NinerNet Communications™
Blog

Corporate Blog

Data privacy developments

22 May 2018 22:44:39 +0000

The purpose of this long blog post is to keep you informed of a significant development in the domain registration business, how it will affect you, what action you need to take and how to protect yourself from the criminals who will take advantage of the confusion that will no doubt be generated. We have also sent this via email to our clients.

The GDPR

In the last few months you may have heard rumblings about a new European law called the GDPR, the General Data Protection Regulation. This is a sweeping new law that will affect people in every corner of the globe, not just in the European Union (EU). It places a premium on the value of individual privacy, and restricts how the personal data provided by an individual may be used by companies and organisations. Fines for breach of the law can reach tens of millions of euros.

The GDPR is a good thing, and will address some glaring problems in our industry that we have referred to on a number of occasions, particularly the public WHOIS system where a domain registrant’s information is available for all the world to see, and is therefore used by scammers worldwide. However, even a good law is still a law and comes with an administrative burden for all parties.

On the hosting side of our business, not much (if anything) will change. We have always closely guarded the personal information of our clients — and that won’t change — and only collected what is technically and legally necessary to provide the services you contract from us.

Domain registrations

On the domain registration side of things, because of the fact that the domain registration system requires a number of entities to co-operate — registrant (you), registrar (currently OpenSRS/Tucows), reseller (NinerNet), registry (various, including Verisign, CIRA, ZICTA, etc.) and ICANN (the Internet Corporation for Assigned Names and Numbers) — you will start to see various transactional emails from us refer to the GDPR (which comes into force on 25 May 2018) and mechanisms for you to provide and, if necessary and possible, withdraw consent for use of your personal data. The need for you to fulfil your obligations as a domain registrant and respond to calls to action in emails will be in addition to actions you have needed to take until now. In short, it should mean a couple more emails per domain per year that you will need to pay attention to, but exactly how this manifests itself will develop over time, especially in the first year after this Regulation comes into force.

While it’s a reasonable question to ask why an EU law will apply to people and companies outside of the EU, the fact is that, worldwide, domain registries and registrars intend to comply with this Regulation and adopt a uniform system for managing it. Many jurisdictions have privacy laws, but the GDPR looks like it will be the most robust affecting the greatest number of people and the general feeling among proponents is two-fold: 1) Privacy is a good thing and we should follow the most stringent standards in favour of it, and 2) If we have to adjust policies and practices, then it makes no sense to have one set of policies and practices for some people and another for everyone else.

While this law affects all industries (and governmental organisations) in the EU and those (within and without the EU) that deal with European residents, the most visible effect in our industry will be on the public WHOIS (“who is”) system, where your personal information — name, address, phone number, email address, etc. — is currently published in public databases of domain registrants for everyone to see. These databases will continue to exist, of course, but access to them will be restricted, through layered access to a new “gated” WHOIS system, to legitimate accredited users that will include law enforcement organisations and intellectual property lawyers, as well as the registries, registrars and resellers directly involved in a particular domain registration.

Spammers, scammers and fraud artists

The one class of people that we certainly hope will no longer have access to this information is the fraud artists that fill your email every day — despite our best efforts — with offers to enlarge body parts, sell you web design and “search engine optimisation” services, scam you into sending them money for services they’ll never provide, and trick you into providing information to them that will lead to identity theft (phishing). With any luck, this new law will finally almost wipe out the spammers who harvest your email address from the WHOIS. It won’t stop those who get your unprotected email address off your website, or already have it or buy it from these unscrupulous individuals, but it should stop anyone else getting your email address if you change it in your existing domain registration.

But speaking of scams, as sure as night follows day (we’ve seen it before) these changes will no doubt lead to many scammers sending out emails urgently requiring you to take some action or another after clicking a link in their email. The text of the emails will use urgent language designed to scare you, but that they assume you will have heard in the news. They will refer to the GDPR and tell you that if you don’t go to a website and fill in a user name and password for your domain — and perhaps send them money too — your domain will be suspended and deleted.

DO NOT FALL FOR THIS! IT IS NOT TRUE!

