Latest news of the domain name industry

Recent Posts

India’s biggest bank switches to dot-brand

Kevin Murphy, February 22, 2017, Domain Registries

State Bank of India has announced plans to migrate all of its web sites to its new dot-brand gTLD.

The company has been responsible for .sbi since it was delegated by ICANN last April, but bank.sbi is its first live domain name.

Currently, while bank.sbi is live and resolving, the old domain sbi.co.in appears to still be its primary address.

However, SBI said “all of the bank’s internet presence… shall soon be migrated to the .sbi gTLD”.

There will be a period of crossover while customers get used to the change, it said in a press release.

The bank said: “a gTLD site like .sbi conveys an assurance to the customer that the site is authorised, genuine and is not an inappropriate or phishing site”.

The move is perhaps significant given that SBI is state-owned, and one might expect some level of nationalism when it comes to domain choice.

But SBI, India’s largest bank with $490 billion in assets under management, is not the first bank to say it plans to use its dot-brand as its primary TLD.

BNP Paribas, the world’s biggest non-Chinese bank, uses .bnpparibas for almost everything, particularly in its native France. It has three domains in the Alexa top 100,000 most-visited web sites.

Others with dot-brands in use include Barclays and Citi.

Activist investor says eNom was sold too cheap

Kevin Murphy, February 20, 2017, Domain Registries

J Carlo Cannell, the activist investor who has been circling Rightside for the last year or so, was unimpressed with the company’s recent sale of eNom to Tucows.

In a letter published as a Securities and Exchange Commission filing last week, Cannell announced that he has started up a support group for fellow “concerned” investors.

In the distinctly loveless Valentine’s Day missive, Cannell called for Rightside to be acquired, go private or issue a big dividend to investors, and said he intends to campaign to have the board of directors replaced.

On the eNom sale, Cannell wrote that the $76.7 million deal “marks a step in the right direction” for the company, but that he was “not satisfied” with the price or the $4 million legal fees accrued. He wrote:

Conversations with management suggest that the Company took only two months to evaluate and close the transaction. Perhaps if they had been more patient and diligent, shareholders would have enjoyed more than the 0.5x 2016 revenues which they received in this “shotgun sale”.

This price was a fraction of Tucows’ own valuation of 2.6x 2016 estimated revenue. For the two trading sessions following the eNom transaction, NAME traded up 10% while TCX was up 32%, suggesting that investors believe it was a better deal for TCX shareholders than NAME shareholders.

The deal was described at the time by Tucows’ CEO Elliot Noss as an “individual opportunistic transaction”.

Noss later told analysts that the eNom business was floundering, “a flat, potentially even slightly negative-growth business”.

Cannell said last week he has formed Save NAME Group, named after Rightside’s ticker symbol, as a means to exert pressure on the board.

He said it is currently “difficult to justify” the company remaining publicly listed, and that the “sale of the entire company” or a “special and substantial dividend” could help appease shareholders.

He said Rightside agreed last August to let him name a new director, but has dragged its feet approving his suggestion, adding:

SNG intends to become more active and vocal in its efforts to force change at NAME. SNG has compiled a slate of qualified candidates. The names and identity of these candidates shall be disclosed periodically together with other neutral and reliable facts to support the contention of SNG that some or all of the board of NAME needs to be replaced.

Cannell, who owns about 9% of Rightside, first emerged as a critic of the company a year ago.

At that time, he called for the company to ditch its “garbage” new gTLD registries in favor of a focus on its higher-margin eNom business.

He was supported by Uniregistry CEO Frank Schilling, then also a Rightside investor in addition to a competitor.

Phishing in new gTLDs up 1,000% but .com still the worst

Kevin Murphy, February 20, 2017, Domain Registries

The .com domain is still the runaway leader TLD for phishing, with new gTLDs still being used for a tiny minority of attacks, according to new research.

