Whois

Sponsored
by

Noteworthy

WHOIS History API: Powering Domain Investigations

Domain Research and Monitoring: Keeping an Eye on the Web for You

Reverse WHOIS: A Powerful Process in Cybersecurity

Blogs

2019 Domain Name Year in Review

And so it goes, we are coming to the end of 2019, and that can mean only one thing. It's time for another Domain Name Year in Review. And unlike years past, this year was a real doozy. So without further ado, here are the domain name industry's top 10 biggest stories for 2019... To date, 48 leading registries and registrars have signed onto the "Framework to Address Abuse." The initiative was launched in November 2019, just prior to the ICANN meeting in Montreal. more

Why the EPDP is Essential for a Long-Term Solution for WHOIS

Major European legislation, the General Data Protection Regulation, evoked substantial change in the way we deal with the visibility of domain name registration information, and understandably those that use that data to solve problems are concerned about these changes, and some have even called for a U.S. legislative fix. However, a more in-depth look at the issue and the policy-making surrounding it will show that there is, in fact, a process already well underway to address the situation. more

If ICANN Won't Stand Up to EU in WHOIS Dispute, Then the U.S. Congress Should

The early designers of the Internet quickly realized that as the number of domain names flourished, there was a need for tracking domain name owners to resolve questions and conflicts that might arise. To that end, they created WHOIS, a public database with the names, phone numbers, email addresses, and mailing addresses of registered domain owners and operators. more

More Privacy for Domain Registrants – Heightened Risk for Internet Users

A recent exchange on CircleID highlighted a critical need for data to inform the debate on the impact of ICANN's post-GDPR WHOIS policy that resulted in the redaction of domain name registrant contact data. A bit of background: in my original post, I made the point that domain name abuse had increased post-GDPR. A reader who works with a registrar (according to his bio) commented: "Can you back up that statement with data? Our abuse desk has actually seen a reduction in abuse complaints." more

Cybercriminals Benefitting from Stalled Privacy/Proxy Policy

We've seen alarmingly BIG increases in multiple abusive behaviors – like phishing, hacking and malware – that often leverage the domain name system (DNS) and privacy/proxy services. Cybercriminals capitalize on gaps in DNS security measures, and ICANN is holding the door open for them by failing to implement their privacy/proxy policy. If you are ever targeted, you are not alone. more

The End of the Road: ICANN, Whois, and Regulation

There's a well-documented crisis facing the domain name system: very few who rely on domain name registration data from the Whois database to perform vital functions can do so any longer, which is escalating consumer harm and abuse on the internet worldwide. And the problems, thanks to ICANN's overly restrictive policy post-GDPR and a failing policy process, are piling up. more

The Utility Formerly Known As WHOIS

Muscle memory is a funny thing. We don't even think about it really, but when we do the same thing over and over again, it just becomes second nature to us. This is how we've come to use WHOIS over the past two decades to get contact information for registered domain names. If you wanted to see who owned a domain, you'd simply do a WHOIS search. I've probably done hundreds of thousands of them during my time in the industry. Well as of this week, a major step in the retirement of WHOIS officially took place. more

How Domain Data Helps Thwart BEC Fraud

It's true, domain data has many practical uses that individuals and organizations may or may not know about. But most would likely be interested in how it can help combat cyber threats, which have been identified as the greatest risks businesses will face this year. Dubbed as the greatest bane of most organizations today, cybersecurity can actually be enhanced with the help of domain data. How? more

WHOIS Database Download: Proactive Defense Against the Rising Tide of BEC Fraud

How many times have you heard that humans are the weakest link in cybersecurity? The headlines have proven that over and over again. In particular, business email compromise or BEC (also known as email account compromise or EAC) scams, which typically target an employee with access to the financial resources of his company -- this could be a C-level executive or any high-ranking officer -- for fraud are still on a constant uphill trend. more

8th Registration Operations Workshop (ROW), May 9th, 2019, Bangkok

The Registration Operations Workshop (ROW) was conceived as an informal industry conference that would provide a forum for discussion of the technical aspects of registration operations in the domain name system. The 8th ROW will be held in Bangkok, Thailand on Thursday, May 9th, 2019 in the afternoon, at the end of the GDD Industry Summit, in the same venue. more

