Latest news of the domain name industry

Recent Posts

Donuts founder replaces Pitts as MMX’s premium guru

MMX has hired one of Donuts’ recently departed co-founders to market its premium domain name inventory, the company said today.

Dan Schindler, formerly Donuts’ executive VP, has been hired as a “special advisor”, tasked with “monetizing” premiums in the US and Europe.

He appears to be functionally replacing Victor Pitts, who was hired as director of premium sales two years ago. Pitts appears to have left the company in January.

MMX, which counts .vip, .law and .luxe among its stable of 32 gTLDs, expects to report premium sales for 2018 of around $2.3 million.

The company has also hired domain consultant Christa Taylor, founder and CEO of dottba, as its new chief marketing officer, a newly created position.

News of the appointments was released as MMX published another preliminary trading update ahead of its final 2018 financial results next month.

Here are some more nuggets from the announcement:

  • Total domain registrations so far in 2019 up 38% to 1.84 million compared to a year ago.
  • Billings up 129% year-on-year due to contributions from ICM Registry and a 40% increase in sales of .vip and .luxe domains in China.
  • ICM’s porn-themed domains are renewing at 91%.
  • Integration of .luxe into two more blockchain platforms — NameCoin and XAYA — is underway.

MMX expects to announce its full-year results April 3.

Phishing still on the decline, despite Whois privacy

Kevin Murphy, March 5, 2019, Domain Policy

The number of detected phishing attacks almost halved last year, despite the fact that new Whois privacy rules have made it cheaper for attackers to hide their identities.

There were 138,328 attacks in the fourth quarter of 2018, according to the Anti-Phishing Working Group, down from 151,014 in Q3, 233,040 in Q2, and 263,538 in Q1.

That’s a huge decline from the start of the year, which does not seem to have been slowed up by the introduction in May of the General Data Protection Regulation and ICANN’s Temp Spec, which together force the redaction of most personal data from public Whois records.

The findings could be used by privacy advocates to demonstrate that Whois redaction has not lead to an increase in cybercrime, as their opponents had predicted.

But the data may be slightly misleading.

APWG notes that it can only count the attacks it can find, and that phishers are becoming increasingly sophisticated in how they attempt to avoid detection. The group said in a press release:

There is growing concern that the decline may be due to under-detection. The detection and documentation of some phishing URLs has been complicated by phishers obfuscating phishing URLs with techniques such as Web-spider deflection schemes – and by employing multiple redirects in spam-based phishing campaigns, which take users (and automated detectors) from an email lure through multiple URLs on multiple domains before depositing the potential victim at the actual phishing site.

It also speculates that criminals once involved in phishing may have moved on to “more specialized and lucrative forms of e-crime”.

The Q4 report (pdf) also breaks down phishing attacks by TLD, though comparisons here are difficult because APWG doesn’t always release this data.

The group found .com to still have the most phishing domains — 2,098 of the 4,485 unique domains used in attacks, or about 47%. According to Verisign’s own data, .com only has 40% market share of total registered domains.

But new, 2012-round gTLDs had phishing levels below their market share — 4.95% of phishing on a 6.83% share. This is actually up compared to the 3% recorded by APWG in Q3 2017, the most recent available data I could find.

Only two of the top 20 most-abused TLDs were new gTLDs — .xyz and .online, which had just 70 attack domains between them. That’s good news for .xyz, which in its early days saw 10 times as much phishing abuse.

After .com, the most-abused TLD was .pw, the ccTLD for Palau run by Radix as an unrestricted pseudo-gTLD. It had 374 attack domains in Q4, APWG said.

Other ccTLDs with relatively high numbers included several African zones run as freebies by Freenom, as well as the United Kingdom’s .uk and Brazil’s .br.

Phishing is only one form of cybercrime, of course, and ICANN’s own data shows that when you take into account spam, new gTLDs are actually hugely over-represented.

According to ICANN’s inaugural Domain Abuse Activity Reporting report (pdf), which covers January, over half of cybercrime domains are in the new gTLDs.

That’s almost entirely due to spam. One in 10 of the threats ICANN analyzed were spam, as identified by the likes of SpamHaus and SURBL. DAAR does not include ccTLD data.

The takeaway here appears to be that spammers love new gTLDs, but phishers are far less keen.

ICANN did not break down which gTLDs were the biggest offenders, but it did say that 52% of threats found in new gTLDs were found in just 10 new gTLDs.

