FC: More on Verisign sending deceptive domain registration bills

[Declan McCullagh <declan () well com>]

Previous Politech message:

"Verisign reportedly sending deceptive domain registration bills"
http://www.politechbot.com/p-03298.html

---

Date: Mon, 25 Mar 2002 16:56:11 -0500
From: Arnold Kling <arnold () arnoldkling com>
To: declan () well com
Subject: phony domain registration bills

I got two of these, both from "affiliates" of verisign.  They were very
deceptive.  They said that my domain would expire "soon" and "in
March."  In fact, it will expire in March of 2003.  Nowhere did they
make clear that they were taking registration away from my current
domain registrar.

I think that the FTC ought to fine these people.  Meanwhile, every
domain name registrar had better email a warning to their customers.

--
Arnold Kling <mailto:arnold () arnoldkling com>
Author, "Under the Radar:  Starting Your Net Business
  Without Venture Capital"
http://www.amazon.com/exec/obidos/ASIN/0738204684/arnoldklingco-20
<http://arnoldkling.com> <tel:+1-240-888-4936>
1370 Lamberton Drive, Silver Spring, Md. 20902

---

From: "Shirley Dalton" <shirleydalton () attbi com>
To: <declan () well com>
Subject: Domain Expiration Notices
Date: Sun, 24 Mar 2002 22:19:24 -0800

With regard to the domain expiration notices being sent to customers of Go 
Daddy Software -- be advised that Verisign Inc. is not the only company 
trying to solicit new customers by sending letters to people whose domains 
are due for renewal.

One of my domains (ironically it is registered with Verisign) is due for 
renewal in April and I received a notice from Domain Registry of America 
<http://www.droamerica.com>www.droamerica.com asking me to renew my domain 
registration with their company.  At least they were open about their 
solicitation. Reference was made in the letter to the fact that my domain 
is registered with Verisign, but they would like my business since their 
price is less than that of Verisign.

I guess this type of solicitation is to be expected with so many companies 
now registering domains.

Shirley Dalton
Progressives for Global Survival
<http://www.booksreborn.com>www.booksreborn.com
"There is a word sweeter than mother, home or heaven--that word is 
liberty."  Matilda Joslyn Gage

---

From: admin () consumer net (admin)
To: <declan () well com>
Cc: <Press () GoDaddy com>, <pcw () flyzone com>
Subject: RE: Verisign reportedly sending deceptive domain registration bills
Date: Mon, 25 Mar 2002 07:52:48 -0500

GoDaddy is the one who charges a $49.95 fee to change the ownership
records of a domain (a service that if free for many registrars).  See
how long it takes you to find the notice of this charge when you review
their web site!

Russ Smith
http://TheNIC.com

---

From: "Hugh Brower" <hugh () futuris net>
To: <declan () well com>
Cc: "hugh3" <hugh3 () futuris net>
Subject: FC: Verisign reportedly sending deceptive domain registration bills
Date: Mon, 25 Mar 2002 09:49:39 -0500

I have received a number of these phony bills.  They are actually from 
Interland, which I believe is either wholly or partially owned by Verisign.
I consider them deceptive, and they look similar in design to the phony 
Yellow Pages ad solicitations that businesses receive from time to time.

Some customers who we had originally registered domains for have actually 
paid these phony invoices, not realizing they weren't from us, and their 
domains were transferred back to the Network Solutions registrar.  I 
believe Interland/Verisign are doing the transfers without getting email 
authorization from the admin contact for the domain name, which would make 
it a violation of ICann procedures.  The phony invoice forms request you to 
sign them which supposedly (if you read the back of the form) gives 
authorization for the switch.  That does not guarantee that the person 
signing is in fact authorized to make the switch (a disgruntled secretary 
could sign the her own name and transfer the company domain to her control).

In all fairness, Interland has been doing these mailings for years, and 
this appears to be one of the "tricks" that has gotten their business to 
the size it is now.  Their privileged position within the Versign family 
gives them insider access to the master database of domain information.  In 
the past before their were competitive domain registrars if you accepted 
the Interland offer, your domain's ISP (DNS servers) would be switched to 
Interland.  Now they merely change the registrar (but claim to) keep the 
ISP the same.

The competitive registrars are not happy about the Interland tactics, and 
that's too be expected.  With all the confusion over different registrars 
and many people not understanding the difference between a domain registrar 
and a web hoster (ISP), that's one reason we are seeing more of these 
problems being reported now.

The entire domain transfer process is quite open to abuse - I have had 
domain names literally stolen out from under me by hackers using rogue 
registrars that bypass the email "checks" required before a domain can be 
switched.  Some competitive registrars do absolutely nothing to protect 
their customers domains from being taken in this way.  Because the problem 
is not yet on the public's radar screens, Verisign GRS (who are in charge 
of the master system all registrars for com/net/org must use) has not felt 
much pressure to put better checks and balances into place.  I predict 
though that some high profile domains will eventually get hijacked this 
way, and then there will be calls for Congress to get involved and put some 
controls on how Verisign does business.

Hugh Brower

---

Date: Mon, 25 Mar 2002 09:51:56 -0500
From: Rich Kulawiec <rsk () firemountain net>
To: Declan McCullagh <declan () well com>
Subject: Re: FC: Verisign reportedly sending deceptive domain registration 
bills

This isn't the first time Verisign/Network Solutions has pulled
something like this.  (In fact, it's just another in a long series
of "creative" techniques they've used to counteract the mass exodus
from their service.)

For example, I've received bills from NSI for domains that have
already been transferred away them.  (So have others.)

I've received bills/renewal notices that were re-addressed to the
"President" of my little company, even though no such info is present
or has ever been present in my registration records.  (So have others.)
This is a pretty obvious attempt to do an end-around on the people
actually responsible for a company's domain registration.

And so on.

Here's one particularly ugly story:

 <a 
href="http://www.w3.org/People/Connolly/9903webtechs-snafu.html";>webtechs.com 
falls victim to Network Solutions (March 1999)</a>

But many more are available by Googling "Network Solutions Horror Stories".

---Rsk

---

Date: Mon, 25 Mar 2002 08:52:41 -0800
From: Tom Perrine <tep () SDSC EDU>
To: declan () well com
Subject: Re: FC: Verisign reportedly sending deceptive domain registration 
bills
X-Organization: San Diego Supercomputer Center, San Diego, California

Declan,

I have also received these notices from Verisign.  They *are* quite
deceptive.  You have to read the fine print on the back, where the
only hint that this is not a re-registration with your current
registrar is a clause about "authorizing the transfer" of the domain
registration.

I wish I had kept the last one.

They are exactly the kind of notices that we used to see for
long-distance service "slamming".  If I get another notice from them,
its going to my friends at the Boiler Room Task Force here in San
Diego.

--tep

---




-------------------------------------------------------------------------
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if you include this notice.
Declan McCullagh's photographs are at http://www.mccullagh.org/
To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
-------------------------------------------------------------------------
Politech dinner in SF on 4/16: http://www.politechbot.com/events/cfp2002/
-------------------------------------------------------------------------