14,932
edits
Changes
Jump to navigation
Jump to search
Line 17:
Line 17: − + + + + + + + + + + +
→Common Scams
*respond to inquiries from the Registrar within 15 days, and keep the Registrar account data current; and
*respond to inquiries from the Registrar within 15 days, and keep the Registrar account data current; and
*keep the payment information current if the registrant chooses to have the domain name registration renew automatically.<ref>[https://www.icann.org/resources/pages/benefits-2013-09-16-en Registrant Rights and Responsibilities, Resources, ICANN]</ref>
*keep the payment information current if the registrant chooses to have the domain name registration renew automatically.<ref>[https://www.icann.org/resources/pages/benefits-2013-09-16-en Registrant Rights and Responsibilities, Resources, ICANN]</ref>
==WHOIS==
==WHOIS==
''Main Article: [[WHOIS]]''<br/>
''Main Article: [[WHOIS]]''<br/>
The registrant of any particular domain name can be accessed via WHOIS. This means that when registering a domain name, the registrant must provide contact details such as email, name, mailing address, and phone number for the registrant, the administrator, and the technology officer, which may or may not be the same person. Alternatively, some Registrars provide WHOIS privacy protection, which inserts generic Registrar contact details instead of registrant information, in exchange for a monthly fee.
The registrant of any particular domain name can be accessed via WHOIS. This means that when registering a domain name, the registrant must provide contact details such as email, name, mailing address, and phone number for the registrant, the administrator, and the technology officer, which may or may not be the same person. Alternatively, some Registrars provide WHOIS privacy protection, which inserts generic Registrar contact details instead of registrant information, in exchange for a monthly fee.
==Security==
===[[cybercrime|Common Scams]]===
*Impersonating ICANN or an ICANN-accredited registrar, and sending fake renewal emails in an attempt to collect a payment.
*Conducting [[phishing]] attacks that trick registrants into revealing login information to try and [[Domain Name Hijacking|take control of the domain]].
*Convincing you via fraudulent means to buy a domain name under a different top-level domain name at a higher price.<ref>[https://www.icann.org/en/system/files/files/help-keep-domain-name-secure-30sep20-en.pdf Domain Name Security, ICANN Org]</ref>
===[[Compromised Domain]]s===
A compromised website indicates that a [[Threat Actor]] has control over the website and is not the official registrant of the domain itself. A domain name that has been registered for a legitimate or benign purpose but whose website has been compromised will generally have:
* viewable content related to the domain name,
* been renewed or registered for longer than 1 year, and
* a content management system (like Wordpress) that is visible in the URL.<ref>[https://dnsabuseinstitute.org/best-practices-identification-mitigation-of-dns-abuse/ Best practices for Identifying and Mitigating DNS Abuse, DNS Abuse Institute]</ref>
==References==
==References==