As we have said over and over again for more than twenty years, if you receive an email about your domain or hosting from an email address that is not on the niner.net domain, then it is almost certainly a scam. If the email attempts to scare you into taking action immediately, then that only adds to the weight of evidence pointing to it being a scam. If you are concerned and not sure, we’re happy to advise you if you forward the email in question to us before taking any action.

Our new privacy policy

As with many Internet companies, the new GDPR has prompted us to revise our privacy policy. Our privacy policy — part editorial, part serious statement — is unlike any you have ever read. It provides some truth about the real problem with what the true purpose is of many (mostly larger) companies these days, and how we’re very different.

No action required at this time

Finally, no action is needed from you at this time. However, after 25 May you will start to receive email notices directing you to take GDPR-related actions, especially if you change anything to do with your domain, and possibly when you renew it.

If you have any questions, please let us know. Thank-you for your time.

Tags: , , , , ,
Categories: Notices
Comments Off on Data privacy developments

Quarterly kwacha rate review, Q2 2018

1 April 2018 00:00:02 +0000

Based on the current value of the Zambian kwacha in US dollars and recent trends, we are maintaining our retail kwacha prices until the next quarterly review.

Some sample rates:

  • webONE hosting plan (monthly): ZMW 157.50
  • mailONE hosting plan (monthly): ZMW 105.00
  • gTLD domain (annually): ZMW 199.50

Our kwacha rates are available on our website.

Tags: , , , , ,
Categories: Notices
Comments Off on Quarterly kwacha rate review, Q2 2018

Quarterly kwacha rate review, Q1 2018

1 January 2018 23:57:16 +0000

Based on the current value of the Zambian kwacha in US dollars and recent trends, we are maintaining our retail kwacha prices until the next quarterly review.

Some sample rates:

  • webONE hosting plan (monthly): ZMW 157.50
  • mailONE hosting plan (monthly): ZMW 105.00
  • gTLD domain (annually): ZMW 199.50

Our kwacha rates are available on our website.

Tags: , , , , ,
Categories: Notices
Comments Off on Quarterly kwacha rate review, Q1 2018

Year-end wishes and business hours

22 December 2017 13:09:26 +0000

Please accept our thanks for your business in 2017, and our best wishes to you, those in your organisation and your families for a Happy Christmas, and all the best for a prosperous New Year.

Over Christmas and the New Year our administrative side will be taking a break from 23 December 2017, and will be back on the job on Tuesday 2 January 2018, at which time routine emails and enquiries will be dealt with. We will, of course, continue to monitor servers 24/7, and emergency support requests will be dealt with immediately.

Thanks very much again for your ongoing business. We look forward to continuing to serve you in 2018.

Tags: ,
Categories: Notices
Comments Off on Year-end wishes and business hours

Quarterly kwacha rate review, Q4 2017

1 October 2017 22:19:06 +0000

Based on the current value of the Zambian kwacha in US dollars and recent trends, we are increasing our retail kwacha prices effective today and until the next quarterly review by about 5%.

Some sample rates:

  • webONE hosting plan (monthly): ZMW 157.50
  • mailONE hosting plan (monthly): ZMW 105.00
  • gTLD domain (annually): ZMW 199.50

Our new kwacha rates will be online within 24 hours.

Tags: , , , , ,
Categories: Notices
Comments Off on Quarterly kwacha rate review, Q4 2017

Office hours

31 July 2017 20:26:33 +0000

NinerNet‘s offices will be closed from Tuesday 1 August and will re-open on Monday 7 August. Emergency support will continue to be available 24/7, but routine emails and enquiries will be dealt with on Monday 7 August. Thank-you.

Tags: ,
Categories: Notices
Comments Off on Office hours

Diet and weight loss spam

24 July 2017 07:06:34 +0000

This is a long post, but certain sections of it might be useful to you.

We have been hearing from some clients over the last few months that they are being inundated with spam advertising weight loss drugs, diet pills, etc. ad nauseam. NinerNet does have anti-spam measures on our mail servers — and they stop thousands of messages a day that you never see — but they generally rely on methods of filtering that do not involve what is called “content scanning” — i.e., having a machine essentially read all of your email to see if it mentions topics you don’t want to hear about. They also don’t generally involve blocking email addresses, as spammers almost always send from a different email address every time, so blocking one email address after the fact is pointless.

