Latest news of the domain name industry

Recent Posts

ICANN plays tough over Amazon dot-brands

Kevin Murphy, March 12, 2019, Domain Policy

ICANN has given Amazon and the governments of the Amazon Cooperation Treaty Organization less than a month to sort out their long-running dispute over the .amazon gTLD.

The organization’s board of directors voted on Sunday to give ACTO and the e-commerce leviathan until April 7 to get their shit together or risk not getting what they want.

But both parties are going to have to come to an agreement without ICANN’s help, with the board noting that it “does not think that any further facilitation efforts by ICANN org will be fruitful”.

Attempts by ICANN to meet with ACTO over the last several months have been agreed to and then cancelled by ACTO on at least two separate occasions.

The eight ACTO governments think the string “Amazon” more rightfully belongs to them, due to it being the English name for the rain forest region they share.

Amazon the company has promised to safeguard culturally sensitive terms in .amazon, to assist with future efforts to secure .amazonas or similar for the Amazonian peoples, and to donate services and devices to the nations concerned.

Now, the two parties are going to have to bilaterally decide whether this deal is enough, whether it should be sweetened or rejected outright.

If they can’t come to a deal by ICANN’s deadline (which could be extended if Amazon and ACTO both ask for more time), ICANN will base its decision on whether to approve .amazon based on how Amazon unilaterally proposes to address ACTO’s concerns.

While a rejection of the .amazon application is still on the table, my read is that this is a bigger win for Amazon than it is for ACTO.

Radix sees revenue up 30%

Kevin Murphy, March 12, 2019, Domain Registries

New gTLD registry Radix said today that its revenue increased by 30% in 2018, largely due to an end-of-year boost.

The company, which runs nine gTLDs including .online and .site, said that gross revenue was $16.95 million last year.

It added that net profit was up 45.6%, but the privately held company does not actually disclose the dollar value of its bottom line.

Radix said that the fourth quarter of the year, which presumably saw the benefits of Operation September Thrust, was its strongest quarter.

The company said that 27% of its revenue came from standard-price new registrations and 60% from renewals.

Its premiums brought in $1.9 million, 56% of which were premium renewals.

Donuts founder replaces Pitts as MMX’s premium guru

MMX has hired one of Donuts’ recently departed co-founders to market its premium domain name inventory, the company said today.

Dan Schindler, formerly Donuts’ executive VP, has been hired as a “special advisor”, tasked with “monetizing” premiums in the US and Europe.

He appears to be functionally replacing Victor Pitts, who was hired as director of premium sales two years ago. Pitts appears to have left the company in January.

MMX, which counts .vip, .law and .luxe among its stable of 32 gTLDs, expects to report premium sales for 2018 of around $2.3 million.

The company has also hired domain consultant Christa Taylor, founder and CEO of dottba, as its new chief marketing officer, a newly created position.

News of the appointments was released as MMX published another preliminary trading update ahead of its final 2018 financial results next month.

Here are some more nuggets from the announcement:

  • Total domain registrations so far in 2019 up 38% to 1.84 million compared to a year ago.
  • Billings up 129% year-on-year due to contributions from ICM Registry and a 40% increase in sales of .vip and .luxe domains in China.
  • ICM’s porn-themed domains are renewing at 91%.
  • Integration of .luxe into two more blockchain platforms — NameCoin and XAYA — is underway.

MMX expects to announce its full-year results April 3.

Phishing still on the decline, despite Whois privacy

Kevin Murphy, March 5, 2019, Domain Policy

The number of detected phishing attacks almost halved last year, despite the fact that new Whois privacy rules have made it cheaper for attackers to hide their identities.

There were 138,328 attacks in the fourth quarter of 2018, according to the Anti-Phishing Working Group, down from 151,014 in Q3, 233,040 in Q2, and 263,538 in Q1.

That’s a huge decline from the start of the year, which does not seem to have been slowed up by the introduction in May of the General Data Protection Regulation and ICANN’s Temp Spec, which together force the redaction of most personal data from public Whois records.

