slamming and other scams

This page looks at domain name slamming, deceptive behaviour aimed at persuading an individual/organisation to register a name or to pay an excessive amount for initial registration/renewal of a name.

It covers -

• introduction
• renewal scams
• pressure
• 'register' scams
• prevalence

     introduction

Life before the net was bedevilled by scams such as businesses being deceived into paying for inclusion in a range of directories and other publications that would supposedly enable their identification by large numbers of customers.

In some cases claims made about readership of the publications were greatly exaggerated. In other cases the scammer took the money and ran, with the directory not appearing. Such scams have been a feature of past adoption of new technologies, for example telegram, phone and fax directories.

It is thus unsurprising that existing and potential domain name registrants encounter a range of 'slamming' scams, deceptive practice that is aimed at persuading an individual or organisation to -

• unnecessarily register a name, eg to preempt registration by a competitor or entity with malign intent
• renew an existing registration, typically for a long term and at a cost well above the standard rate.

Scams also include is supposedly about invitations, on occasion verging on threats, to pay for inclusion of a name in a 'register' or directory that is supposedly essential for identification of websites.

Some of those scams are sharp practice, predicated on the naivety or impatience of the person reading the offer but not necessarily illegal. Others are overtly fraudulent and breach national/provincial trade practices and consumer protection legislation.

They may involve use of contact information harvested from individual websites or details obtained - illicitly or otherwise - from a WHOIS database.

     renewal scams

The deceptive 'renewal invoice' appears to be the scam most frequently - and painfully - encountered by existing registrants.

It comprises sending the domain name registrant a notice warning that the domain is about to expire. That notice is deceptively presented as a renewal invoice, a deception that is often only discernable by perusing fine print couched in the most obscure 'legalese'. In many instances the name is actually not due to expire for a further six or eight months, but the recipient of the 'invoice' is led to believe that time is of the essence.

Recipients who take the 'invoice' at face value, making a payment, typically find that they have in fact authorised transfer of that name to the issuer of the invoice. That issuer is often based overseas; if ostensibly 'local' the office may be unattended. Fax and phone numbers for queries and complaints may be out of service or simply unanswered.

That is of concern because registrants often discover that they have -

• been induced to pay an excessive premium for the registration (typically five to ten times the standard rate) and may have been billed a processing charge
• been persuaded to 'renew' for an inappropriate number of years, eg for 100 years or a one-off payment in perpetuity
• major difficulty in redelegating the registration, especially if the scammer is uncontactable or demands a substantial processing fee
• paid for a renewal that in fact has then not been actioned, with the scammer taking the payment but not contacting the registry and the registrant thereby losing the name.

     pressure

Other scams are based on what one critic characterised as "latent menace", with the scammer alerting the victim that a 'client' has asked it to register one or more domain names that resemble (or indeed are identical to) the victim's corporate or brand name. Having breached its responsibility to the fictive client, the scammer nobly offers to register the domains on behalf of the victim. Some scammers purport to be altruistically protecting the victim from their client's illicit intentions.

The scam often involves telephone and email solicitations, with the oh so generous offer being pitched as a matter of urgency - only a few moments for the scammer to rescue the victim from the wickedness of the supposed client. The scammer often imposes a service charge in addition to a substantial premium for registration.

Typically the scammers take refuge behind confidentiality - or simply terminates contact - if asked to substantiate claims that they have been commissioned to register the domain names on a competitor's behalf.

     register scams

Outside Australia a popular scam is the online version of traditional print directory and register scams. That appears to be particularly the case in regimes with expectations that official authorisation and a stamp is required for much activity.

Typically the scammer contacts an organisation by fax, snailmail or email with a letter that claims some official status and implies that there is a requirement for registration in a database or directory. It may be embellished with the logos and names of real or fictional DNS organisations (some of which accordingly take legal action for misuse of their trademarks and reputation).

That correspondence may or may not appear to commit the registrant to payment of a fee on a one-off or ongoing basis. Victims who respond are often subsequently notified that the domain name or other information has been featured in a published directory. That notice is usually accompanied by news that the victim owes the scammer several hundred dollars or euros, with non-payment being referred to a credit reference bureau.

Some of the directories are purely fictitious: no-one gets to see the CD-ROM or print publication. Other publications do exist, but are not of the claimed quality and circulation. In practice they are of dubious value as tools for online resource identification: potential users would be better advised to rely on a search engine such as Google, links from another site or even word of mouth (distinctly low-tech but often more effective than anything electronic).

     prevalence

The prevalence of such scams is uncertain: there have been no definitive academic studies or government reports.

However, as with the 419 Advance Fee scam (discussed elsewhere on this site), it is clear from complaints to regulators and media coverage that a substantial number of entities fall victim each year. Those entities include both SMEs and large organisations where junior staff conscientiously process what appears to be a legitimate invoice.

The scams take place because

• the victims may lack the time, expertise or inclination to take legal action - one SME characterised its experience as "an unfortunate cost of doing business"
• the scammer is operating in legally grey areas or in ways that although unethical are strictly speaking not illegal
• regulators lack resources for action, other than on an exemplary basis after egregious abuses, and assess the scams as deserving a lower priority than illicit activity regarding health or finance
• the scammer can accrue substantial rewards without major investment or effort, and often operating in several jurisdictions.

One Australian scammer, pursued by auDA and Nominet among other bodies, for example appears to have deceptively gained over $0.5 million through large-scale mailouts - some sources indicate that the take over several years might be around $2 million - and used shelters in the Channel Islands and the Seychelles after blitzing businesses in New Zealand, the UK, Australia and elsewhere.




    next page  (monetising)