DNS Belgium have published an interview with a student whose Master’s thesis was on detecting fake web shops in the .be domain with machine learning.
The .shop new gTLD announced in mid-July it passed the one million registrations mark, one of only six new gTLD’s that has surpassed the milestone. Aimed at online businesses/ecommerce, it launched in late September 2016 and took 15 months to reach the half million milestone and just over 3.5 years to reach the million.
DNS Belgium has moved to immediate checks of registrant data for .be domain names using what appears to be some form of artificial intelligence. Previously registrants had 14 days to verify their data if it was thought incorrect data was used. It is one further method to crack down on cybercriminals registering domain names in Belgium’s ccTLD.
Belgiumâs ccTLD saw domain name registrations climb marginally by around 1% to 1,603,508 at the end of 2018 to a new record high, but for new registrations these were at their lowest since 2008, a sign of a maturing market where new growth is becoming difficult to find. Itâs a situation thatâs mirrored in many ccTLDs in Europe and other developed countries.
Within Europe, growth among its 57 ccTLDs was only 1.9% in the year to the end of April 2019, while globally the figure was 3.4%, a new record low according to the latest CENTRstats Global TLD Report published in May.
According to DNS Belgiumâs annual report for 2018 there were 226,727 new registrations in 2018 and a healthy renewal rate of 86.55% which is on the rise. But one of the other 2 top-level domains managed by DNS Belgium had an even higher renewal rate with .brussels at 87.01% while for .vlaanderen the figure was 86.47%. However total registrations for both of these are much lower with 7,670 for .brussels and 6,607 for .vlaanderen making up 0.32% and 0.28% of all domain names in the country.
Within Belgium, 54.42% of all domain names are .be domains, 15.09% .com and .eu at 6.95%. Rounding out the top 10 were .loan with 5.51% of all registrations, .net (5.50%), Netherlandsâ .nl (2.76%), Franceâs .fr (1.63%), .org (1.55%), .info (0.65%), and Germanyâs .de (0.54%).
When it comes to how .be domain names are used, 81.83% of them have a website, 75.27% for email, 69.81% for both, 12.72% of .be domain names only have a website and 5.46% only have email while 12.02% have neither. For the types of website content, 58.65% of all websites have what is described as âlow contentâ (websites with minimal content: pay per click, error messages, holding pages), 2.41% for personal content (for example, blogs) and 38.95% for industry or business.
When it comes to where .be registrants come from, naturally most are from Belgium with 68.92%. Next is the Netherlands with 17.68% of registrants, France (4.79%), Germany (1.85%) and the US (1.47%) being the only countries above 1.0%.
Almost three-quarters (74.84%) of .be registrants have only one domain name and 12.64% have 2 domain names. The distribution of .be domain names to companies and individuals sees 72.36% going to companies and 27.64% to individuals.
There are 408 registrars for .be domain names with the top 3 accounting for 26.89% of all registrations, the top 10 for 54.21% and the top 100 for 90.50%.
The internet is increasingly playing a part in the lives of Belgians with growing numbers enjoying the freedom it gives them, go online for entertainment and feel the internet is an essential part of their daily lives. But only 1 in 20 Belgians have ever registered a domain name.
This is all part of research conducted by InSites Consulting on behalf of DNS Belgium, the .be ccTLD registry, at the end of 2018. The research found trust is important for Belgian internet users, and .be domain names score high on that front.
When asked what were the most important factors when it comes to trusting a domain name, Belgians responded:
- Language of the domain name
- Extension of the domain name
- The brand of the domain name
- Length of the domain name.
When it came to trusting a website, an encrypted connection (https) was considered the most important, a .be domain name second and a company logo third.
When asked if theyâve ever registered at least one domain name, 5% of Belgians said they had while 95% said not. 60% understood the concept of domain names while one third (35%) said theyâd consider registering a domain name in the future, the remainder said they wouldnât.
For the top level domains Belgians register domain names in, 77% said their own country code top level domain .be, 30% said .com, 16% said .net and 13% said .eu. Following was their neighbour .nl (Netherlands – 8%), .org (7%), .fr (France – 4%), .brussels (2%), .london (1%) and others accounted for 9%.
When it comes to the reasons for registering a domain name, 43% of Belgians said for a website, 40% for website and email and 6% just email.
It also appears Belgians are registering domain names sooner in the process of developing a business or idea with 42% saying they registered a domain name âdirectly at the time of the ideaâ compared to 23% in 2017, 11% âwhen the business is launchedâ (11% in 2017) and 23% after the start (30% in 2017).
Awareness was highest with .be and .com, with both scoring awareness among over 90% of Belgians (94% and 92% respectively) while .vlaanderen and .brussels scored 27% and 19% respectively.
Belgians said they valued the freedom and entertainment the internet offered them with 70% saying they loved the freedom the internet gives them (up from 59% in 2017), 68% said they go online at home for entertainment (57% in 2017) and 67% said they âfeel the internet is an essential part of their daily livesâ (47% in 2017).
Belgians say they surf safely online with almost two thirds (64%) saying they ânever surf to untrustworthy sitesâ while half (50%) âare concerned with safe internet useâ and a quarter (25%) âare aware of the latest online security toolsâ.
Verisign and DNS Belgium both publish trending keywords for their biggest top level domains. For Verisign itâs .com and .net, for DNS Belgium itâs .be. In the last week theyâve both published their August lists.
For Verisign, whose list is for English keywords only, the top .com keyword was âfanâ and for .net it was âhotelsâ. For .be, whose results are published in a word cloud, âensembleâ came out tops while âMercedes-Benzâ, âherstellenâ, âbioâ, âservicesâ and âiphoneâ all featured prominently.
DNS Belgium note that âthe holiday mood completely disappeared in August: domain names concerning campings or campers no longer figure in the top 50. We do notice that a number of companies are building a portfolio of .be websites, with registrations per sales point / region: mercedes-benz and ensemble (for group purchases) are examples of this trend.â Frequently registered words (online, web, shop, etc) are taken out in an effort to present the trends better.
The top 10 trending keywords registered in August 2018 for .com and .net were:
|Â bets||Â pink|
The word cloud for the top trending keywords for .be in August were:
The latest registry to announce how they plan to deal with the European Unionâs General Data Protection Regulation is DNS Belgium who have announced that for individuals, all registrant data will be hidden from 25 May, but for business, nothing will change unless a contact is an individual when the relevant data will also be hidden.
The changes will reflect any searches done for WHOIS data for domain names under Belgiumâs country code top level domain (ccTLD) and follows a survey in recent months on the use of the WHOIS tool on the DNS Belgium website.
As part of the survey, DNS Belgium asked how often WHOIS is used to search for the data of private registrants and for what reason. Of those who used the WHOIS search for .be domain names, the main reason was for business searches.
During the month or so when the survey ran, there were 44,845 WHOIS searches. Nearly three quarters of them were searches for the data of companies and organisations. A little more than 25% of the searches concerned data of private persons.
The survey showed that the four most important reasons why people consult WHOIS does not differ for organisations and private persons:
- Check whether the person is really the registrant of the searched domain name
- Contact the registrant with a request to take over his domain name
- Check the e-mail address to which the transfer code is sent.
The survey also found a large number of ‘private searches’ are conducted by registrants who want to look up their own data to determine whether they are still the owner of the domain name or to check the e-mail address for the transfer code. In such cases, DNS Belgium will continue to send the WHOIS certificate to the registrant’s email address after 25 May.
When someone looks up someone else’s data to contact the registrant, DNS Belgium will pass on the request to the registrant in question by means of a WHOIS form. The registrant’s data will therefore not be shown and no direct contact will be established with him. That can take place only via DNS Belgium. Then it is up to the registrant if they wish to respond.
Registries universally said they’re not content police in a discussion on domain name take down processes involving legal counsels from the operators of 6 European registries, both generic and country code TLDs. However processes vary among the registries.
The discussion involved representatives from dotSaarland, DENIC (.de), SWITCH (.ch), SIDN (.nl), DNS Belgium (.be) and Nominet (.uk) at the Domain Pulse conference in Munich Friday, the annual event that rotates between Germany, Switzerland and Austria.