This reluctance to name and shame the worst offenders prompted one APWG director, former ICANN senior security technologist Dave Piscitello, to harshly criticize his former employer in a personal blog post last month.

Scottish registry dumps the pound over Brexit fears

The .scot gTLD registry has decided to dump the British pound as its currency of choice, due to fears over Brexit.

DotScot’s back-end, CORE, told registrars this week that it will start billing in euros from March 29.

The switch is being made due to “the expected volatility in currency exchange rates between GBP and other main currencies post-Brexit”.

March 29 is currently enshrined in UK law as the date we will formally leave the European Union, though the interminable political machinations at Westminster are making it appear decreasingly unlikely that this date could be extended.

CORE said that the prices for .scot registrations, renewals and transfers will be set at €1.14 for each £1 it currently charges. That’s the average exchange rate over the last 12 months, registrars were told.

.scot is a geographic gTLD, rather than a ccTLD, which was approved in ICANN’s 2012 application round. It has about 11,000 domains under management.

Its largest registrar, 1&1 Ionos (part of Germany’s United Internet), charges £40 a year.

Only 38% of Scots voted in favor of Brexit back in 2016, the lowest of any of the UK’s four nations, with no region of Scotland voting “Leave”.

Naturally, a great many Scots believe they’re being dragged out of the EU kicking and screaming by their ignorant, English-bastard neighbors. Which strikes me as a fair point.

.film gTLD sees spike after dropping restrictions

Kevin Murphy, February 27, 2019, Domain Registries

The .film gTLD saw a small spike in registrations this week after dropping eligibility requirements.

The Australia-based registry, Motion Picture Domain Registry, went fully unrestricted February 22 and immediately saw at least 100 new names in its zone file.

It’s a small increase, but it meant .film, which sells for roughly $70 (101domain) to $120 (GoDaddy, its biggest channel) a year, topped 4,000 names for the first time.

It has not seen seen any additional growth since the weekend, however.

.film, from its 2015 launch, was restricted to registrants that could show a nexus to the film industry and was touted as an anti-piracy measure.

It does not appear to have been particularly well-policed, however. Its most popular domains (per Alexa rank) appear today to be piracy sites.

Despite the old restrictions, and despite being more than twice the price, .film has so far actually proved more popular than Donuts’ .movie gTLD, which has been wobbling around the 2,000 to 3,000 domain mark for the last couple of years.

I expect this is probably due to the fact that the word “film” means the same thing in many languages, whereas “movie” is a distinctly American English term.

Yanks beat Aussies to accountancy gTLD

Kevin Murphy, February 20, 2019, Domain Registries

The contention set for .cpa has been resolved, clearing the way for a new accountancy-themed gTLD.

The winner is the American Institute of Certified Public Accountants, which submitted two bids for the string — one “community”, one vanilla, both overtly defensive in nature — back in 2012.

Its main rival, CPA Australia, which also applied on a community basis, withdrew its application two weeks ago.

Commercial registries Google, MMX and Donuts all have withdrawn their applications since late December, leaving only the two AICPA applications remaining.

This week, AICPA withdrew its community application, leaving its regular “single registrant” bid the winner.

AICPA is the US professional standards body for accountants, CPA Australia is the equivalent organization in Australia. ACIPA has 418,000 members, CPA Australia has 150,000.

Both groups failed their Community Priority Evaluations back in 2015 on the basis that their communities were tightly restricted to their own membership, and therefore too restrictive.

AICPA later amended its community application to permit CPAs belonging to non-US trade groups to register.

Both organizations were caught up in the CPE review that also entangled and delayed the likes of .music and .gay. They’ve also both appealed to ICANN with multiple Requests for Reconsideration and Cooperative Engagement Process engagements.

CPA Australia evidently threw in the towel after a December 14 resolution of ICANN’s Board Accountability Mechanisms Committee decision to throw out its latest RfR. It quit its CEP January 9.

It’s likely a private resolution of the set, perhaps an auction, occurred in December.

The winning application from AICPA states fairly unambiguously that the body has little appetite for actually running .cpa as a gTLD:

The main reasons for which AICPA submits this application for the .cpa gTLD is that it wants to prevent third parties from securing the TLD that is identical to AICPA’s highly distinctive and reputable trademark

So don’t get too excited if you’re an accountant champing at the bit for a .cpa domain. It’s going to be an unbelievably restrictive TLD, according to the application, with AICPA likely owning all the domains for years after delegation.