Domain Security: A serious threat
Domain security is a serious concern here at Spark Rack. There are companies out there who’s main business goal is to steal your domain name from your current domain registrar and then “ransom” it back to you for an outrageous price. While these may sound like the ramblings of a crazed techie, this is actually true. And it’s not yet illegal because these companies continuously change their names before charges can be filed against them, or before the Better Business Bureau (BBB) can take action.
Most notably is a company by the name of iDNS or Internet Domain Name Services, Inc. Although they’ve had many names over the past 12 years, chances are if you have a domain name registered somewhere on the internet, and do not have private registration (as most domains do not), you’ve gotten an email or letter in the mail from this company stating that your domain name is expiring and is in need of being renewed. What they fail to tell you in these letters is who your domains current registrar is (if you purchased your domain with Spark Rack, it is SPARK RACK LIMITED.), and that if you renew using the service they are offering, it will give them (iDNS) the ability to take control of your domain and move it to their servers. Which if you hate your registrar, may sound appealing however they fail to explain is that you are essentially giving them complete access to your domain.
Spark Rack has many customers who use our private registration services (which is recommended for all of our customers). What this does is it takes all mail that is sent to you using your registration details, and it sends it to us. If the mail is legitimate, such as required paperwork, legal matters, etc., it gets forwarded to the address you have on file, or added to your account downloadables in our billing system. If it is illegitimate it gets put on file in our system, and the mailer is flagged as a nuisance sender, and we ignore all future correspondence. Take a look at a sample letter that iDNS sends out to domain holders and tell us if you can spot what makes this practice especially disgusting for those attempting to run a legitimate business.
First, you probably noticed that it looks like a bill, which if you are a small business owner, you might just pay the bill and move on with your day because lets face it, as business owners, you pay invoices on an almost daily basis. The second thing you might have noticed is the words “Domain Name Expiration Notice”, and Yes, while the expiration may match what your WHOIS search states it is. It does not mean it is a legitimate service.
If you continue to read the notice you’ll also encounter the following: “You must renew your domain name to retain exclusive rights to it on the Web, and now is the time to transfer and renew your name from your current Registrar to Internet Domain Name Services”. Simply what that’s saying is. “Transfer to us, and we’ll charge you triple what your already paying.”, Which if you are the type of person who wants to spend up to $180 just to get scammed. We won’t stop you. We wish you the best.
Further the notice states: “Privatization of Domain Registration and Renewals now allows the consumer the choice of Registrars when initially registering and also when renewing a domain name.”. Simply put, “You can move your domain anywhere you want”, which is not a lie, but it has been a widely known fact that you can do that for the last 10 years. If you decide tomorrow you don’t like GoDaddy, you can choose another hosting company and move your domain and hosting. Additionally if you don’t like Spark Rack, we might be doing something wrong, in which case, please let us know, we’ll make sure we right any wrongs.
Essentially what this appears to be, and is….is a attempt to harass small businesses and private owners into moving the domain name(s) they own away from a company they may already be well established with, to a company who…for a lack of better terminology, doesn’t give a damn about them and will ransom the domain if the customer attempts to switch away.
At Spark Rack alone, we host thousands of domain names, and each month we get a few hundred of these letters, either by US mail, or email. They are the equivalent to email spam, and should NOT be taken seriously. If you are a Spark Rack customer, and you have gotten one of these. Let us know. We’re working hard to ensure at least our customers, never have to see these fraudulent notices again.
If you have questions, please reach out to us. We’d love to hear from you on this subject.