One registry that does make decisions on takedowns, or suspensions as they’re often called, and the content on the sites using the domain names, is SWITCH. Anna Kuhn explained how SWITCH was rather unusual in that they were both a registry and operated a national Computer Emergency Response Team (CERT), which gave them some additional expertise. However SWITCH still doesn’t make decisions on content, only on domain names involved in the hosting malware and phishing Combatting cybercrime, Kuhn explained, is one of the roles of the registry operator.
Volker Greimann from dotSaarland, the only new gTLD operator in the panel discussion, said .saarland is in a different position to the country code top level domain (ccTLD) registries as they have a direct contract with ICANN. Additionally, the Saarland regional government said they don’t want their new generic top level domain (new gTLD) to be a haven for crime. The gTLD for the German state has an anti-abuse rule in their terms and conditions that requires domain names to not ruin the reputation of the Saar region.
Horst explained the German registry's position of the German registry in this respect: “DENIC is not the right point of contact to which to turn when it comes to content. If DENIC were to evaluate content and delete, at its own discretion, domains through which websites with questionable content can be accessed, this would be equivalent to censorship. In a democracy based on the separation of powers, no one can seriously support law enforcement by the private sector. This philosophy of DENIC's is, by the way, also reflected by the unanimous opinion of the German courts.”
The courts, Horst explained, have always sided with DENIC’s view that they also aren’t in a position to judge on what is illegal content and that complaints should always go to the registrant if they can be contacted.
SIDN’s Maarten Simon said SIDN will never just take down a domain name and that contacting the registry should be a last resort. However Simon also noted .nl domain names are much more trusted by Dutch people than any other TLD. And that this trust is both in SIDN’s interest to protect so that internet users continue to want to visit sites using the Dutch ccTLD and businesses want to register .nl domain names. Building trust benefits SIDN’s bottom line as more .nl domain names are registered. For complaints regarding .nl domain names, there is an independent appeals board with a number of judges and professors with the expertise to deal with complaints.
Peter Vergote from DNS Belgium also noted how .be has nothing to do with judging content hosted using a .be domain name, so to get a domain name suspended a complaint has to give necessary evidence such as a court order to have a domain name taken down.
Vergote echoed Simon’s views on .nl in that DNS Belgium deeply cares about the quality of the .be zone and it’s their sincere duty to do what they can without taking unnecessary risks. While they are more active than in the past on dealing with complaints, they will never evaluate content on a website. This position has been backed by a court order from a Belgian court that states deciding illegal content is up to the courts and can’t be done by DNS Belgium. When it comes to phishing though, DNS Belgium treats this differently and will take action without a court order if they are advised from a competent body that a domain name is used for phishing.
But DNS Belgium will never take it upon themselves to suspend a domain name that’s suspected of being used for phishing because that’s a content evaluation. Additionally Vergote said a phisher is unlikely to put their correct identity in Whois. DNS Belgium suspends around a dozen domain names per month with complaints largely driven by government agencies and rarely from private individuals or organisations.
So what about the domain names that are required to be taken down, or suspended? For SIDN, Simon explained the procedure starts with a form to be completed on the SIDN website where the complainant explains why the domain name should be taken and what they’ve done to date to complain. If the complaint is clear cut SIDN will go to the registrar and get the domain name taken down. SIDN receives about 20 requests per year and take down one, maybe 2, each year out of the 5.8 million .nl registrations.
Nominet’s Wenban-Smith commented on the futility of removing or suspending a domain name because even if they do, the content still exists. Nominet doesn’t allow child abuse or content that promotes criminal activity on .uk domain names. But Nominet doesn’t make decisions on what is illegal content but does cooperate with those who can such as law enforcement. For those wishing to make complaints, Nominet doesn’t take requests from those outside the UK. In 2017 Wenban-Smith said Nominet suspended 16,000 .uk domain names in 2017.
In another example of domain name registrants preferring their own ccTLD than any other TLD, apart from those in the United States who prefer .com, DNS Belgium has released research that shows three-quarters (75%) of entrepreneurial Belgians choose a .be domain name over any other TLD.