Domain Related Crime: The 4 Steps of Effective Investigations

There is no rest for the wicked. If you think that 2018 was the climax of cybercrime, wait until you see what happens in the next few years as cybercriminals are constantly learning new ways to strike. Take for instance domain-related attacks now coming in a variety of forms. There's domain hijacking which involves gaining of access to domains and making changes without owners' permission. You have typosquatting where phishing is often utilized to steal valuable information. more

Investigating Domain Name Crime: Challenges and Essential Techniques

Who would think that so much could go wrong with something as seemingly innocent as a domain name? As cybercrime continues to evolve, causing devastating reputational and financial losses to businesses and organizations, web addresses are used as a weapon -- and it's not always easy to notice their many faces. In this article, let's take a look at the domain name crime landscape, discuss the current challenges investigators and legitimate registrants face, and talk about some useful techniques. more

US Government to ICANN - Move Quickly

David Redl has written to ICANN in relation to the ongoing work around whois and GDPR. The letter, which was shared with the GNSO Council last night, is a mixed bag. On the one hand, it offers the carrot in relation to what's been done so far, but then there's the not so veiled threat, which isn't a revelation by any means, of "domestic legislation." more

Still No Access to WHOIS Data

The ICANN 64 meeting in Kobe concluded two weeks ago, and we are no closer to accessing WHOIS data critical for law enforcement, cybersecurity threat investigators, intellectual property owners, or other consumer protection advocates who rely on the data to act quickly against online abuse in the domain name system. Instead of a balanced approach to WHOIS that serves the public interest, the ICANN Board is set to approve a new global policy that fails to even fully acknowledge critical... more

The EPDP on Generic Top-Level Domain Registration Data: Phase 1 Down, Phase 2 To Go

The ICANN community recently gathered in Kobe, Japan for its first meeting of the year and it was certainly a busy week for attendees. Much of the meeting centered around the work of the Expedited Policy Development Process (EPDP) to address gTLD registration data. As a member of the EPDP team, we had been hard at work since being formed in August of 2018. Just prior to the Kobe meeting, we published the phase 1 Final Report. more

News Briefs

New Zealand’s Domain Name Commission Wins Appeal in Lawsuit Against US DomainTools

Domain Registrars Given a Six-Month Deadline to Implement Registration Data Access Protocol (RDAP)

EU Should Not Be Setting US WHOIS and Privacy Policy, Says MPAA

Easy Access to ICANN, IP Address Data Beats Info on Encrypted Data, Says Telstra Cybersecurity Head

New Zealand's Domain Name Commission Wins Injunction in a Lawsuit Against DomainTools

Special Interests Circulating Draft Legislation to Cut Short ICANN's Whois Policy Process

Former ICANN Senior Vice President Kurt Pritz to be Named Chair of Whois Group

DomainTools Sued for Misusing New Zealand's .NZ Domain Name Registration Information

Anti-Phishing Working Group Proposes Use of Secure Hashing to Address GDPR-Whois Debacle

European Data Regulators Throw ICANN Back to the Drawing Board for a Third Time on Whois Privacy

ICANN Files Legal Action Against Domain Registrar for Refusal to Collect WHOIS Data

Domain Name Registrars Ask ICANN for a "Moratorium" on Its New GDPR Policy

A Short-Term Suspension of GDPR Enforcement on WHOIS May Be Necessary, Says U.S. Government

ICANN Releases Temporary WHOIS Specification Plan for GDPR Compliance With Deadline Two Weeks Away

ICANN CEO "Cautiously Optimistic" EU to Provide Clear Guidance for Domain Industry GDPR Compliance

ICANN's GDPR Compliance Model for Whois Unlikely to Be Implemented in Time for May 25 Deadline

Dutch Geographic TLDs Refuse Public Access to Whois Data

Thick Whois Policy for .COM Goes Live

U.S. Bypassing ICANN on Whois Privacy With Closed-Door Meeting in Paris

ICANN Must Make User Privacy a Central Tenet for New Registrations, Says EFF

Most Viewed

North Dakota Judge Gets it Wrong

Network Solutions Responds to Front Running Accusations

Help! My Domain Name Has Been Hijacked!

