NinerNet Communications™
Blog

Corporate Blog

Zambian domain registrars again taking detrimental action

28 November 2020 04:23:18 +0000

In April we informed you that we had achieved ZICTA accreditation through our partner Preworx. The primary motivation for doing this was to provide reliable domain registration service to Zambians because, as is shown in this blog, the Zambian ccTLD (country code top-level domain) has been very badly managed by the accredited/registered ISPs that provide registrar service. By becoming an accredited registrar ourselves we hoped (and continue to hope) that we could bring our legendary customer service to dot-zm registrants, to give them peace of mind that their domains will operate as expected.

Since April we have taken a number of actions to provide improved service to dot-zm registrants:

  • We have rescued quite a number of domains that were registered through Coppernet,
  • We have helped the registrants of some domains that were previously hosted with or registered through Microlink,
  • We set up an example domain at example.com.zm,
  • We have updated the WHOIS information for all domains that we’ve transferred in from other registrars, so that they are using current and correct contact information and are compliant with all expected norms as far as contact information is concerned,
  • Many domains transferred in from other registrars had expiry dates as long as ten years ago, but all domains have been renewed up to the present, and
  • We have brought some domains “home” from overseas where they were managed by companies gouging Zambians for hundreds of US dollars per year for domain registrations.

We have also been able to use our status as a registrar with direct and established contact with ZICTA to address a number of situations where dot-zm domains were unduly taken offline due to actions taken by their previous registrars. Most recently this took place yesterday (27 November) when domains that are with the registrar AfriConnect (officially, but also known as iConnect and now “inq.”) were taken offline because their nameservers were changed by iConnect/inq without request or authorisation from the registrants. This took these domains offline all day yesterday until finally, at the end of the day, they were restored to working condition again.

Similar issues have taken place with Zamnet and Coppernet in the past, although the latter is no longer in business and the issues with the former took place before our accreditation, so we were not able to do anything except sit on the sidelines and shout! In one recent case a client’s dot-co.zm domain, registered with Zamnet, was down for over a month before it was sorted out by Zamnet! The expiry date on that domain still shows as 2015 in the WHOIS!

These situations are all examples of the fact that dot-zm domains registered with anyone other than NinerNet are in jeopardy of going offline at any time with no notice to the registrants or NinerNet. This is intolerable. Although it is not a technical requirement, ever since April we have insisted that new clients transferring in existing dot-zm domains to our hosting service also transfer their domain registration for management by NinerNet/Preworx. Any existing clients who choose not to transfer their domain registrations to NinerNet will be pointed to this blog post to ensure that they are aware of the risk they are taking if they leave their dot-zm domain registered with another registrar.

Finally, we are continuing to sell dot-zm domain registrations, renewals and transfers for K175.00 per year (50% off!) until 31 December 2020. Contact NinerNet today to arrange for the registration, renewal or transfer of your dot-zm domain!

Microlink has apparently shut down

14 September 2020 03:24:27 +0000

Microlink last week apparently sent an email to their customers stating that they were suddenly “shutting down their hosting services”. According to some reports, there weren’t many customers left to send the emails to. However, one of them contacted us and with cooperation from ZICTA we were able to transfer their dot-zm domain under our management, and we got them back online the same day.

However, another former Microlink customer who contacted us wanted to get their @microlink.zm email address working again. We had to inform them that we are unable to do that, because we don’t manage the microlink.zm domain and its DNS and email accounts. It remains under the management of Microlink, or whatever is left of it.

We did contact the (apparently) former IT manager at Microlink (Sanjeev) to offer assistance with moving clients to new hosting and to host email on microlink.zm, but we have not had a response … and quite frankly don’t expect one.

If you are a former hosting customer of Microlink — i.e., you have your own domain, dot-zm or otherwise — that was hosted with them, please contact us and we will assist you in getting your domain back online as quickly as possible. We have the expertise and experience.


Update, 2020-09-18: Although we can’t replace what you lost when Microlink shut down unexpectedly, we can try and ease your pain. If you contact us and sign up before the end of September 2020, we will host you for no charge for ONE YEAR (for a maximum of 25 email addresses), including bringing your dot-zm domain registration up to date. Click here to contact us by email now.

We now offer dot-zm domain registrations

25 April 2020 01:56:29 +0000

As some of you are aware, we have been pursuing accreditation with ZICTA so that we can register and manage dot-zm domains. In order to accomplish this we partnered with registered ISP Preworx, and our application was recently approved.