The findings could be used by privacy advocates to demonstrate that Whois redaction has not lead to an increase in cybercrime, as their opponents had predicted.

But the data may be slightly misleading.

APWG notes that it can only count the attacks it can find, and that phishers are becoming increasingly sophisticated in how they attempt to avoid detection. The group said in a press release:

There is growing concern that the decline may be due to under-detection. The detection and documentation of some phishing URLs has been complicated by phishers obfuscating phishing URLs with techniques such as Web-spider deflection schemes – and by employing multiple redirects in spam-based phishing campaigns, which take users (and automated detectors) from an email lure through multiple URLs on multiple domains before depositing the potential victim at the actual phishing site.

It also speculates that criminals once involved in phishing may have moved on to “more specialized and lucrative forms of e-crime”.

The Q4 report (pdf) also breaks down phishing attacks by TLD, though comparisons here are difficult because APWG doesn’t always release this data.

The group found .com to still have the most phishing domains — 2,098 of the 4,485 unique domains used in attacks, or about 47%. According to Verisign’s own data, .com only has 40% market share of total registered domains.

But new, 2012-round gTLDs had phishing levels below their market share — 4.95% of phishing on a 6.83% share. This is actually up compared to the 3% recorded by APWG in Q3 2017, the most recent available data I could find.

Only two of the top 20 most-abused TLDs were new gTLDs — .xyz and .online, which had just 70 attack domains between them. That’s good news for .xyz, which in its early days saw 10 times as much phishing abuse.

After .com, the most-abused TLD was .pw, the ccTLD for Palau run by Radix as an unrestricted pseudo-gTLD. It had 374 attack domains in Q4, APWG said.

Other ccTLDs with relatively high numbers included several African zones run as freebies by Freenom, as well as the United Kingdom’s .uk and Brazil’s .br.

Phishing is only one form of cybercrime, of course, and ICANN’s own data shows that when you take into account spam, new gTLDs are actually hugely over-represented.

According to ICANN’s inaugural Domain Abuse Activity Reporting report (pdf), which covers January, over half of cybercrime domains are in the new gTLDs.

That’s almost entirely due to spam. One in 10 of the threats ICANN analyzed were spam, as identified by the likes of SpamHaus and SURBL. DAAR does not include ccTLD data.

The takeaway here appears to be that spammers love new gTLDs, but phishers are far less keen.

ICANN did not break down which gTLDs were the biggest offenders, but it did say that 52% of threats found in new gTLDs were found in just 10 new gTLDs.

This reluctance to name and shame the worst offenders prompted one APWG director, former ICANN senior security technologist Dave Piscitello, to harshly criticize his former employer in a personal blog post last month.

Scottish registry dumps the pound over Brexit fears

The .scot gTLD registry has decided to dump the British pound as its currency of choice, due to fears over Brexit.

DotScot’s back-end, CORE, told registrars this week that it will start billing in euros from March 29.

The switch is being made due to “the expected volatility in currency exchange rates between GBP and other main currencies post-Brexit”.

March 29 is currently enshrined in UK law as the date we will formally leave the European Union, though the interminable political machinations at Westminster are making it appear decreasingly unlikely that this date could be extended.

CORE said that the prices for .scot registrations, renewals and transfers will be set at €1.14 for each £1 it currently charges. That’s the average exchange rate over the last 12 months, registrars were told.

.scot is a geographic gTLD, rather than a ccTLD, which was approved in ICANN’s 2012 application round. It has about 11,000 domains under management.

Its largest registrar, 1&1 Ionos (part of Germany’s United Internet), charges £40 a year.

Only 38% of Scots voted in favor of Brexit back in 2016, the lowest of any of the UK’s four nations, with no region of Scotland voting “Leave”.

Naturally, a great many Scots believe they’re being dragged out of the EU kicking and screaming by their ignorant, English-bastard neighbors. Which strikes me as a fair point.