Additionally, what is a clear indicator of spam for one client can be part of a perfectly legitimate email for another client: for example, a medical client might send and receive completely legitimate emails that include the word “diet” or the phrase “weight loss”, and so we can’t filter for those words across the entire server. Even everyday communications can contain these words when one person enquires after another person’s health, even in a business email: “How’s the diet going?”; “Bob has experienced significant weight loss since he got sick last month”; and so on. In other words, if we deleted all messages containing the word “diet”, for example, we’d delete a lot of legitimate email and upset a lot of clients.

Then there are spelling mistakes: If we delete email containing the phrase “diet supplement”, we’ll miss the misspelling “diet suplemment”.

So what can you do? Potential solutions fall into two categories — prevention and cure — and we all know that an ounce of prevention is worth a pound of cure. We’ll deal with prevention first, but if it’s already too late for you, skip right to the (potential) cures at the end.

Prevention

  • Don’t put your email address(es) on websites: Spammers use the same techniques as the search engines to index (“scrape”) websites for email addresses. If you put an email address on a website — yours, or a forum that you’re involved in — it is going to be spammed. Instead use a contact form. These are not foolproof either, but they’re better than nothing and you can tweak them over time in response to their misuse.
  • Avoid using certain email addresses: Certain email addresses get more spam than others. These are called RFC 2142 addresses, and they include info@example.com, sales@, etc. These are common addresses that spammers will send email to in the hope that they go to a real person. Instead of info@, consider an alternative like contact@.
  • Avoid common first names: Yes, your name might be Jim and you want to use jim@example.com, but avoid it. If your surname is Smith, try jims@example.com, jsmith@example.com or even jimsmith@example.com instead. Consider adding punctuation — e.g., j.smith@example.com.
  • Domain registrations: Use a dedicated email address for your domain registrations. Over the years most domain registries have been part of the spam problem by publishing email addresses in their “WHOIS” databases, which are scraped the same way websites are. Instead of using your primary address as the public contact for your domain registration, use a secondary one. However, it must work and you should check it regularly — e.g., once a month or so. The registry that NinerNet uses does not publish the billing contact’s email address, making the email address for this contact less likely to receive spam. And while we do provide WHOIS privacy where all of the contact information for your domain registration is hidden, we don’t recommend this for businesses as looking up the WHOIS information for a domain is a legitimate method for your customers to verifying the legitimacy of your business.
  • Use throwaway addresses: If you need to give an email address out in situations where you’re concerned it might be abused by the person or organisation you’re giving it to, create a throwaway address for one-time use.
  • Don’t be part of the problem!: See “How and Why to Blind Copy Multiple-Recipient Emails“. Also, don’t send mass emails yourself to people you assume will be happy to receive them — e.g., customers who once did business with you six years ago!
  • Use an anti-virus scanner: Prevent your computer being taken over by criminals who want to mine it for data, not the least of which are the email addresses of your friends, family and business contacts.

Cure

In truth, there is no cure. If your email address is on a spammer’s list, it’s going to be sold and traded on. But no matter how well you do on the prevention side, someone else who has your email address on their computer is going to allow a virus in, and your email address will end up on a list.

However, on the particular topic of this blog post — weight loss spam — if no legitimate email coming into your account is going to refer to “diet pills” or “weight loss”, then you can set up a filter in your webmail account. Follow these instructions (illustrated at right):

  1. Log into your email account at mail.niner.net.

    Spam filtering

    Spam filtering.

  2. Click “Settings” in the top, right-hand corner.
  3. Click “Filters” in the left-hand column under the “Settings” heading.
  4. Click the plus sign at the bottom of the third column from the left under the “Filters” heading.
  5. In the “Filter name” box, give the filter a name like “Diet spam”.
  6. In the “For incoming mail” section you probably want to leave the default “matching any of the following rules” setting in place.
  7. In the first drop-down list, select “Body”.
  8. In the second drop-down list leave “contains” selected.
  9. In the blank field to the right, enter a word (single words are risky) or phrase that you think indicates spam. (Some suggestions culled from sample emails sent to us by clients are below.)
  10. To add more spammy words or phrases, click the plus sign to the right to add another “rule”.
  11. In the “…execute the following actions” section, we recommend you select “Move message to” in the first drop-down list, and “Junk” in the second drop-down list.
  12. At the bottom of the page click the “Save” button.