This will be particularly good news for those of you who have dot-zm domains registered with a certain registrar who suspends and deletes domains without notice and without billing registrants, as happened most recently in February and will undoubtedly happen again in the future.

We have already transferred those domain registrations for which we are responsible. At the same time we have corrected the registration information for these domains to ensure they are registered by the correct organisations, and are using current contact information.

While we have not recommended dot-zm domains in the past for both technical and administrative reasons, the technical reasons were addressed by ZICTA within the last few years. The administrative reasons are primarily related to poor management by registrars, such as the aforementioned registrar that suspends domains without notice and without issuing invoices. This, as all NinerNet clients know, is not how we conduct business.

Also in the past we have not been able to offer any assistance — only advice — when clients had issues with their dot-zm registrations and registrars. Now, for those clients who have dot-zm domains, if you transfer your dot-zm registration to NinerNet/Preworx, you will be assured of the same service and attention to detail that you are used to with your hosting and other domain registrations. In fact, while it is ultimately your choice whether or not you transfer your dot-zm domain under the management of NinerNet/Preworx, we do strongly recommend that you do.

If you have an existing non-dot-zm domain that includes the word “Zambia” or “Africa” — e.g., company-zambia.com or company.africa — and would like to consider registering a dot-zm instead or as well, please contact us to advise us and we’ll respond with options for you. Your options include:

  • .ac.zm: Academic institutions
  • .biz.zm: Businesses
  • .co.zm: Commercial entities
  • .com.zm: Commercial entities
  • .edu.zm: Academic institutions
  • .gov.zm: Government
  • .info.zm: Information
  • .mil.zm: Military
  • .net.zm: Networks
  • .org.zm: Non-commercial organizations
  • .sch.zm: Schools

Of course, some of the above are restricted.

Pricing has been another reason that dot-zm domains have not been popular. To be frank, we don’t have any firm commitment from ZICTA on our pricing yet. We’d love to be able to say that we know what price we will be charging for domains next year and five years from now, but we can’t. However, as part of our application we did commit to pricing “in line with industry standards for most TLDs.” What this means for now is that we intend to charge the same price for a dot-zm domain that we currently charge for a dot-com, which is K351.50. Actually, considering we’re not paying for dot-zm domain registrations in forex, we’ll peg that at K350 per year unless and until ZICTA makes any significant change to their pricing model.

Even better is that — subject to ZICTA’s pricing — we will charge only half that, K175 for a year, for all transferred and new domains for the rest of 2020. This applies to all existing clients, and any new clients. And remember, we pay a 10% bounty for new clients — to both the referring client and the new client — based on the new client’s spending with us for their first six months.

Please contact us to transfer your existing dot-zm domain (if you have one), or register a new one. Thank-you.

Change of domain registrar

28 June 2018 06:39:22 +0000

Over the next year, starting today, we will be migrating all domain registrations under our management to a different domain registrar. For the most part these migrations will take place as the domains are renewed.

To be clear about NinerNet‘s position in the domain ecosystem, we are a reseller of domain registrations, reselling domains registered with domain name registrars, who in turn register domains from domain name registries. For the last seventeen years we have been a reseller for OpenSRS, a subsidiary of Tucows; going forward we will be a reseller for RRPproxy, a subsidiary of Key-Systems, a member of the KeyDrive Group.

Automated emails about your domains will continue to be sent from the same email address we’ve been using for years: domainsupport on the niner.net domain. You will notice a change in the format and language used in these emails. At least initially, links in those emails — such as those requesting you to validate your email address — will be on domains controlled by RRPproxy; however, we will work on using the niner.net domain at some point in the future, but we don’t have a timetable for that yet. The domain used in links in the email address validation emails that you may receive after your domain is transferred is currently emailverification.info. (See update below.)

Unless otherwise notified, you will continue to manage your domain registration through the interface at manage.niner.net. Within the next six months the interface at that address will change.

We are looking forward to an improved experience for all clients (except those using dot-zm domains, of course) as a result of this move. If you have any questions or concerns, please let us know. As always, if you are concerned about the legitimacy of an email you’ve received that pertains to your domain or hosting account with us, please forward it to us and we will advise you accordingly.

Thank-you for your business.


