35 million names registered in May. Only 8% of registrations were paid. 32 million were part of a scam. It's called "domain kiting."
Wednesday, June 21, 2006Domain kiting continues out of control!
The numbers are now in for May 2006 and the domain kiting problem continues to rage out of control. In fact, it's as bad as ever.
92.3% of May registrations were kited domains!
Consider this: Just over 35 million names were registered for the month of May. Of those just over 2.7 million were permanent registrations. That means that 92.3% of all domain names registered were part of a scam now known as domain kiting. These names were kept off of the market, they were used to generate search engine revenue - AND BECAUSE OF A LOOPHOLE ICANN REFUSES TO ELIMINATE - those 32.3 million names were used without being paid for.
A huge problem that affects everyone.
If you do not know what domain kiting is all about, there is a primer at the end of this blog article. You should find a quick glance through that to be helpful. Domain kiting hurts all Internet users. It helps only the fat cats who have the money and power positions to take advantage of the domain kiting scheme.
The Internet is finally acknowledging domain kiting.
Since I wrote about this scheme and gave it the name of "domain kiting" there has been increasing attention given to the problem. The term "domain kiting" now has been used by officials at ICANN - although they've yet to deal with the problem -- the media, security firms and many others. "Domain kiting" also appears as a term in Wikipedia, and if you search on Google using quotes around "domain kiting" you'll find there are already somewhere around 50,000 search results on the term. So the problem now has a name - and that's an excellent start!
Cyber criminals are now using the tactic.
An international security firm, Message Labs, also recognized domain kiting as being a serious problem in a report it issued in May. In its report, Message Labs reported that cyber criminals are using the domain kiting tactic to "acquire domains without paying for them and use them for illegal gains!"
ICANN is doing what they do best -- nothing!
It's been two months now since I've written about the gigantic proportions that this scam has assumed, and it is with an extreme sense of sadness that I report to you that, in spite of increasing focus on the domain kiting problem, that ICANN has done literally nothing to even begin to address putting an end to this abuse.
Dotster gets singled out.
In the meantime, several well known trademark holders have filed a large and rather nasty lawsuit against Dotster - a registrar who hasn't exactly been a stranger to domain kiting - for registering many misspellings of the trademarked names, and associating them with search engine pages.
The names that are alleged to have been unlawfully used by Dotster are not trivial. They include such well known brands as Cingular, Disney, Ikea, Google, Neiman Marcus, Playboy, Verizon and the list goes on.
The whole idea being that Internet users will land on these pages, click on these links and then generate revenue for our friends at Dotster. I don't know if Dotster's guilty here or not - but that's what the suit is all about.
But VeriSign has little to say.
Despite the fact that the Dotster lawsuit further draws attention to the existence and abuse of domain kiting, I also find it incredibly interesting that VeriSign -- who operates the .COM registry -- has chosen to remain spooky quiet on the issue of domain kiting as well. Could it be that VeriSign doesn't care because it is focused on getting approval for the lopsided agreement it recently negotiated with ICANN, that gives it a virtual perpetual monopoly -- with a built in 7% price increase in every 4 of 6 years? Or does VeriSign have something else up its corporate sleeve? Your guess is as good as mine.
Once again ICANN -- Please help!
For the third time I am appealing to ICANN to step up and take action to put an end to domain kiting. The ICANN meeting in Marrakech, Morocco should provide the perfect forum for the ICANN Board to put an end to this travesty. The Board showed that it was able to step up and take action when it came to approving a lopsided deal for VeriSign. I see no reason why it can't do the same when it comes to doing something for the good of the domain name system and the Internet. After all, isn't that what ICANN is supposed to be about?
You too VeriSign -- Please help!
As for VeriSign, it would be nice to see the keeper of the .COM Registry step up and do something that is simply good for the Internet -- something that doesn't immediately lightening bolt cash into its coffers. C'mon VeriSign. Step up and help us out here.
To be honest, I'm running out of people to ask for help. Until next month...
A Domain Kiting Primer.
In a nutshell, here's how domain kiting works.
Domain kiting registrars put up mini-Web sites - loaded with search engine links - for domains names for which they never pay. When people land on these Web sites and click on the links, money is made. It's easy to spot one of these registrars as the number of total registrations they make often far exceed the number of permanent registrations - or names for which they actually pay. This is why during the month of May 2006, out of 35 million registrations, only a little more than 2.7 million were permanent or actually purchased. The vast majority of the rest were part of the domain kiting scheme.
Now let's drill down a little further into domain kiting 101.
A registrar who participates in this scheme - Go Daddy and its affiliates do not participate in this scheme - makes a large deposit - sometimes a huge deposit - at a registry. Then the registrar registers as many domain names as the deposit will allow. For example, if the registrar makes a $600,000 deposit at VeriSign Registry, they could register 100,000 .COM domain names as .COM names cost $6.00 per year.
It's all about catching Internet traffic.
For each domain name registered, the domain kiting registrar puts up a simple Web site filled with search engine links and hopes users land on that page and click on the links. Anytime an Internet user lands on one of their mini-Web sites and clicks on one of the links, money is made.
Domain kiting registrars abuse the 5 day refund period to work their scheme.
After a domain name is registered, a registrar has five days to cancel a domain name registration - i.e. drop the name - and get their money back. Domain kiting registrars abuse this rule and cancel the lion's share of the names they register just before the five day period expires - so they get their money back. But then something unexpected happens. After names are cancelled or dropped, the domain kiting registrar goes out and immediately registers the same names again. The domain kiting registrar will then put the same simple Web site back up for each domain name, wait another five days and then cancel all the names again - just in time to get a full refund. And for most names caught up in the domain kiting scheme, this process will repeat itself over and over and over.
Domain kiting registrars rarely pay for the names they use.
By not actually paying for the names they are using, domain kiting registrars are able to generate profits, even if their mini-Web sites only generate 50 cents or more per year. And if they find, over time, that certain names never generate any revenue they stop registering them altogether. It's only the names that have value - to you as an Internet user - they register over and over and keep off the market - names for which they of course never pay.
Domain kiting registrars only purchase the names that prove to be real money makers.
There are those cases when, if a domain name proves to be especially profitable, domain kiting registrars will actually step up and register the name. They're not stupid. They won't take a chance on losing a name that generates much more than the annual cost of a registration. However, this is clearly the exception.
Read the latest Go Daddy news.