Now emails matching the filter you have created will automatically be filtered to your “junk” folder. We suggest that you check your junk folder regularly for a while after you create a rule to make sure it doesn’t catch any legitimate email.

Some spammy words and phrases from sample emails sent to us by clients:

  • diet aid
  • weight loss
  • fat
  • body
  • skinny
  • weight goals
  • diet supplement
  • weight reduction
  • excessive weight
  • boost your metabolism
  • beach body
  • live a better life
  • living a better life
  • dietary product
  • fight weight
  • big discount

Please note that you use these phrases and instructions for filtering your email at your own risk!

We hope this helps you fight some of the spam you’re receiving. If you have any questions, please contact support.

Tags: , , , , , ,
Categories: Notices
Comments Off on Diet and weight loss spam

Quarterly kwacha rate review, Q3 2017

2 July 2017 20:46:43 +0000

Based on the current value of the Zambian kwacha in US dollars and recent trends, we are lowering our retail kwacha prices effective today and until the next quarterly review by about 5%.

Some sample rates:

  • webONE hosting plan (monthly): ZMW 150.00
  • mailONE hosting plan (monthly): ZMW 100.00
  • gTLD domain (annually): ZMW 190.00

Our new kwacha rates will be online within 24 hours.

Tags: , , , , ,
Categories: Notices
Comments Off on Quarterly kwacha rate review, Q3 2017

Quarterly kwacha rate review, Q2 2017

1 April 2017 08:36:39 +0000

Based on the current value of the Zambian kwacha in US dollars and recent trends, we are maintaining our retail kwacha prices until the next quarterly review.

Some sample rates:

  • webONE hosting plan (monthly): ZMW 157.50
  • mailONE hosting plan (monthly): ZMW 105.00
  • gTLD domain (annually): ZMW 199.50

Our kwacha rates are available on our website.

Tags: , , , , ,
Categories: Notices
Comments Off on Quarterly kwacha rate review, Q2 2017

Reminder of domain renewal scams

12 February 2017 02:22:14 +0000

The scammers trying to separate you from your money never sleep and we’ve been meaning to send a reminder about that for a while now. Were prompted today by a couple of things: the first being a client who recently mistook one of these scams for a legitimate notice from NinerNet, and the second the receipt of four emails to us that arrived in quick succession in the span of 22 minutes this morning from the same scammers.

What these scams have in common is that they’re sent to the email address you use in your domain registration, and masquerade as domain renewal notices. The management of the WHOIS system — the database of domains and their owners — is a bone of contention among many, and after more than three decades ICANN has still not figured out how to make the WHOIS system useful for legitimate purposes while protecting domain owners from scams like these. We make five suggestions in the “Lessons to be learned” section of a rather long and detailed post from last year if you’re annoyed at the amount of spam you receive. One of those suggestions is not private domain registration, despite the fact that we can make money on that service.

The two particularly active scams that you should be aware of are these two:

You’ll note that the latter dates back to at least 2015. If the scam wasn’t working, they’d stop. Don’t be scammed!

If you have any questions or concerns, please let us know. Thanks.

Tags: ,
Categories: Warnings
Comments Off on Reminder of domain renewal scams
« Older Entries
Newer Entries »

NinerNet home page

Subscriptions:

RSS icon. RSS

General Information:

This is the corporate blog of NinerNet Communications. It's where we post announcements, inform and educate our clients, and discuss issues related to the Internet (web and email) hosting business and all it entails. This includes concomitant industries and activities such as domain registration, SSL/TLS certificates, online back-up, virtual private servers (VPS), cloud hosting, etc. Please visit our main website for more information about us.

Search:

 

Recent Posts:

Archives:

Categories:

Tags:

accounts receivable apple billing branding cira contact information domain registration domain registry of canada domain renewals domains domain sales dot-ca domains dot-zm domains down time droc email encryption facebook google happy hosting customers hosting transfer icann invoices iphone kwacha maintenance paying your bill paying your invoice quarterly kwacha rate review rates registrar transfers reputation scams search engine optimisation search engine optimization security seo service hours spam ssl ssl/tls support transparency wordpress zamnet

Resources:

On NinerNet: