This page is for the convenience
of students in Prof. Tim Richardson's e-commerce classes.
It contains a collection of info and links regarding all the marketing issues relevant to domain names.
page last updated 2010 Feb 19
|scams and problems||witiger.com/ecommerce/domainnamesscams.htm|
|domain name hacking||witiger.com/ecommerce/hackingexample.htm|
used in the following courses taught by Prof. Richardson
This page deals with
|Information on Registration
from NATIONAL INFRASTRUCTURE PROTECTION CENTER
"Internet users rely on names to access on-line resources, making the Domain Name Service (DNS) a vital part of the Internet, as we know it. The software package commonly used to provide DNS has been the target of numerous attacks, highlighting the importance of system administrators keeping current with patches and upgrades. "
"Most DNS installations do not incorporate strong authentication, making it possible for malicious parties to insert false directory data into the DNS hierarchy. If an intruder can manipulate an organization's DNS, the intruder could then maliciously divert on-line traffic; e.g., a user trying to access <www.nipc.gov> may be sent not to the real NIPC web site, but to a phony site with false information. DNS attacks can also be carried out for other malicious purposes, such as stealing data, harvesting account information, or denying Internet service."
|"Another security concern
lies in the domain name registration process. Central registrars maintain
listings of domain names, their owners, and the name servers that provide
DNS lookups. If an organization moves to a different Internet Service Provider
or makes changes to its servers, it may change its DNS settings. In many
cases, it does this by sending a simple e-mail request to the registrar
and then confirming the desired changes in a follow-up e-mail message.
a malicious third party can forge e-mail from an organization, the former
may be able to effect unauthorized changes in its domain name registration,
thereby mounting an effective denial-of-service attack. This vulnerability
was illustrated in an incident earlier this year  in which
a number of institutions found their domains hijacked. Early one weekend,
an unknown party forged e-mail messages to a domain name registrar
requesting that the domains of a number of universities, commercial enterprises,
and nonprofit associations be redirected to a New Jersey provider of online
services. The operator of the New Jersey site noticed the fraudulent domain
transfers and took corrective action. However, it took several days for
the erroneous DNS settings to be rectified. Some of the institutions
victimized in this attack experienced significant disruptions in Internet
connectivity. In response to this risk, some domain name registrars have
implemented optional authentication procedures for DNS modification requests.
Such requests are often required to be accompanied by a secret password
or digitally signed by the domain's registered owner."
for further details, go to
|During the 4th week of January 2006, Richardson was interviewed by Amy Sharaf of Ryerson's Independent Newspaper " The Eyeopener Online" www.theeyeopener.com about fake websites that have URLs spelled similar to a legit site, and used to divert traffic for companies that are paying for "click throughs"|
fake Ryerson website has surfaced.
Ryeson.ca is similar to Myryerson.ca, the page which prompted Ryerson authorities to send an e-mail of warning to students and staff in Dec 2005.
One of the Ryerson journalism students phoned Prof. Richardson to ask for advice and opinion.
Richardson was quoted as saying "These lead to links for companies that pay to get "click-throughs," which are "designed to drive traffic to another site and increase hits on a page," said University of Toronto e-commerce and internet marketing lecturer Tim Richardson. "For an institution like Ryerson, there's not a lot that can be done about it," he said. "Because that name is the name of an individual person that's been lent to the university, a word like Ryerson would be very difficult to control access to."
|While "parked pages" lead
to empty sites, active sites such as Ryeson.ca are also detested by search
engine people because they can clog up legitimate search engine rankings,
"When you go looking for something, if it's not on the first three pages, you try (your search) again with different words. "If you don't rank high on one of the first ones, you don't exist."
He added that speculation of which URLs may come to be in demand may cause people to scoop up potentially popular names. "People watch American Idol 3, they find the names of the four people that can do the semis and that night one person goes on Internet.com and buys trade names," Richardson said.
If names are taken, variations such as Ryeson.ca become the next best thing.
"Internet Registry Firm plays on People's Anxieties"
is the heading of an August 25th, 2000 article by Tyler Hamilton
Hamilton describes how some small and medium sized businesses are being scammed by companies contacting a firm and telling the firm that there is an attempt being made to register the same domain that they presently own, but with a different ending such as .org or .net.
|Hamilton explains that "
... the owners of Aufgang Travel, a Bathurst St. travel agency,
received an unsolicited fax that read ``urgent notice.'' The fax was very
official-looking. It was authoritative and a bit intimidating. And it explained
in legal-like jargon that somebody was attempting to register the domain
name http://www.aufgangtravel.net - a variation of the ``.com'' address
that Rodach and Aufgang had registered in February. The company that
sent the fax - Electronic Domain Name Monitoring (EDNM), a division of
Toronto-based NDNRegistry - gave Aufgang Travel ``first-right-to-use''
to register the ``.net'' name. It also offered to register the name
on Rodach's and Aufgang's behalf for $70. Was somebody else actually
going after the ``.net'' version? It wasn't immediately clear,
though it's always possible that it was being hijacked by a cybersquatter
looking for a substantial ransom, a scenario outlined in the fax...
What was clear is that Rodach and Aufgang didn't feel comfortable with
what seemed like an overly aggressive marketing tactic. ``My
gut said right away that it was a scam, but I wasn't sure,'' says Rodach,
explaining that he found it odd that, of all the names in the world to
register, somebody would try to go after a unique local Web address based
on a not-so-popular family name. .. ``It plays on people's anxieties,''
says Brian O'Shaughnessy, a spokesperson for Network Solutions Inc. of
Herndon, Va. ``I've seen it before, and it's the price you're going
to pay for having an open domain name system.'' ... Network Solutions used
to have a monopoly over the registration of Web addresses ending in .com,
.net and .org, but the U.S. government decided in 1998 to open up the
market. Since then, hundreds of registrars have entered the market with
their own creative ways to drum up business. ..NDNRegistry isn't doing
anything illegal, says Detective Walter Turczyn of the Toronto police
fraud squad. "
The original story by Hamilton
"Domain Name Registration Scheme - or Scam" is the title of
Ken Campbell's Sept 21st, 2000 piece written for the section of the Toronto Star called Fast Forward
Campbell, like Hamilton,
tells the story of a Toronto company that received a fax urging them to
reply quickly because someone was trying to register an identical domain
name with the .net or .org ending. The company that writers Campbell and
Hamilton discovered, which is carrying out this questionable activity,
is EDNM which calls itself Electronic Domain Name Monitoring and lists
two offices in Atlanta and Toronto. Both Campbell and Hamilton got unsatisfactory
responses when they tried to contact EDNM to obtain their side of the story.
|Larry Chase advises that if another firm challenges your right to a domain name, the InterNICinforms you that you've got 30 days to vacate the domain while the dispute is settled. .. In order to prevent this you may want to protect yourself by trademarking the letters and words that make up your domain name and matching them to your publically known corporate phrases, slogans and mottos.|
DOMAIN NAME DISPUTE RESOLUTION POLICY
originally from http://www.netsol.com/rs/dispute-policy.html
(i) your domain name is identical or confusingly similar to a
|Canadians take a leading
role in domain name disputes
Citing our military role as international peacekeepers, a story in ComputerWorld Canada in May, 2000 noted a Montreal company, named eResolution, backed by ICANN (Internet Corporation for Assignment Names and Numbers), is in a position to handle the full adversarial proceedings from initial complaint filing to the arbitration stage and transfer of evidence.
"eResolution plays the role of court clerk, registering complaints, handling evidence, transmitting case documents to the decision makers, and communicating any judgement to the applicable parties"
eResolution's press release
Some people are going to extraordinary lengths to legally and illegally obtain rights to certain domain names. There have been a number of stories of people registering domain names with false identification. A June 7th 2000 story written by Vito Pilieci in the The Financial Post told the situation of Internet.com finding that their domain had been stolen! Apparently someone had hacked into the Network Solutions computer and changed the files identifying the ownership of the domain "Internet.com".
|Mazzaher J. in BCS 555 in
Sept 2003 found a good article online from www.tipz.net/cybersquating.htm
explains the circumstance of "Cybersquatting" -something which often leads
to domain name disputes.
"Cybersquatting is the purchase of a domain name in bad faith. Usually this is done with the intention of reselling that domain name back to the legal copyright holder, although sometimes there are other reasons. This is considered a violation of the trademark laws. An example of cybersquatting would be if someone purchased the domain name "mcdonalds.ws" and then proceeded to attempt to sell it back to McDonalds. It would also be considered a violation of the law if the purchaser put up a web site describing how bad McDonald's food was or commenting on the service. Cybersquatting was made illegal by the passage of a federal law [in the U.S.] in 1999 known as the Anti-Cybersquatting Consumer Protection Act. The law became necessary because numerous large companies were forced to pay large sums to buy their domain names from third parties. "
Permission to quote / link, came from Richard Lowe Dec 2004
problem with enforcing laws about cybersquatting:
|Laws only work in the regions
in which they can be enforced. eg. If you do something bad in Texas, you
are only going to be arrested by the Texas State Troopers in Texas, if
you escape to Argentina ....!
So, governments can pass a law about cybersquatting but it is difficult to enforce. If a person in Asia bought www.mcdonalds.tn from a domain registrar in the Caribbean and had it hosted by service in Europe, how could American's enforce a law about cybersquatting??
Internet law is not the same as laws about murder, or child exploitation. In the case of serious violent crimes, most countries have extradition treaties that cover such circumstances. Extradition for internet crimes is very very rare.
The other problem with enforcing a law is the problem of identifying the criminal - there are many ways to buy and own a domain name without providing detailed personal contact information. As long as you pay the fees, most domain registrars don't care - therefore it would be difficult for the authorities to track you down.
||CONTACT I MAIN PAGE I NEWS GALLERY I E-BIZ SHORTCUTS I INT'L BIZ SHORTCUTS I MKTG&BUSINESS SHORTCUTS I TEACHING SCHEDULE|
|MISTAKES I TEXTS USED I IMAGES I RANK I DISCLAIMER I STUDENT CONTRIBUTORS I FORMER STUDENTS I|