customer provides inadequate contact details (as in this and Tommy's case) then the domain registration company can hardly be blamed if the registration lapses.

Accepted, but what about the case of register.com, where a they (at least used to) forbid their customers from updating their own contact details, in the absence of reams of genuinely complicated and apparently costly legal documentation (based on the US legal system and, for example, necessitating signatures to be witnessed by a US-registered Notary Public)?

By the way, in my opinion Tommy's description of the domain registration business as a racket is way over the top.
Well, that depends on one's opinion but I base my "racket" judgement on the above and also on my experience with register.com where they charged me $35 a pop for domain renewal and then reduced their price by two-thirds to $12 when I indicated I would go elsewhere in one instance.
 
Re: Cyber squatting

they charged me $35 a pop for domain renewal and then reduced their price by two-thirds to $12

Well if this is your definition of a 'racket', i.e. a 2/3rds reduction in price when pressurised, I'm sure there are many brokers, accountants, solicitors, IT professionals, builders, bakers & candlestick makers guilty of racketeering. ;)

Accepted, but what about the case of register.com, where a they (at least used to) forbid their customers from updating their own contact details, in the absence of reams of genuinely complicated and apparently costly legal documentation (based on the US legal system and, for example, necessitating signatures to be witnessed by a US-registered Notary Public)?

Do they forbid updating of contact details absolutely, or do they forbid updating of contact details from an email address other than the one originally used to register? If the latter, then this sounds like a security mechanism designed to protect the customer. Without this mechanism, what would stop me registering a free email address like [email protected], then contacting them from this address claiming to be you, and taking ownership of your domain.
 
Who controls my domain ?

Arising from the above discussion, here are some short notes to help you establish who really controls your domain.

If it is a .ie domain go to www.domainregistry.ie, and click on IE WHOIS associated with support and type your domain name in. If you try with bankofireland.ie you will see that the three contacts (administrative, technical and zone) are listed as a person who is (presumably) known to Bank of Ireland. If you look at jurys.ie you will see that they have someone from another company (in this case register.ie) listed as the technical contact. In this case they would need to convince this organisation to authorise changes to their 'own' domain.

Please note that all domains and organisations above are provided for example purposes and were not chosen as examples of good or bad organisations. I have no reason to believe that register.ie wouldn't make changes when requested. There are often good reasons why you would use your ISP as a technical contact.

If your domain is a .com one then go to www.networksolutions.com and click on the whois link at the top right of the page.

Type in your domain and see what comes back. If the domain is registered with Network Solutions (try nasdaq.com) you will get the contact information back. If it is registered with another registrar (try dublin.com) you will get details informing you of the correct registrar. In this case it is register.com. Go to www.register.com and follow the whois link towards the top left. Type in dublin.com there and with a bit of link following you find out the contact details again.

If you have a .uk or other domain it just takes a bit more work to figure out where to start, but try google with "registrar .uk" or whatever.

Hope this helps.

z
 
Re: Domain Name nightmare warning

I thought that the registration of .ie domain names was very strict, that businesses need to provide proof of their company name and individuals had to provide their birth cert in order to register their name and that in any case only Irish individuals and companies could register .ie domains?
 
Re: Cyber squatting

Well if this is your definition of a 'racket', i.e. a 2/3rds reduction in price when pressurised, I'm sure there are many brokers, accountants, solicitors, IT professionals, builders, bakers & candlestick makers guilty of racketeering

Agreed - but have you ever seen a professional drop their price by two thirds? And, I never pressurised them. I just sent the relevant communication to them to notify them that I wished to transfer the domain to register.ie - Note that they don't offer this deal when a domain is about to or has lapsed - just when they are about to lose business to a (lower-priced) competitor. Speaks for itself, eh?


Do they forbid updating of contact details absolutely, or do they forbid updating of contact details from an email address other than the one originally used to register?
The former

Without this mechanism, what would stop me registering a free email address like [email protected], then contacting them from this address claiming to be you, and taking ownership of your domain.

With all respects, I thought that is what passwords are for...
 
.

joe - .ie domains used to be very strict. I remember my brother trying to register sex.ie 9 or 10 years ago. He was refused (even though noone else had it registered)

It's now registered, as are many other generic names.

I wonder how they determined who should get these domain names? (Since it wasn't first come first served)
 
Re: Cyber squatting

Hi Tommy - I've seen bid/offer spreads drop from 5% to 0% for investment products (though not from the same provider, I grant you). Does that mean we can call the guys who still charge 5% 'a racket'?

Did they have a password-based mechanism for changing their registration details? If yes, why didn't you use it? If no, it seems appropriate for them to restrict changes to users from the nominated email address.
 
Re: Cyber squatting

I've seen bid/offer spreads drop from 5% to 0% for investment products (though not from the same provider, I grant you). Does that mean we can call the guys who still charge 5% 'a racket'?

Not automatically, but if the same provider offers a product or service at 5% and is prepared to drop to 0% when challenged, we can draw our own conclusions...

Did they have a password-based mechanism for changing their registration details?

No

If no, it seems appropriate for them to restrict changes to users from the nominated email address.

It seems to me that a password-based system should be sufficient for this purpose. After all, they do have a fairly elaborate password system in place anyway (like every other online commercial operation), which people can use to buy, update, monitor, renew and transfer domains.

I was able to terminate my relationship with them, and transfer to another domain provider, using this password-based system, yet they would not allow me change my contact details without reams of legal paperwork. Sounds crazy to me...
 
Re: Cyber squatting

Tommy - if I had a bad experience with one accountant and, on that basis, posted to AAM accusing all accountants of being racketeers then I'd imagine that you and others would (rightly) object. If you were not happy with register.com's service you could've gone elsewhere presumably?

Anyway, on the topic of changing domain registration details etc., as with many other things related to technology, there is always a trade off/conflict between security and ease of use, as outlined by RainyDay.

In my experience it's not unusual for people who complain about the hassle introduced by the need for security mechanisms (proper passwords, proper authentication of electronic or other credentials/identities etc.) to bypass these only to complain when they suffer the consequences (such as getting hacked etc.).

Sorry - this post crossed with Tommy's previous post.
 
Back
Top