Combating domain name abuse is a constant challenge.
Domain abuse can prove costly for small businesses and individuals when they result in scams, fraud or are used to exploit vulnerabilities of IT systems.
According to ICANN’s Domain Abuse Activity Reporting (DAAR) system, the .au domain, managed by auDA, has significantly lower abuse rates than global averages.
auDA’s stricter registration requirements provide added protections, and the data shows lower domain abuse as a result.
Lower abuse levels mean all Internet users can have greater trust when accessing the .au country code top-level domain (ccTLD).
What is domain name abuse?
Domain abuse is when the use of a domain name results in a security threat, usually by scammers or hackers.
ICANN identifies four types of security threats:
- phishing;
- malware;
- botnet command-and-control; and
- spam.
You can find more on each one here.
What is the DAAR?
ICANN’s DAAR system analyses security threat activity and domain abuse behaviour across top-level domain registries and reports its findings each month.
This is intended to assist anti-abuse efforts, inform policy discussion, and support consumer confidence and trust.
How does .au compare?
In November 2020, auDA received our first individualised DAAR report for the .au domain.
It reported that around 0.04 percent of domains in the .au ccTLD that month had at least one security threat, compared to an average of 0.25 percent of abusive domains in generic top-level domain (gTLD) namespaces.
From an average of 3,066,719 domain names in .au, there were 1,308 domains that were listed with at least one security threat. This compares to October 2020 where from an average of 3,049,856 domains, 307 were listed in one of the threat reporting feeds that DAAR employs.
Of the abuse that did occur in .au, phishing attempts made up the majority. As a percentage, this was higher compared with gTLDs, which recorded more spam and malware threats.
How does auDA keep .au more secure?
The validation of registrant information and the availability of this information in our WHOIS service contributes to the relatively low percentage of domain abuse in the .au ccTLD, helping .au remain secure and trusted.
Abuse rates overall are lower in .au because of some key registration differences.
gTLDs generally do not require registrars to collect as much information from a registrant, and do not set the same eligibility tests.
Often you only need to provide a name and contact details.
However, when registering a com.au, auDA requires additional information and that the registrant has a close and substantial connection to the domain name, in accordance with our rules. auDA also requires the collection of:
- registrant legal name;
- registrant ID;
- eligibility type;
- eligibility name;
- eligibility ID; and
- policy reason.
This additional information means scammers will often look to gTLDs to register domain names that look like those already used for legitimate purposes. Since they look similar, they can easily trick the unsuspecting.
A more detailed WHOIS record allows consumers more visibility of who they are dealing with.
auDA’s WHOIS shows the public information including registrant name and contact information, allowing suspicious domain names to be more easily checked.
A more detailed record, including information such as the registrants postal address and phone number, can be accessed by auDA’s compliance team to help resolve disputes and determine eligibility.
What now?
As this is the first time an individualised report has been produced specifically for .au, we will be looking closely at future reports to examine any emerging trends so we can continue to keep the .au secure, trusted and reliable for all Internet users.