Update, 2018-06-29: Please note that, despite our best efforts, the transfer confirmation emails you will receive from our current registrar are sent from two different email addresses not on the niner.net domain: noreply@opensrs.email and transfers@opensrs.org. The inability of OpenSRS to consistently use our domain in messaging over the years (or even just one of their own domains) is a significant symptom of the problems that have led us to make this decision to move. Our apologies for the confusion.

Update, 2018-09-25: Links in the “Request for email address validation” emails are now on the niner.net domain.

Digital Matrixx customer notice

7 July 2016 00:46:15 +0000

It has come to our attention that customers of Digital Matrixx, formerly of Abbotsford, BC, appear to have been abandoned. If this describes your situation, NinerNet Communications may in some cases be able to help you.

Unfortunately it appears that the domains of many of Digital Matrixx’s customers were actually registered in the name of Digital Matrixx, rather than the names of their rightful owners. This was not necessarily the result of malice, but probably expediency and a lack of foresight or knowledge on the part of Digital Matrixx. (To compare, that would be like your real estate agent registering your new house in his or her name “because it’s easier.”) However, the result is that now the rightful owners of those domains have no control over them and cannot take the necessary action to get their domains back online again, or even renew them.

We do not have a list of customers or contact information for any of them, so if you are a former Digital Matrixx customer you need to take the initiative to contact us to see if we are in a position to be able to help you. (We do have a list of 179 domains that we may be able to assist with.) You can contact us at the same email address that Digital Matrixx used to use — info@thepostaloffice.com — or via one of the methods listed on our contact page. While we have not bought or acquired Digital Matrixx, we have acquired their former domain — thepostaloffice.com — through the normal domain expiry process. (The same applies to the domain they used to use for nameservers, securelinksserver.com.) Because many of the domains registered by Digital Matrixx use the info@thepostaloffice.com email address as an email contact, we can now in some cases help some rightful domain owners.

Please read the following information carefully.

What we can do for some former customers:

  • We can help some people regain control of their domain registrations.

What we cannot do for you:

  • We do not have any access to websites or email on any domains. In some cases we may be able to retrieve copies of websites from public caches, but this takes time and effort. We can determine the probability of success and give you a quote to make a copy based on our hourly rate. We can also refer you to web designers or make recommendations for economical options.

What we require:

  • To assist anyone to regain control of their domain we require scanned or high-resolution photographed copies of documentation to connect you to the domain. This could include at least two items from the following non-exhaustive list:
    • business licence (municipal),
    • business registration (federal or provincial),
    • an invoice from Digital Matrixx or the owner of the company, or
    • a cancelled cheque or some form of proof of payment to Digital Matrixx or the owner of the company.
  • If we are able to assist you to regain control of your domain, we will require you to transfer the registration to a new NinerNet domain registration account. (We have no way to give you access to the account where it is currently located.) This will require you to agree to a standard registration agreement, which you will be presented during the process to effect a registrar transfer of your domain. Following this transfer your domain registration period will be extended one further year (or more as described below) beyond its current expiry date, and the contact information will be changed from that of Digital Matrixx to the contact information of your choice.
  • In order to enter the contact information of your choice, you’ll need to send it to us: registrant company, registrant contact name, registrant mailing address, registrant email address, and registrant phone number. Per the registration agreement, this information all needs to be valid. Once we have that information from you we will send you an invoice based on our current domain renewal rates for the renewal period of your choice (up to ten years). On payment of the invoice we will initiate the registrar transfer, which will usually complete within a week of all of the steps being completed by you. Once that completes we will send you the log-in information for your domain registration account. Also per the registration agreement and as dictated by ICANN, you will not be able to transfer your domain registration to another registrar for 60 days; however, after that 60 days you are free to manage your domain as you see fit.
  • You can, however, set new nameservers immediately so that you can set up new hosting for your domain or redirect it to another domain. You are not obligated to host your website and/or email with NinerNet, but we’ve been in the hosting business for twenty years and seen companies like Digital Matrixx come and go. Our hosting rates are available on our website and we are very willing and able to answer your questions and give you advice on how to proceed.

We look forward to being able to assist you, as we have done already for some former Digital Matrixx customers.

iDNS Canada: Another year, another domain scam

9 January 2016 23:24:31 +0000
iDNS Canada domain name expiration notice.

iDNS Canada domain name expiration notice

Looking very much like the “invoices” sent out years ago by the heavily-fined (and, at various times, suspended by both ICANN and CIRA) so-called Domain Registry of Canada (also known as Internet Registry of Canada, Domain Registry of America, Domain Registry of Europe, NameJuice.com, Brandon Gray Internet Services Inc. and many more), the “not a bill” “domain name expiration notice” received by NinerNet Communications recently reminds us that some people only know how to do business dishonestly — or at the very least on the fringes of legality.

