This page is for the convenience
of students in Prof. Tim Richardson's e-commerce classes.
It contains a collection
of info and links regarding all the marketing issues relevant to domain
names.
This
page last updated 2010 Feb 19
Domain Names | ||
marketing issues | witiger.com/ecommerce/domainnamesmktg.htm | |
registration isses | witiger.com/ecommerce/domainnamesregister.htm | |
scams and problems | witiger.com/ecommerce/domainnamesscams.htm | |
scams, phishing | witiger.com/ecommerce/domainnamephishing.htm | |
domain name hacking | witiger.com/ecommerce/hackingexample.htm | |
domain disputes | witiger.com/ecommerce/domainnamedisputes.htm | |
Verisgn problems | witiger.com/ecommerce/domainnamephishing-verisign.htm |
...
. | This page
used in the following courses taught by Prof. Richardson
.
This page deals with o
Registration
vulnerabilities
|
Registration Vulnerabilities |
Information on Registration
Vulnerabilities
from NATIONAL INFRASTRUCTURE PROTECTION CENTER "Internet users rely on names to access on-line resources, making the Domain Name Service (DNS) a vital part of the Internet, as we know it. The software package commonly used to provide DNS has been the target of numerous attacks, highlighting the importance of system administrators keeping current with patches and upgrades. " "Most DNS installations do not incorporate strong authentication, making it possible for malicious parties to insert false directory data into the DNS hierarchy. If an intruder can manipulate an organization's DNS, the intruder could then maliciously divert on-line traffic; e.g., a user trying to access <www.nipc.gov> may be sent not to the real NIPC web site, but to a phony site with false information. DNS attacks can also be carried out for other malicious purposes, such as stealing data, harvesting account information, or denying Internet service." |
"Another security concern
lies in the domain name registration process. Central registrars maintain
listings of domain names, their owners, and the name servers that provide
DNS lookups. If an organization moves to a different Internet Service Provider
or makes changes to its servers, it may change its DNS settings. In many
cases, it does this by sending a simple e-mail request to the registrar
and then confirming the desired changes in a follow-up e-mail message.
If
a malicious third party can forge e-mail from an organization, the former
may be able to effect unauthorized changes in its domain name registration,
thereby mounting an effective denial-of-service attack. This vulnerability
was illustrated in an incident earlier this year [2001] in which
a number of institutions found their domains hijacked. Early one weekend,
an unknown party forged e-mail messages to a domain name registrar
requesting that the domains of a number of universities, commercial enterprises,
and nonprofit associations be redirected to a New Jersey provider of online
services. The operator of the New Jersey site noticed the fraudulent domain
transfers and took corrective action. However, it took several days for
the erroneous DNS settings to be rectified. Some of the institutions
victimized in this attack experienced significant disruptions in Internet
connectivity. In response to this risk, some domain name registrars have
implemented optional authentication procedures for DNS modification requests.
Such requests are often required to be accompanied by a secret password
or digitally signed by the domain's registered owner."
for further details, go to
NIPC at
|
During the 4th week of January 2006, Richardson was interviewed by Amy Sharaf of Ryerson's Independent Newspaper " The Eyeopener Online" www.theeyeopener.com about fake websites that have URLs spelled similar to a legit site, and used to divert traffic for companies that are paying for "click throughs" |
While "parked pages" lead
to empty sites, active sites such as Ryeson.ca are also detested by search
engine people because they can clog up legitimate search engine rankings,
Richardson said.
"When you go looking for something, if it's not on the first three pages, you try (your search) again with different words. "If you don't rank high on one of the first ones, you don't exist." He added that speculation of which URLs may come to be in demand may cause people to scoop up potentially popular names. "People watch American Idol 3, they find the names of the four people that can do the semis and that night one person goes on Internet.com and buys trade names," Richardson said. If names are taken, variations such as Ryeson.ca become the next best thing. |
Domain
Names . Problems and Scams |
"Internet Registry Firm plays on People's Anxieties" is the heading of an August 25th, 2000 article by Tyler Hamilton Hamilton describes how some small and medium sized businesses are being scammed by companies contacting a firm and telling the firm that there is an attempt being made to register the same domain that they presently own, but with a different ending such as .org or .net. |
Hamilton explains that "
... the owners of Aufgang Travel, a Bathurst St. travel agency,
received an unsolicited fax that read ``urgent notice.'' The fax was very
official-looking. It was authoritative and a bit intimidating. And it explained
in legal-like jargon that somebody was attempting to register the domain
name http://www.aufgangtravel.net - a variation of the ``.com'' address
that Rodach and Aufgang had registered in February. The company that
sent the fax - Electronic Domain Name Monitoring (EDNM), a division of
Toronto-based NDNRegistry - gave Aufgang Travel ``first-right-to-use''
to register the ``.net'' name. It also offered to register the name
on Rodach's and Aufgang's behalf for $70. Was somebody else actually
going after the ``.net'' version? It wasn't immediately clear,
though it's always possible that it was being hijacked by a cybersquatter
looking for a substantial ransom, a scenario outlined in the fax...
