MENU
  • Enom.com
  • Resellers

Enom Blog

April, 2020
Archive

  • Avoiding COVID-19 Cyberattacks with Security Best-Practices

    April 28, 2020

    Advice, Featured, SSL

     Like

    Views: 2791

    security lock and credit cards on keyboard

    Most of us that work in Tech are familiar with security best-practices, but for many people, including your customers, being thrust into working remotely and conducting more daily activity online can bring with it security risks. Now is a great time to support your customers with tips on how to stay secure online and avoid COVID-related cyberattacks.

    We’ve partnered with one of our trusted Security providers, Digicert, to provide you content that can be easily recycled and shared with your customers.

    Staying safe online, during COVID-19 and beyond

    The ugly reality is that cybercriminals will exploit any vulnerability they can find. During the COVID-19 pandemic, many people are increasingly active on social media, email, apps and SMS (texting) as we look to stay connected with one another and alert to new information. Some malicious parties are taking advantage of this by using these technologies as a means to distribute malware. Often, these scams involve fraudsters impersonating healthcare officials or organizations.

    What can you do to stay safe?

    1. Be suspicious of emails and messages about COVID-19 by:

    • Inspecting the subject line and sender. If you don’t know the sender, or the subject line seems odd, don’t open the message and most importantly, do not click on any links.
    • Subject lines about a cure or vaccine for COVID-19 are most definitely scams. Don’t open the message.

    2. Look for common signs of fraudulent emails. These include:

    • Poor grammar or spelling
    • Poor design
    • Unreliable contact information
    • No Terms and Conditions provided
    • Deals that seem too good to be true
    • Suspicious forms of payment (like sending money to a random PayPal account or paying with cryptocurrency)

    3. Don’t download unknown email attachments

    For example, the map below — made to look similar to a legitimate map created by Johns Hopkins University — was circulated by scammers via email. The map often included links to malicious sites disguised as official communication.

     

    4. Get familiar with known scams related to COVID-19

    The Canadian Anti-Fraud centre is keeping an up-to-date list of known scams, and we encourage you to check for similar resources being provided by your local government.

    5. Keep your browser up-to-date and watch for security indicators

    One easy way to protect yourself is to ensure you’re using the latest available version of your browser. We also recommend checking that the websites you are browsing are encrypted with SSL.

    Digicert has a great guide on how to identify authorized sites. This is particularly important if you are providing any kind of personal information or making a financial transaction.

    6. Always check for additional trust indicators

    Asking yourself a few of the following questions can help you better determine whether a website is trustworthy:

    • Do they have Terms and Conditions or a return policy listed?
    • Do they have a secure site seal?
    • Are there grammar and spelling mistakes?
    • Do they have reviews?
    • Do they have a social media following?
    • Is there contact information listed in case you need to get in touch with the company about your order?
    • If you arrive at a website via a link contained in an email, take extra care sure to make sure the site you’re on is the company’s official website – not an imposter.

     

    Questions like these do not guarantee that a site isn’t a scam, but they are helpful guides in determining whether or not you should trust a site.

    The reality is, it’s impossible to completely safeguard against online threats. But just like handwashing and social distancing offer a basic line of defence against COVID-19, the best-practices outlined above will help protect you and minimize risk online during these challenging times.

    Read More

  • Tucows Approaches to COVID Related Domain Registration

    April 9, 2020

    Industry Insight, News

     Like

    Views: 20925

    From an early point in the current global crisis, it was clear to Tucows (Enom’s parent company) that we were going to need to do something new and different in how we responded to COVID-19 related domain registrations. Many of these domains are registered for good, helpful purposes, such as community organization, dissemination of healthcare information, and recording people’s experiences through this pandemic. Others, however, purport to sell COVID-19 cures, vaccines, or tests, none of which are legitimately available on the market today and all of which pose a significant health risk to the general public.

    This blog post is going to run through the what, why, and how of our response to problematic or abusive COVID-19 related domain names and provide suggestions as to how our resellers and other hosting and CMS companies can help.

    Before we dive in, we want to emphasize that this global pandemic is an exceptional situation, requiring Tucows to explore approaches we would not consider in other circumstances.

    In helping to develop the DNS Abuse Framework, Tucows spent substantial time considering how domain names may be used to cause a threat to human life, and this work has been immensely valuable within the context of the COVID-19 pandemic. It is also important to note that our response to each and every issue that we find is contextual and dependent on the specific circumstances. We expect to return to our regular procedures as the pandemic and corresponding risks subsides.

     

    Our actions

    There are three major components to our COVID-19 related activities: identification, assessment for harm, and stakeholder engagement.

    Identification

    Tucows uses a relatively simple keyword search on all domains registered since December 2019 to flag relevant domains for manual review. We are also matching domain names on our platform to a number of externally-sourced COVID-19 related blocklists. Every day, members of our Compliance teamwork through our list of COVID-19 related registrations.