Although it could have been copied, the notice received by us from “iDNS Canada” is almost identical to those of the Domain Registry of America sent out in previous years, and the maple leaf used in the iDNS Canada logo is indeed identical to that used by the Domain Registry of Canada in previous notices.

Let’s analyse a few aspects of this friendly and helpful “domain name expiration notice”:

  • Their website domain on their notice is idns.as, the dot-as country-code top-level domain (ccTLD) being registered to American Samoa, a south Pacific island nation. Trying to load the website at that address results in a redirection to idns.to, the dot-to ccTLD being registered to Tonga, another south Pacific island nation. I suspect they didn’t register a dot-ca domain because they’re not flavour of the month down at CIRA headquarters (assuming a connection, which is not much of a stretch), and might have had their domain suspended in short order had they registered a dot-ca.
  • The footer of their website claims that they are “Internet Domain Name Services Inc.” — a name also used on the return envelope in which you’re supposed to send your cheque (or credit card number) and payment stub. Their contact page (when loaded from a computer in Canada) offers the same box number address in Toronto, Ontario, Canada that is on their notice (delivered to our Canadian address; more on that in a moment), which is located in Bridlewood Mall, where there is a Canada Post outlet hosted by Shoppers Drug Mart offering post office boxes.
  • If you load their contact page from a computer located in the United States (or the United Kingdom, actually), the contact page offers a suite number address at 924 Bergen Avenue in Jersey City, New Jersey, United States of America. A quick check shows this to be a UPS Store, so the “suite number” is also actually a mail box number.
  • On their contact page is an email address on the idnsinc.net domain, which is registered to the same company at the same box number in Jersey City in the US.

There are three notable things about this notice:

  • First of all, the notice refers to ninernet.com, a secondary domain that we use but which is registered to our US address. However, it was sent to our primary Canadian address, which is also on the same contact page on our website as our US and Zambian addresses.
  • As with the almost identical Domain Registry of Canada and Domain Registry of America phoney invoices, the “notice” from iDNS Canada makes reference to another “available” domain (in this case ninernet.BIZ) and invites us to send in payment to register it. However, ninernet.biz is not available; it has been registered by us since 2010. There is no indication on the notice what would happen to this extra money if we decided to send it in to register this additional unavailable domain.
  • Finally, while similar such “notices” in the past have included fine print that authorises the sender to transfer the registration of the domain from under the management of the existing registrar to management by the sender of the so-called solicitation (a process referred to as “domain slamming“), this one doesn’t include any such fine print. In fact, there isn’t even any indication on the “notice” that sending money to iDNS Canada (aka Internet Domain Name Services Inc.) will obligate them to do anything, as they have no way to renew a domain that is not under their control!

So don’t send them money, as you’re almost certainly sending money into a black hole from which you will likely see no service and from which you will probably be unable to retrieve it!

As always, if you receive any kind of communication from a third-party (with whom you don’t already have an established and trusted relationship) about your domain — via postal mail, email, telephone, fax or even smoke signal — be suspicious, be wary. If you’re not sure whether or not it is legitimate, please contact us about it and we will be more than happy to take a look and advise you whether or not it is legitimate.


Delaying tactics by Network Solutions

21 January 2015 23:55:41 +0000

Businesses hate to lose customers, there’s no question of that. We hate to lose customers, there’s also no question of that. When a client tells us that they will be closing their account with us for one reason or another — it happens! — we’ll ask if there is anything we can do to keep their business. More often than not we’ll learn (often to our surprise) that the client is actually closing shop, and they’re not moving to another hosting provider — which is a bit of a relief (to us) in that we know they’re not leaving because of something we did, or something we didn’t do.

Sometimes, of course, the client is actually moving to a new hosting provider. As we’ve stated before, we do say that we’re sorry to see them go — and we mean it — and we ask if there’s anything we can do to keep their business, but if they’re committed then we back off. Importantly, we also don’t do anything to impede their progress into the sunset. In our opinion, that would be unprofessional, and we’d then deserve to lose that business. And given the number of clients that end up returning to us months or a year or two later, we’d be idiots to burn that bridge.