.com domains accounted for 51% of all phishing in 2016, despite only having 48% of the domains in the “general population”, according to the 2017 Phishing Trends & Intelligence Report
from security outfit PhishLabs.

But new gTLDs accounted for just 2% of attacks, despite separate research showing they have about 8% of the market.

New gTLDs saw a 1,000% increase in attacks on 2015, the report states.

The statistics are based on PhishLabs’ analysis of nearly one million phishing sites discovered over the course of the year and include domains that have been compromised, rather than registered, by attackers.

The company said:

Although the .COM top-level domain (TLD) was associated with more than half of all phishing sites in 2016, new generic TLDs are becoming a more popular option for phishing because they are low cost and can be used to create convincing phishing domains.

There are a few reasons new gTLDs are gaining traction in the phishing ecosystem. For one, some new gTLDs are incredibly cheap to register and may be an inexpensive option for phishers who want to have more control over their infrastructure than they would with a compromised website. Secondly, phishers can use some of the newly developed gTLDs to create websites that appear to be more legitimate to potential victims.

Indeed, the cheapest new gTLDs are among the worst for phishing — .top, .xyz, .online, .club, .website, .link, .space, .site, .win and .support — according to the report.

But the numbers show that new gTLDs are significantly under-represented in phishing attacks.

According to separate research from CENTR, there were 309.4 million domains in existence at the end of 2016, of which about 25 million (8%) were new gTLDs.

Yet PhishLabs reports that new gTLD domains were used for only about 2% of attacks.

CENTR statistics have .com with a 40% share of the global domain market, with PhishLabs saying that .com is used in 51% of attacks.

The difference in the market share statistics between the two sets of research is likely due to the fact that CENTR excludes .tk from its numbers.

Again, because PhishLabs counts hacked sites — in fact it says the “vast majority” were hacked — we should probably exercise caution before attributing blame to registries.

But PhishLabs said in its report:

When we see a TLD that is over-represented among phishing sites compared to the general population, it may be an indication that it is more apt to being used by phishers to maliciously register domains for the purposes of hosting phishing content. Some TLDs that met these criteria in 2016 included .COM, .BR, .CL, .TK, .CF, .ML, and .VE.

By far the worst ccTLD for phishing was Brazil’s .br, with 6% of the total, according to the report.

Also notable were .uk, .ru, .au, .pl, and .in, each with about 2% of the total, PhishLabs said.

Belgium domains will be registered in Ireland after cloud move

Kevin Murphy, February 20, 2017, Domain Registries

DNS Belgium, operator of .be, has moved its shared registration systems to the cloud, the non-profit said last week.

The registry migrated from a self-hosted system to Amazon Web Services on February 11.

It’s an effort to cut costs, increase efficiency, and free up engineering time currently dedicated to non-core functions such as hardware maintenance, executives said.

“As AWS sees to the hardware, connectivity etc., DNS Belgium can focus on the layers above, such as the software,” general manager Philip Du Bois said in a press release.

Business development manager Lut Goedhuys said that while the system has been moved to the cloud, AWS allows customers to select the data centers where their applications will be stored.

DNS Belgium picked Ireland, she said.

Blah blah ICANN blah .africa blah delegated blah blah…

Kevin Murphy, February 15, 2017, Domain Registries

Today blah blah ZA Central Registry blah blah .africa blah delegated blah.

ICANN blah blah root blah. Blah blah ZACR blah nic.africa.

Blah blah five years blah blah contention blah lawsuit blah blah DotConnectAfrica blah. Blah blah Bekele blah IRP blah.

ICANN blah blah Governmental Advisory Committee blah blah blah African Union blah blah blah.

Blah blah Geographic Names Panel blah blah controversy blah blah blah blah lawsuit blah blah blah leg to stand on.

Blah racist blah blah conspiracy blah blah blah… nutty. Blah.

Blah reporting blah damned blah story blah forever blah blah bored blah blah blah blah.

Blah blah blah.