What was clear is that Rodach and Aufgang didn't feel comfortable with
what seemed like an overly aggressive marketing tactic. ``My
gut said right away that it was a scam, but I wasn't sure,'' says Rodach,
explaining that he found it odd that, of all the names in the world to
register, somebody would try to go after a unique local Web address based
on a not-so-popular family name. .. ``It plays on people's anxieties,''
says Brian O'Shaughnessy, a spokesperson for Network Solutions Inc. of
Herndon, Va. ``I've seen it before, and it's the price you're going
to pay for having an open domain name system.'' ... Network Solutions used
to have a monopoly over the registration of Web addresses ending in .com,
.net and .org, but the U.S. government decided in 1998 to open up the
market. Since then, hundreds of registrars have entered the market with
their own creative ways to drum up business. ..NDNRegistry isn't doing
anything illegal, says Detective Walter Turczyn of the Toronto police
fraud squad. "
The original story by Hamilton
was at
|
Domain
Names . legal issues |
Larry Chase advises that if another firm challenges your right to a domain name, the InterNICinforms you that you've got 30 days to vacate the domain while the dispute is settled. .. In order to prevent this you may want to protect yourself by trademarking the letters and words that make up your domain name and matching them to your publically known corporate phrases, slogans and mottos. |
Domain
Names Disputes
|
Mazzaher J. in BCS 555 in
Sept 2003 found a good article online from www.tipz.net/cybersquating.htm
that
explains the circumstance of "Cybersquatting" -something which often leads
to domain name disputes.
"Cybersquatting is the purchase of a domain name in bad faith. Usually this is done with the intention of reselling that domain name back to the legal copyright holder, although sometimes there are other reasons. This is considered a violation of the trademark laws. An example of cybersquatting would be if someone purchased the domain name "mcdonalds.ws" and then proceeded to attempt to sell it back to McDonalds. It would also be considered a violation of the law if the purchaser put up a web site describing how bad McDonald's food was or commenting on the service. Cybersquatting was made illegal by the passage of a federal law [in the U.S.] in 1999 known as the Anti-Cybersquatting Consumer Protection Act. The law became necessary because numerous large companies were forced to pay large sums to buy their domain names from third parties. " Permission to quote / link, came from Richard Lowe Dec 2004 |
The
problem with enforcing laws about cybersquatting:
jurisdiction |
Laws only work in the regions
in which they can be enforced. eg. If you do something bad in Texas, you
are only going to be arrested by the Texas State Troopers in Texas, if
you escape to Argentina ....!
So, governments can pass a law about cybersquatting but it is difficult to enforce. If a person in Asia bought www.mcdonalds.tn from a domain registrar in the Caribbean and had it hosted by service in Europe, how could American's enforce a law about cybersquatting?? Internet law is not the same as laws about murder, or child exploitation. In the case of serious violent crimes, most countries have extradition treaties that cover such circumstances. Extradition for internet crimes is very very rare. The other problem with enforcing a law is the problem of identifying the criminal - there are many ways to buy and own a domain name without providing detailed personal contact information. As long as you pay the fees, most domain registrars don't care - therefore it would be difficult for the authorities to track you down. |
|
CONTACT I MAIN PAGE I NEWS GALLERY I E-BIZ SHORTCUTS I INT'L BIZ SHORTCUTS I MKTG&BUSINESS SHORTCUTS I TEACHING SCHEDULE |
. | |
MISTAKES I TEXTS USED I IMAGES I RANK I DISCLAIMER I STUDENT CONTRIBUTORS I FORMER STUDENTS I | |
. |