So it was interesting to learn today that Network Solutions (owned by Web.com) has apparently (at some point) implemented a three day waiting period if you ask for the “auth code” for a domain registered through them. (The authorisation code is required to effect a domain transfer from one registrar to another.) Now, it is our assertion that every domain name owner should ask for and make a note of the auth code for their domain as soon as it’s registered, and should also change it (if permitted by the registry) after a registrar transfer. (There is a long history of domain owners being caught flat-footed in times of crisis without this information.) But most of our incoming clients have not done that, and so now this client is being held hostage by Network Solutions for three days, waiting for the information — information they already own — that they need to effect the transfer they want to make. Network Solutions give the following reason, after a couple of screens of FUD-generating warnings of imminent Armageddon that are clearly designed to scare the domain owner into not obtaining the information to which they are entitled:

Your request for an Auth Code has been received and your information will be validated to ensure the security of your account. If your request is approved, you will receive your Auth Code by email in 3 days.

To cancel this request, please call one of our Customer Service Representatives at 1-800-779-4903.

Thank you.

Now, it’s all well and good that Network Solutions claims (or hides behind) the excuse of “[ensuring] the security of your account” (which is not surprising, considering they were responsible for one of the biggest screw ups in domain history when they allowed the fraudulent registrant transfer of a domain registered with them back when they held the monopoly on gTLD registrations), but this is clearly a delaying tactic to give the customer time to lose the will to transfer because now it’s just too much of a problem, too much effort, too complicated, too time-consuming … or whatever negative feeling develops in the mind of the domain owner as he or she spends three days mulling over (and perhaps having nightmares about) the things they read in the two screens of dire warnings before finally screwing up the courage to click the “yes, I really do want my auth code” button.

Shame on you, Network Solutions, for impeding the progress of this customer who has decided — as they’re free to do — to move their business to a competitor. But this is not surprising of a company that has a longer list of “controversies” listed in their Wikipedia article than most companies, along with those of their former parent company Verisign. They both also appear prominently in the “Domain name scams” article, as well as here on our own blog.

Domain contact information MUST be valid

15 January 2014 11:38:43 +0000

ICANN (the Internet Corporation for Assigned Names and Numbers) — the organisation in charge of all generic top-level domains (e.g., dot-com, dot-net, dot-org, etc., and the upcoming new gTLDs) — has introduced new rules that came into effect on 1 January.

The rule most likely to affect you at some point is the requirement for a valid email address associated with your domain. People generally register a new domain with a working email address, but over time that address may stop working for one reason or another. ICANN have taken steps to ensure that such a situation is not perpetuated.

Effective 1 January, if one of our automated emails to a contact address for your domain bounces, we are required to send you a verification email asking you to click a link in the email to confirm that your address does actually work. Of course, you’ll only receive that email if your email address has started working again in the meantime. Unfortunately, if you do not receive and act on the instructions in the verification email, we will have no choice but to suspend your domain, which will automatically happen fifteen (15) days after the first verification email is sent. If your domain is suspended, any services (email, websites, etc.) that rely on it will stop working until you respond and update the email address in your domain account. This is an ICANN rule applicable to all registrars and domain registrants, and we are contractually obligated to comply with it.

You may receive the same verification email when you register a new domain, when you transfer an existing domain into your domain account with NinerNet from another domain registrar, or when you change the contact information for your domain.

Please take this opportunity to log into your domain account (if your domain is registered with us) to check the contact information we have on record for your domain(s). If the contact email address you see there no longer works, exists or is no longer controlled by you, please update it immediately. (You will then receive a verification email, and you must follow the instructions in that email to complete the change to your contact details.) If you have multiple domains, you can update all of them at the same time. If you need the log-in information for your domain account sent to you, please advise us of that. Please note that your domain account is different and separate from your hosting account, and needs to be maintained separately by you. Thank-you for your understanding and cooperation.

If you have any questions, please contact support. Thank-you.

Phoney legal notice alert!

15 October 2010 05:19:54 +0000

“Domain Support Group” and “VeriSign”

6 June 2002 (original posting date on NinerNet website)

On Tuesday and Wednesday mornings we received faxes from a company calling itself “Domain Support Group”, located in New York, USA. These faxes are designed to look like legal notices, with much quoting of legal tracts and the dropping of legal phrases often quoted in the news these days such as “intellectual property”, “bad faith”, “dilution of trademark”, “Uniform Domain-Name Dispute-Resolution Policy”, “complainant”, “false descriptions”, “in accordance with the United States legal code”, etc. They also contain an official-looking account number and the warning; “You are required to advise the notification processor of your intent to license this domain on or before the expiration of this notice.”

These notices are designed to scare you into registering a dot-us domain (at an unspecified price) that may be similar to a domain that you already own. We called these people in response to the faxes we received but, once they realised we were onto their game, they were not very forthcoming with information. Through other sources we have determined that they are trying to charge several hundred dollars for a domain (which makes sense considering the legalese in the notice), something you can buy from most domain registrars (including NinerNet) for about $25.

The first notice you may receive is titled “URGENT NOTICE OF DOMAIN EXTENSION”, and it gives you 24 hours to respond. The notice you will receive 24 hours later is titled “FINAL NOTICE”. Both notices are addressed to the attention of the “Business owner or manager”.

Please ignore both of these notices. If you do receive a notice from these people and you feel so inclined, you might consider reporting this to the Federal Trade Commission (FTC) in the United States and/or your local authorities if you are not located in the US.

It has also come to our attention that the same company even cold calls domain owners, trying to get them to renew, register or transfer domains (in TLDs other than dot-us as well) — all you have to do is give them your credit card number!

This is yet another example of the sleazy practices that are being used to try and get people to register or transfer domains without full disclosure of the possible consequences. In January we warned you about the so-called Domain Registry of Canada — today we received yet another of their phony invoices. (You can refresh your memory about that scam on our site.)

Yet another example was stopped by the American courts recently, this one perpetrated by the company that wants you to trust them — VeriSign (formerly trading in the domain business as Network Solutions), whose slogan is “The Value of Trust”. They sent out some intimidating notices, even to their own existing clients, threatening them with dire consequences if they did not renew with or transfer their domain to VeriSign.

If you receive any notice via e-mail, fax or postal mail (or even smoke signal for that matter), no matter how official or legal it looks, please take a moment to review it to see if it is legitimate. If you have any doubt, we would be more than happy to look at it for you. In the confusing world of the competitive domain-registration business, it can be very easy to forget who you chose to handle the registration of your domain last year (or beyond). These companies are counting on you to forget.

To read this notice on our site and see copies of notices received from both VeriSign and the “Domain Support Group”, please see www.niner.net/dsg.html. As usual, thanks very much for your time.

Scanned images of “Domain Support Group” and VeriSign notices:

Phoney invoice alert!

14 October 2010 20:00:52 +0000

“Domain Registry of Canada” and “Internet Registry of Canada”

5 January 2002 (original posting date on NinerNet website)

Once again we find it necessary to issue a warning about realistic-looking “invoices” for domain renewals. We brought this up in July last year, and the same company is attempting the same thing under a different name. What was called the “Internet Registry of Canada” is now attempting to scare you into renewing your domains with them under the name of “Domain Registry of Canada” (noted on the “invoice” as “a registered business style of 1446513 Ontario Limited”).

When we brought this to your attention last year, one of the three major complaints levelled by the likes of the Royal Canadian Mounted Police and the Canadian government’s Competition Bureau was that the “invoices” looked too much like they were issued by a Canadian government department. The new “invoices” are almost identical, although the Canadian flag has been replaced with a bigger maple leaf. (See the end of this message for links to bulletins issued by the RCMP and the Competition Bureau, a link to scans of an “invoice”, and a textual description of the “invoice”.)

The second major complaint was, as implied above, that these solicitations looked too much like an official invoice from an existing supplier, and that an unsuspecting employee or even business owner might pay the “invoice” resulting in unintended consequences (including your Web site and e-mail going down). This has not changed — the solicitations still look like invoices.

Third was the strong language used, implying that you were in imminent jeopardy of losing your domain if you did not act immediately and send payment to the soliciting company. Again, this has not changed, although the language has been moderated slightly and, buried amongst the other promotional text, is a statement that the invoice-like solicitation “is not an invoice” but rather an “easy means of payment” should you be fooled. However, as with the previous scam, the “invoice” states that your “current domain name must be renewed” (emphasis is on the “invoice”).

As before, one of the goals of these “invoices” is to get you to transfer your domain from your current registrar to the “Domain Registry of Canada”. Another goal is to convince you to needlessly register numerous variations of your domain, potentially quadrupling your annual domain fees. Space is provided for your credit card number should you choose to actually send such sensitive information to a company with such questionable business practices.

Although this company is seeking to have you transfer your domain to them, the very fine print (requiring a magnifying glass and strong light to read) on the back of the “invoice” states that “you agree to provide written, signed authorization to DRoC for the transfer of the domain name to another registrar and agree to pay any and all fees that may be charged by DRoC to effect the transfer.” This policy is clearly designed to make it easy for you to transfer your domain to them from your current registrar, but very difficult to transfer back to your chosen registrar and away from “Domain Registry of Canada” once you realise that you have been scammed. Such a policy is known as “domain hijacking”, and there other examples of this unethical practice — please see the links at the bottom. This policy also goes against international agreements governed by the Internet Corporation for Assigned Names and Numbers (ICANN), to which “Domain Registry of Canada” is either directly or indirectly a party.

A similar scheme was practised by some unscrupulous companies back when the long-distance telephone market was deregulated in both Canada and the United States. It had a very descriptive term — “slamming”. If I remember correctly, the process involved the victim endorsing a low-value cheque payable to the victim from the new long-distance company, with the fine print stating that you wished to switch from your current long-distance carrier to the new one. This practise was outlawed, but regulators have been playing catch-up with the Internet since day one.

So how do you know if an invoice you received is genuine, and how do you find out when your domain really expires? Because domains are renewed on an annual (or longer) basis and we are all used to receiving monthly invoices to remind us to pay for services, it’s easy to forget the answers to both of those questions. It has even happened to Microsoft, believe it or not, when they forgot to renew microsoft.com. The best way to find out is to go to a reputable domain registrar, or the site of the single registration authority (from which registrars get their authority) for your top-level domain (TLD). In the case of Register.com, just use the form on their home page to check your domain. Since your domain is “taken” (by you, of course), you can click on the link on the page displaying the results of your search, and you will see a new page detailing (among other things) who your current registrar is and when your domain expires. If your domain really is about to expire, you can then go to your registrar’s home page and use their Web site to renew your domain. If all else fails, please contact us if you are not sure and we will decisively determine when your domain expires, who your registrar is, and who you should be paying.

As an aside, NinerNet Communications recently started accepting domain registrations. While we still think that Register.com is one of the best registrars out there (and certainly far superior to the likes of Network Solutions / Verisign), we would be happy and honoured to accept new domain registrations, renewals and transfers. Since this is a new service, we don’t yet have an automated system in place. Please contact us for the details.

Finally, here is a description of an official-looking “invoice” sent out by the “Domain Registry of Canada”. It arrives in a #10, plain, brown window envelope with a red maple leaf in the top, left-hand corner and the words “Domain Registry of Canada” to the right of the maple leaf. A similar layout is reproduced at the top of the actual “invoice”, which is printed on white paper using black and red ink. It refers to a domain that is probably registered to you and warns you that you risk “loss of your online identity” and that your “current domain name must be renewed” (emphasis is on the “invoice”). It then suggests several possible renewal periods for your existing domain (up to five years) and then suggests several other similar domains that you should register. Payment is accepted by cheque or credit card and is requested to be sent to a post office box in Thornhill, Ontario, Canada. A white return envelope (requiring postage) is included, completing the invoice-like package.

Sorry this was so long, but we felt that this was important enough to warrant a full explanation. If you have any questions or concerns, please let us know.

Here are some links pertinent to this scam:

Scanned images of an “invoice” package:

NinerNet home page

Subscriptions:

RSS icon. RSS

General Information:

This is the corporate blog of NinerNet Communications. It's where we post announcements, inform and educate our clients, and discuss issues related to the Internet (web and email) hosting business and all it entails. This includes concomitant industries and activities such as domain registration, SSL/TLS certificates, online back-up, virtual private servers (VPS), cloud hosting, etc. Please visit our main website for more information about us.

Search:

 

Recent Posts:

Archives:

Categories:

Tags:

accounts receivable apple billing branding cira contact information domain registration domain registry of canada domain renewals domains domain sales dot-ca domains dot-zm domains down time droc email encryption facebook google happy hosting customers hosting transfer icann invoices iphone kwacha maintenance paying your bill paying your invoice quarterly kwacha rate review rates registrar transfers reputation scams search engine optimisation search engine optimization security seo service hours spam ssl ssl/tls support transparency wordpress zamnet

Resources:

On NinerNet: