I am looking for a domain name registrant. Where can I look it up?
The Whois is an easy-to-use tool for checking the availability of a .nl domain name. If the domain name is already taken, you can see who has registered it.
On the page looking up a domain name you will find more information about what a domain name is, how the Whois works and how the privacy of personal data is protected. Alternatively, you can go straight to look for a domain name via the Whois.
I would like to transfer my domain name to another registrar. What is the procedure?
To get your domain name transferred, you need the token (unique ID number) for your domain name. Your existing registrar has the token and is obliged to give it to you within five days, if you ask for it. The procedure for changing your registrar is described on the page transferring your domain name.
The details registered about me/my company are incorrect or out of date. How can I get them updated?
To update the contact details associated with your domain name, you need to contact your registrar. Read more about updating contact details.
Why is my domain name in quarantine?
When a domain name is cancelled, we aren't told the reason, so we can't tell you. You'll need to ask your registrar. The advantage of quarantine is that, if a name's cancelled by mistake, you can always get it back.
One common reason is that the contract between you and your registrar says you've got to renew the registration every year. If you haven't set up automatic renewal and you don't renew manually, the registration will expire.
Ik heb een klacht over mijn provider/registrar. Kan ik daarvoor bij SIDN terecht?
Wanneer je een klacht hebt over of een geschil met je registrar dan zijn er verschillende mogelijkheden om tot een oplossing te komen. Hierover lees je meer op pagina klacht over registrar. SIDN heeft geen formele klachtenprocedure voor het behandelen van een klacht over jouw registrar.
What conditions do I have to meet as a registrar?
Would you like to be able to register domain names for customers or for your own organisation by dealing directly with SIDN? If so, you can become a .nl registrar. Read more about the conditions and how to apply for registrar status on the page becoming a registrar.
Suppose you're looking for some new shoes or a designer bag. You find a webshop offering just what you want at a really good price. So you decide to grab yourself a bargain while you can. But your order never arrives. And, when you contact the shop, they simply don't reply. Sounds familiar? The chances are that the webshop you found was a fake one. Such sites offer the moon, but deliver shoddy counterfeit goods or nothing at all. For several years, SIDN Labs has been hunting out fake webshops. And now we've written an academic article describing our detection systems and what we've learnt about the way the scammers work.
SIDN Labs is committed to detecting fake webshops, because we want to prevent consumer fraud and thus maintain trust in .nl. Our article highlights the effectiveness of the detection systems we use: twenty thousand suspect domain names were identified between August 2017 and March 2019. It also describes two case studies that we worked on with a leading registrar and the credit card provider ICS Cards. During the two controlled studies, 4,455 fake webshops were taken down and the fraudsters' methods were analysed. We'll shortly be presenting the article at PAM2020, one of the top international conferences on internet measurements. In the meantime, we'd like to share some of the key findings by means of this blog.
Mass-production fraud
Most of the suspect domain names we identified were re-registrations (80 per cent). If a .nl domain name is dropped by its user, it can be re-registered by someone else after forty days. And about 60 per cent of flagged domains turned out to have been re-registered as soon as the forty days were up. Fake webshops also turn out to be very similar to one another, and are almost always having a sale. Another thing we found was that scammers like to use registrars that provide APIs for automated domain registration. Those characteristics all point to the existence of a production line of fake webshops. Scammers wait for useful domain names to become available; they then register them using scripts and automatically upload a largely standard webshop with a few customisations.
Disposable criminal resource
Genuine webshops are maintained with care and attention. It's rare, for example, for a webshop owner to drop the associated domain name. With fake webshops, things are very different: 80 per cent of registrations don't last a year. Fake webshops also tend to be littered with bad spelling and grammar. Our findings support the idea that scammers follow a scattergun approach, hoping that a wide spread of registrations will hit enough targets. By constantly registering more names, they are able to take the shutdown of a certain percentage in their stride. Webshops are disposable assets within a volume-based fraudulent business model.
Registries have ideal vantage point
For banks, brand protection providers, government agencies and others, fake webshops are hard to detect. The reason being that those stakeholders don't have an overview of the domain name park. By contrast, registries -- including SIDN, the registry for .nl -- know all the domain names in their zones and have access to registration data, in which patterns are sometimes detectable. That's exactly what the activities reported in our article involved: the extraction of patterns from information about known fake sites, and the use of those patterns to identify thousands more scams.
Made in China
One observed pattern involves the e-mail addresses linked to domain name registrations. Looking at the .nl zone as a whole, a high percentage of linked addresses have familiar endings, such as gmail.com. With fake webshops, however, the linked addresses were weighted towards e-mail providers popular in China, such as 163.com (25 per cent). Strikingly, many suspect domain names were registered during Chinese office hours. That's clear from Figure 1, where the bars represent suspect domain name registrations per hour of the day. Dutch time is shown at the top, and Beijing time at the bottom. Most fake webshops are hosted on a small number of networks. Curiously, however, not Chinese networks.
Figure 1: Timing of suspect domain name registrations.
Ongoing fight
Selling counterfeit goods is a lucrative activity and setting up fake webshops is easy. That's clear both from our research, and from information published by NOS and the Consumers' Association. We don't therefore expect the fake webshop problem to be resolved any time soon. So we'll go on using the unique position that we have as a registry to take the fight to the scammers. We'll also continue re-evaluating the relevance of the patterns we use to identify problem sites, on the assumption that fraudsters will always be looking for new ways of avoiding detection. Finally, we'll be making our expertise available to researchers and other TLD registries to help them tackle fake webshops within their DNS zones.