In research commissioned by DNS Belgium, they found trust and confidence in .be are particularly high among all Belgians, who associate the .be country code top level domain (ccTLD) particularly with quality and reliability. For Belgian businesses, as with research conducted by other ccTLD registries within their own countries, .be therefore seems to be the best choice for Belgian entrepreneurs who want an online presence.
.be is the undisputed frontrunner in terms of reliability and inspires the most confidence among entrepreneurs and non-entrepreneurs alike. A domain name extension is cited as the third most important reason for trusting a website, after an encrypted connection (https instead of http) and reference to an official website (e.g. by means of a logo).
The research conducted by Insites Consulting gauged the trust and confidence in the different domain name extensions and questioned very specifically also entrepreneurial Belgians who have never registered a domain name.
The research also found entrepreneurs and the average Belgian alike find a company website to be more reliable than a Facebook page of an organisation. They have more trust and confidence in an e-mail address linked to a domain name than in a general email address (e.g. @hotmail.com).
Entrepreneurial Belgians are more likely to know that both a website and an email address can be linked to a domain name than the average Belgian. 59% of them would register a domain name to have a personal mail address (in combination with a website or otherwise).
The research found Belgians sees a website primarily as a source of information, but the entrepreneurial Belgian has a more commercial approach. They usually have a better idea of what a website can mean for them personally and professionally. They see it as a means of making both they and their activity better known and of keeping in contact with customers, prospects and stakeholders.
The entrepreneurial Belgians questioned opted for .be primarily because it says something about their location and is popular and reliable, but also because it clearly indicates the target group they want to reach. They see a .be domain name and website as something which is logically connected with setting up their own company.
The research also asked about preferences for and associations with various top level domains. .be and .com were found to be the frontrunners in terms of familiarity. The best-known extensions are also seen as being more reliable.
Of the new generic top level domains (new gTLDs), .vlaanderen is known to 31% of entrepreneurial Belgians; .brussels to 21%. Both have a strong political connotation, which .be does not. They are associated more with language and location than .be. There are few differences between the entrepreneurial group and average Belgians in this respect.
Cyberland is in turmoil once again DNS Belgium, the Belgian ccTLD manager, is advising. At the beginning of the new year, their northern neighbours, the Netherlands, north detected that quite a number of domain names of local politicians had wound up in the hands of cyber criminals.
People who surfed to the websites of some local politicians landed in all sortsÂ of rogue web shops set up to cheat people out of money and data. Some branches of the VVD, i.e. the Peopleâs Party for Freedom and Democracy (the Dutch liberals), had seemingly embarked on a little business in Italian womenâs sandals. The site of a local branch of the PvdA (labour party) referred surfers to a web shop of Diesel wallets.
According to the Dutch daily De Telegraaf, at issue are domain names which were initially used for legitimate purposes by the politicians concerned. As the latter did not renew them at a given moment, however, these domain names became available on the market again and could be registered by anybody.
What occurred in the Netherlands does not imply that every domain name released from registration is acquired by people with rogue intentions. But it does illustrate again that it can lead to abuse. âCyber criminals buy domain names to set up web shops for the sole purpose of swindling people,â says Marc NoÃ«t of the internet companyÂ Dataprovider. According to him, a web shop is the best and most widely used way to worm credit card details out of people.
Personal email addresses are usually also linked to a domain name. Whoever buys a domain name released from registration, can therefore proceed to use those e-mail addresses as well.Â No more than a year ago, a great commotion was stirred, likewise in the Netherlands, when ethical hackerÂ Wouter Slotboom managed to register a number of expired domain names of the Dutch police and received confidential police reports in his mailbox over a year and a half as a result.
You may well have a good reason not to renew a domain name: your company has changed its name or has ceased to exist. Moreover, you might not really mind all that much at the outset that your old domain name has become available again, but serious consequences may ensue if it winds up in the hands of cyber criminals and your image and reputation take a serious hit.
Experts therefore advise to continue nonetheless to register domain names you no longer use. A little effort and a small cost can save you from all sorts of distress.