Domain names: the dangers of the “snap” | Hogan Lovells



[co-author:

DNS Belgium, the registry operating the national top level domain (ccTLD) .BE, recently published an article warning domain name owners of the risks inherent in the practice of “snap”. While anyone can legitimately recover an expired domain name, problems can arise when cybercriminals grab expired domain names and then use them in a detrimental way, such as pointing them to bogus sales websites. retail or recreating email addresses based on them.

The practice of “snap” (also known as backorders or snapbacks) has been around for some time and domain name owners should carefully consider the potential risks before allowing their domain names to expire. The cost of renewing a domain name is all in all low compared to the cost of legal action to recover one that has been registered by a third party who uses the domain name in a harmful manner.

The Netherlands recently experienced one such high-profile incident when politicians from two well-known political parties let their domain names perish and then found them pointing to retail websites, the first of which was selling shoes. Italian for women and the second of the portfolios of a high street fashion brand.

The email address is something that is often forgotten when considering whether a domain name should expire or not. Quite often, a domain name owner will have associated an email address with the domain name. Once the domain name is released, the new owner will be able to recreate and use this same email address.

Another high-profile incident in the Netherlands highlighted this danger when a well-known ‘ethical hack’ called Wouter Slotboom registered a number of previously registered domain names with the Dutch police. For about a year and a half, Slotboom was able to receive confidential police communications, including the Dordrecht Christmas Market Security Plan, via the email addresses it recreated from these domain names.

Registrants of domain names should also keep in mind that expired domain names often appear in the lists of domain names whose release is imminent on so-called “drop catch” or out-of-stock sites. are carefully monitored by domainers, not all of whom have the best of intentions.

In view of the above, domain owners should carefully weigh the costs against the risks of letting domain names expire and at least continue to renew a domain name that is no longer needed for a few years, especially if it is. it is fairly well known and / or generates a lot of traffic. The cost of this operation is not excessive and will reduce the risk that the domain name will be of interest to cybercriminals.


First published on Anchovy News: Anchovy® is our comprehensive, centralized online brand protection service for global domain name strategy, including new gTLDs as well as portfolio management and global application to the using a unique and proprietary online platform developed in-house.


Previous Hackers are flooding the Internet with more and more fake domain names. Here's how to protect yourself
Next New domain names should protect country names, according to WIPO proposal