Whois Privacy vs. Anonymity

Domain Name Registrar Allows Completely Blank WHOIS

Most Commented

Fake Bank Site, Fake Registrar

When Registrars Look the Other Way, Drug-Dealers Get Paid

Who Is Blocking WHOIS? Part 2

ICANN Complaint System Easily Gamed

Domain Name Registrar Allows Completely Blank WHOIS

WhoisXML API Updates – Sponsor

How Domain Reputation API Can Help Detect HTTPS-Protected Phishing Sites

Over the past five years, the Internet has seen the mass migration of websites from HyperText Transfer Protocol (HTTP) to its extension, HTTP Secure (HTTPS). HTTPS is a communication protocol that encrypts the data exchanged between sites and user agents. more

How to Avoid Fake Product Support Pages with WHOIS API's Help

Sometimes, seeing several permutations of a famous company's domain names is not just a mere coincidence. Often, these are typosquatting attempts. They are not merely a nuisance, either, because clicking such a URL can have severe effects. more

How to Safeguard Against Domain Look-Alikes with Domain and Brand Monitoring Services

Should organizations need to worry about domain look-alikes? The answer is, unfortunately, yes. Threat actors often impersonate popular brands and domains to lure users into visiting malicious pages and divulging their personally identifiable information (PII). more

Reverse Domain Hijacking and the Use of WHOIS and Domain Brand Monitoring Tools

In a Uniform Domain-Name Dispute-Resolution Policy (UDRP) case, the complainant usually has to prove three elements to win. Failing to satisfy these evidentiary requirements can render the case not only null and void, but the panel may also consider it as a reverse domain name hijacking (RDNH) instance. more

Addressing Cybersquatting Dangers Using Brand Alert API and WHOIS Lookup

While other organizations also hear Uniform Domain Name Dispute Resolution Policy (UDRP) cases, the World Intellectual Property Organization (WIPO) is the largest. more

Fake Airline Ticket Scams: Domain Spoofing and Other Red Flags

The holidays are a bustling time for businesses and, unfortunately, fraudsters too. Travel fraud is rife in the lead up to the festivities, with airline ticket scams taking center stage. According to a report by The Street, airlines lose US$2.4–4.8 billion yearly due to false bookings. Consumers, meanwhile, lose US$283–588 per transaction. more

Take Brand Protection Up a Notch with Domain Research and Monitoring Tools

Cybersquatting is likely one of the oldest digital threats out there, but somehow, it still works. The first cybersquatting case filed after the implementation of the Uniform Domain Name Dispute Resolution Policy (UDRP) involved the domain worldwrestlingfederation[.]com. more

Industry Updates

How Domain Reputation API Can Help Detect HTTPS-Protected Phishing Sites

How to Avoid Fake Product Support Pages with WHOIS API's Help

How to Safeguard Against Domain Look-Alikes with Domain and Brand Monitoring Services

Reverse Domain Hijacking and the Use of WHOIS and Domain Brand Monitoring Tools

Addressing Cybersquatting Dangers Using Brand Alert API and WHOIS Lookup

Retrospective: Post-GDPR Compliance Rates for Domain Enforcement

Fake Airline Ticket Scams: Domain Spoofing and Other Red Flags

Take Brand Protection Up a Notch with Domain Research and Monitoring Tools

Mitigating Phishing Attacks on Cloud/File Storage Services through Domain Reputation API

Taking a Closer Look at Reverse Domain Name Hijacking (RDNH) with WHOIS Search and Brand Monitor

Legal Services as a Phishing Target: How Domain Reputation Checks Can Help

Reverse Domain Name Hijacking: What It Is and How to Avoid It through a Domain Availability Check

The High Cost Of Privacy In A Post-GDPR World

How Threat Intelligence Software Can Help Prevent Breaches Caused by Server Misconfigurations

How Can Domain Intelligence Analysis Help in Vetting Third-Party Providers

Participants – Random Selection