    Assessment for Harm

    As we mentioned above, a considerable number of COVID-19 related domain registrations are doing good and important things. We’ve seen many official websites from communities, hospitals, and other organizations come online over the past few weeks. Often, it is faster and easier for these organizations to use the website builder products offered by our reseller partners than for these organizations to host and build a site on their own infrastructure.

    As Tucows is primarily concerned with domain names that represent threats to human life, we are prioritizing looking for those that resolve to websites purporting to sell COVID-19 tests or cures. We are deeply worried about the possibility that someone could take a fake test and then, based on those results, continue to spread COVID-19 in their community, endangering many others. We have found very few of these sites so far, but when we do, we ask the registrant for documentation that proves their legitimacy and authorization to sell. This is very similar to our standard practice for addressing reports of harmful online pharmaceuticals.

    At this time, we have yet to see a site offering an unambiguous (albeit fake) cure that presents a risk of imminent human harm. We have seen cure-adjacent sites, purporting, for example, the (dubious) benefits of high-doses of vitamin C and the practice of alternative medicine. We’ve flagged these for review, but have not removed them from the DNS at this time.

    Other types of Harm

    We have also seen a number of COVID-19 phishing, botnet, and malware abuse issues; fortunately, we already have clear and well-established practices for dealing with these. For reports of misinformation, disinformation, price gouging, or fraud, we are working with regulators and law enforcement wherever possible to address these websites as we do not have the appropriate tools or experience to assess these independently.

    Engagement with Stakeholders

    An important component to all of the above has been communicating consistently with a variety of different stakeholders. This has included a number of our reseller partners who have seen large numbers of COVID-19 registrations. It has also included conversations with different law enforcement agencies, governments, and regulators. Our goal in these conversations is both to be transparent in what we can and cannot do and to ensure that the work of assessing website content is handled by those who are appropriately trained and empowered to do so wherever possible.

     

    Why Review?

    At least one major registrar has effectively blocked incoming COVID-19 related domain registrations. Tucows has chosen not to do this for a number of reasons; the primary one is that the Internet is an immensely powerful tool, especially in times of crisis where coordination is essential. The amazing sharing of information, mashups of data, official sites and even art that we’ve seen in our review is a daily reminder that allowing for creation is important. We think it’s important that registrants are able to respond as they see fit to the crisis, without impediment or delay. This approach vastly increases our burden and puts us in the uncomfortable position of having to assess the level of harm represented by a COVID-related domain and the website to which it resolves. However, we feel these circumstances are exceptional and are determined to do our part.

     

    Steps our resellers can take

    Hosting companies, CMS providers, and ecommerce platforms are in a better position than domain registrars to address content-related issues. Tucows resellers who offer these services may have the ability to remove specific pages or items from online stores whereas registrars have only one very blunt tool: we can take down the domain. To this end, we are also encouraging our resellers to monitor their registrations and platforms for COVID-19 related content. Now is an excellent time to review your Terms of Service and consider how you might apply them in the current circumstances. If you’re a Tucows reseller and would like assistance identifying COVID-19 related registrations, please reach out via help@enom.com.

     

    Report COVID-19 Related Abuse

    If you would like to report a COVID-19 related domain registered with Tucows that appears to be problematic, please submit an abuse complaint here: https://tucowsdomains.com/report-abuse/

    Lastly, like all complicated problems, COVID-19 requires a regular review of our processes and iterating where possible in a very short amount of time. We, like you, very much look forward to a return to normalcy.

    Read More

FEATURED POSTS

  • How to Win by Treating Your Customers as Members

    August 13, 2020

  • A Great Domain for Freelancers and Entrepreneurs? Try .ME

    June 22, 2020

  • Bandzoogle: website builder for musicians

    June 1, 2020

  • security lock and credit cards on keyboard

    Avoiding COVID-19 Cyberattacks with Security Best-Practices

    April 28, 2020

CATEGORIES

  • Advice
  • Announcement
  • Developers
  • DNS
  • Featured
  • Fun
  • GDPR
  • Industry Insight
  • New TLDs
  • News
  • Premium Domains
  • Promotion
  • Resellers
  • Roadmap
  • SSL
  • Uncategorized
  • WTB

ARCHIVES

  • December 2020
  • November 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • April 2020
  • March 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • September 2018
  • August 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • January 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • February 2017
  • January 2017
  • December 2016
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • July 2016
  • June 2016
  • May 2016
  • April 2016
  • March 2016
  • January 2016
  • December 2015
  • November 2013
Support

Report Abuse
Help Center
Contact Us

Resources

WHOIS Lookup
Maintenance Alerts
Developers
Products & Services

Domain Name Search
Premium Domains
Web Hosting
SSL Certificates
Website Builder
Basic Email
Bulk Tools

© 2021 Enom Blog |