Skip to main content

Security & spam

Online security is increasingly important as e-crime is becoming more prevalent and widespread globally. However there is plenty you can do to protect your online identity. Here we outline how various security threats work and how you can learn to recognise the danger signs of online fraud, and the precautions you can take to help ensure that you are not at risk.

Scams and fraud

Advice concerning the introduction of the new .uk domains.

On 10 June 2014 shorter, simpler .uk domain names were made available for the first time. It is possible that there may be some increase in activities such as slamming or false invoicing. We would like to remind you to be vigilant and pay heed to the advice below and urge caution when you receive unexpected letters concerning your domain. Of course, you are likely to receive legitimate letters/other communication about this from your registrars or from Nominet - we would simply remind you to verify before taking action on such communication.

Pressure sales

In these cases victims would usually be called by an organisation which either claims to be official or has an official-sounding name (for example, the "Internet Registration Office"). The caller says that they have received requests to register a series of domain names which are similar to the victim’s or which contain their company name, and wanted to offer the chance to prevent the third party from registering them. Typically the victim is given a short period of time in which to register the domains and is asked to pay by credit card over the phone.

To avoid this scam never give in to pressure on the phone. If in doubt discuss the situation with your registrar or with us.

Slamming or false invoicing

This scam involves sending victims registration or renewal letters that are in fact for different but similar domains (perhaps using .com in place of for example), or for the transfer of registrar. Often these letters are invoices or contracts, charging you or locking you in to their services.

This scheme relies on use of WHOIS records and is not permitted under our WHOIS terms of use. We monitor usage of our WHOIS service closely to ensure it is not being misused. We will consider taking legal action against such abuse. In recent examples (in Australia and the UK) we went to court and won. This resulted in the bankruptcy of the people involved, the winding up of their companies, and injunctions against their conduct and orders to prevent them from doing it again.

To avoid this scam, we would urge caution when you receive unexpected letters concerning your domain.

Domain names and spam

We do not have the power to turn off a domain being used for spam. If we did a spammer would simply use domain names of people they did not like, just to get their services disrupted. Also a link may have nothing to do with the domain name you can see - and if it does, it may be because the website has been hacked into.

In addition it is not usually the domain name that is the problem - it is the zombie, or the mailing computer being used to send spam. In these cases the actual solution is to find that computer or zombie and get it taken off the Internet until the problem is fixed.

To avoid spam we do not list email addresses in our WHOIS although spammers are endlessly inventive and can find addresses from a variety of sources. You can report spam to various agencies, according to what type of spam it is. For further advice on how to report spam and how to stay safe online, see our advice site knowthenet.


Phishing is where you get an email pretending to be from a bank (or eBay, PayPal or some other place where you might enter personal information and financial details) which is actually from a scammer trying to steal your money and information.

If you think that someone is misusing our trademarks, name or WHOIS information as part of any scam, then please contact us.

© Nominet UK 2015