Why you might be contacted with a request for information?
Why they would contact you depends on the situation, but there are multiple reasons for registrars (or resellers) to contact domain name registrants. For example:
To investigate and correct inaccurate Whois data.
To validate and verify certain Whois data fields. Website owners could be contacted by phone, email or post. Registrars must suspend or delete domain names that are not timely verified (like we saw in our example).
To formally remind their customers once a year to review and update the contact information for their domain name.
To verify, identity or contact information as needed to process payments.
Domain transfer matters, but only when there is a reasonable dispute regarding the identity of the registered name holder (or the Administrative Contact).
So let us get back to our New Zealand domain name registrant and have another look at who was involved:
He (as a registrant) registered his domain name with Domains4Less (a reseller), but received an email to validate his contact details (reason 2 from our list) from SRS Plus (an ICANN accredited registrar). SRS Plus is actually part of Network Solutions (the 4th largest .com domain name registrar), which is a subsidiary of Web.com (a web hosting and web development services company but also a registrar), which is in turn owned by private equity group Siris Capital. You might have heard of Siris Capital as they recently acquired the parent company of Crazy Domains via Web.com.
That’s a pretty impressive list of inter-connected companies to be associated with for just one customer and according to the article, the domain name registrant seemed to be only aware of his relationship with his reseller Domains4Less.
How to make sure these situations won’t happen again?
So the question is, how do we make sure the domain name registrants are properly informed about how the domain name industry works and are also aware of who they have relationships with?
What the domain name registrant can do?
I think there are three different ways to look at this question. The first one is the role of the domain name registrant. It is his responsibility to educate and inform himself. A properly running website and being able to communicate with (potential) customers through email, is critical and ignoring the available information is just too risky from a business perspective.
What the sender of the request for information can do?
Secondly there is the role of the sender. I think it is important when organisations send messages to domain name registrants, that they properly identify themselves, explain who they are, why they are sending this message, and what their relationship is with both the recipient and the registrar. And last, but not least, how and where the recipient can verify that the message is legitimate?
What the registrar (or reseller) can do?
Finally there is the need (or obligation) for registrars and resellers to be as transparent as possible, to provide their customers with all available information and educate them about agreements and other relationships with third party companies.
The registrant needs to know how the domain name industry works and who they have a relationship with.
The situation at SiteHost
SiteHost is both a registrar and reseller and we do our best to be as transparent as possible and provide essential information to our customers, many of whom are resellers themselves. We train our staff for situations like this, so they are aware of their obligations and able to help.
We also advise our customers to take the time to educate themselves and to read more about the verification of contact information on the ICANN website. And yes, we know those tiny letters can be pretty annoying and you would rather read or do something else, but they contain really important information. So take the time to read it.
If you have registered a domain name with SiteHost, and are not sure that the email you received is spam or not, just get in touch and we will be able to tell you if an email is legitimate or not.
SiteHost and Upstream Registrars
SiteHost also uses SRS Plus for some domain name registration services, but our customers will most probably receive an email from a company called PDR Solutions - some of our customers will have received one recently - or from our in-house registrar of record SiteName. Any .nz domain name notifications should come from SiteName for example.
It is possible though that you will receive a message from SRS Plus and that this email could look like spam, but it is very important not to ignore it because it could contain the confirmation message of your contact details.
SiteHost also supports some new TLD’s (top level domains) which may have other registrars and registries involved so if you have a ccTLD - such as a .com.au domain - you may receive an email from those registries as well. So be cautious and seek advice if you are in doubt about the source of the email.
ICANN and spam
These verification emails have been around for a while now, and there are plenty of stories about (mostly .com) domain names being taken down, like this colourful article about the website nomadlist.com.
It seems that ICANN is in a bit of a difficult situation with on one hand the responsibility to ensure that registry content is valid and up-to-date, while on the other hand having to deal with phishing emails from criminals who try to impersonate trusted senders so they can obtain access to sensitive data. Fortunately ICANN provides help for people who have received emails that appear to be spam and you can forward those suspicious emails to ICANN to have them checked.
As a disclaimer, we haven’t tested sending one of these emails to ICANN ourselves.
Still not sure that email is spam?
We understand that for an outsider the industry might seem unnecessary complicated and that the process of verification of contact information even seems a bit dodgy. Especially when you receive emails from organisations or companies you have never dealt with before. But we hope we have been able to provide a bit more clarity on the domain name industry. We also want to make clear we sympathise with anyone who finds himself in a situation where his domain name gets suspended because the email asking for information, looked like spam. So yes, if we could design a system ourselves, it would definitely be different, but it’s designed by ICANN and we are not in a position to change it.
We will always assist and inform our customers in the best possible way though. So when you still have questions about your domain name or are not sure the email you received is spam or not, feel free to contact SiteHost support, and we will get it all sorted!