Domain Names

Towards a Generalised Threat-Scoring Framework for Prioritising Results From Brand Monitoring Programmes

The ability to rank results according to the level of threat they pose (based on factors such as, for example, the extent to which a webpage relates to a brand of interest) is a key component of many brand protection services. The prioritisation process has a number of purposes, including the identification of: (a) priority targets for further analysis; (b) candidates for content tracking (i.e. regular reinspection of content or configuration, and the generation of an alert if high-concern findings are identified) - as may be appropriate in cases where a domain name presents a high potential level of risk but is not currently associated with any live site content; and (c) priority targets for enforcement actions.

Beyond WHOIS: Rethinking Domain Verification in a Post-GDPR World

The introduction of GDPR in 2018, and the subsequent tightening of privacy regulations around the world, was a necessary step toward protecting user data. Consumers gained critical rights over their personal information, and companies were forced to adopt stronger standards for how they collect, store, and use that data. However, one unintended consequence has been the erosion of access to domain registration information once easily available through WHOIS databases.

How New Domains are Driving DNS-based Attacks

Cyber criminals are the kings of recycling. Once they've found a tactic that works well, they'll keep doing it as long as they can get away with it. That's why it's so important for research teams to keep a close eye on what's happening behind the scenes with web traffic. Case in point? Our team at DNSFilter recently analyzed global DNS activity from the first quarter of 2025 and identified several notable trends.

Thousands of Third-Party Domains Target Super Bowl Betting Brands

When major events like the Super Bowl are on the horizon, cybercriminals exploit public trust by creating fraudulent domains for fake betting sites, phishing, and malware distribution. CSC's research into top online sportsbooks highlights the hidden risks of dormant domains, which, though inactive, can quickly be repurposed for cyber attacks. Overlooked yet dangerous, these domains play a key role in impersonation, misinformation, and scams targeting event-driven traffic, underscoring the need for continuous monitoring of lookalike, dropped, re-registered, and newly registered domains.

Time to Act as Apple Sets Wheels in Motion for Shorter Certificate Life Cycles

You may have read our previous blog about the pending reduction of digital certificate life cycles to just 90 days. This past weekend, the issue gained momentum at the Certification Authority Browser Forum when more detail was discussed following the proposed ballot to set a timeline for shorter lifetime certificates by Apple. This creates real urgency for organizations of all sizes to seriously consider and implement automation into their certificate life cycle management.

Celebrating 40 Years of .COM

Last month marked 40 years since the registration of the world's first ever .com domain name – symbolics.com – in March 1985. It’s a time to reflect both on the role .com has played in the evolution and growth of the internet over the past 40 years, and on the importance of ensuring that .com remains secure, stable, and resilient for the billions of people who rely on it every day. Who could have imagined in 1985 that over the course of the next four decades, internet users would register hundreds of millions of domain names...

Domain Industry 2025: Current Landscape and Key Market Data

As we navigate through 2025, the domain industry remains a critical focal point amid persistent geopolitical instabilities, inflation, and an ongoing energy crisis. These pressures have reshaped the landscape of domain registrations and the domain aftermarket. Despite these challenges, digitalization continues to drive innovation and efficiency across sectors.

Beyond WHOIS: CircleID and Edgemoor Research Institute Second Event on ‘Filling the Gaps’

Experts at a CircleID and Edgemoor Research Institute webinar debated the challenges of domain registration data access in a post-GDPR world. Panelists explored the tension between privacy laws and legitimate data requests, the role of automation in disclosure decisions, and the need for a scalable, trust-based framework to balance compliance, cybersecurity, and enforcement interests.

Br’AI’ve New World - Part 1: Brand Protection ‘Clustering’ as a Candidate Task for the Application of AI Capabilities

As counterfeit networks grow more elusive, AI-driven clustering could revolutionize brand protection. By linking disparate findings, identifying serial infringers, and enabling bulk enforcement, AI offers a smarter approach to monitoring and takedown efforts. Yet, challenges remain - from data reliability to analyzing complex content. Companies that master AI-driven clustering may gain a significant advantage in the fight against brand abuse.

Beyond WHOIS: Filling the Gaps

Amid evolving privacy laws and rising cybersecurity threats, domain registration data disclosure remains a contentious issue. Beyond WHOIS: Filling the Gaps brings together experts to examine Project Jake's policy framework, aiming to balance privacy with legitimate access. Join industry leaders for insights on policy clarity, operational efficiency, and the future of domain name governance.

Beyond WHOIS: CircleID and Edgemoor Research Institute Inaugural Event on Balancing Privacy and Legitimate Data Needs

The global debate over Internet privacy and security took center stage in a webinar hosted by CircleID in partnership with the Edgemoor Research Institute. The event marked the first in a series exploring the delicate balance between safeguarding personal data and ensuring legitimate access to domain name registration details. As governments, cybersecurity experts, law enforcement, and intellectual property holders grapple with the evolving regulatory landscape, Project Jake seeks to establish a framework that prioritizes policy clarity, efficiency, and adaptability.

How to Convince Your Boss to Deploy DNSSEC and RPKI?

At the Internet Governance Forum (IGF) 2024 in Riyadh, the Internet Standards, Security and Safety Coalition (IS3C) released a new tool: 'To deploy or not to deploy, that's the question. How to convince your boss to deploy DNSSEC and RPKI'. In this report, IS3C advocates mass deployment of these two newer generation, security-related internet standards, as their deployment contributes significantly to the safety and security of all internet users.

Response to usTLD Registry Management and Maintenance RFI

On January 17th in the closing days of the Biden Administration, NTIA issued the following Response for Information in connection with the .us ccTLD. While responses to the RFI will be held in confidence by NTIA per the RFI, some organizations such as M3AAWG made their response public. In the spirit of openness and transparency, Rick Lane and I are sharing our response on this important topic.

A Perfect Storm Brewing for European ccTLDs?

The European country code top-level domain (ccTLD) market is at a crossroads, facing a confluence of challenges that could reshape its trajectory in the coming years. From slowing growth and rising renewal prices to shifting user behaviour driven by AI, the market is undergoing profound changes. These trends suggest a potential decline in domain volumes and a shift in how domains are valued and used. Here's a closer look at the factors contributing to this "perfect storm" and what it means for the future of European ccTLDs.

Kenya’s ccTLD KeNIC Increases Domain Registration and Transfer Fees

The Kenya Network Information Center (KeNIC) announced a price increase for .KE domains, effective February 3, 2025. This comes at a time when the total number of .KE domain registrations has remained stagnant at around 100,000 for several years, despite previous efforts to spur growth through price reductions. This blog explores the implications of the price adjustment, analyzes the competition faced by .KE domains, and evaluates the challenges and opportunities for KeNIC in a competitive domain market.