We have had several reports from GreenNet members about "phoney bills" relating to domain names they have registered through us. 

If you have received a letter in the post from "Domain Registry of America"  (DRoA) or "Domain Renewal Group" urging you to pay them for renewing your domain name, please ignore it.  It's a scam, so don't worry about your domain and do not send them any money.

The approach usually comes in the form of a letter to your postal address obtained from the public "Whois" database of registered domains.  Superficially the letters may look like bills and may say something like "Domain Name Expiration Notice", but are actually intended to be agreements to transfer your domain to them (at an inflated price without hosting).  GreenNet automatically renews your domain while you have hosting services with us, so you don't need to do anything.  It seems that particularly domains ending ".org" or ".info" are affected by this so-called "domain slamming", although the terms of use of the WHOIS forbid its abuse for marketing.

The return address is often a mailbox at "56 Gloucester Rd, Suite 526, SW7 4UB" and we have seen similar campaigns using the names "EU Registry Services" (in 2004), "Domain Registry of Europe", and "Domain Renewal Group" using identical tactics.  Their own website mentions "Brandon Gray Internet Services" and "NameJuice.com". 

We've also received numerous comments on this site from other internet users giving information or wanting more information about how to recover their domain or their money. Some of these have mentioned particular names of people involved in DRoA, located in Toronto, including Eric Voisard (evoisard@droa.com), Peter Chan and Steven Linn.

GreenNet has been seeing these letter campaigns since 2004 and would like to suggest ways you can report the scam and avoid confusion.  We had numerous conversations at the end of June 2008 with the Office of Fair Trading and the Trading Standards department and it seems there is little they can do, since the company is based abroad and this could be seen as a business-to-business dispute.  We have also confronted DRoA to explain the abuse.  They claim there is no law protecting users from being contacted by post, unlike email or fax, although there have been reports of them also using email in 2010.

If you, as an affected person, would like to make a complaint here are a few numbers you can call.

Other mentions of the scam:

 

Sample comment received:

"I just stopped the new treasurer of an association sending off the cheque on this scam... which, since the country is French speaking - and the recipients have difficulty understanding the letter - will probably have quite a success. Thanks for all your info... I'll see what I can do."
 

Comments

DROA scammers

They use an "address" at 2316 Delaware Avenue, #266, Buffalo, NY to receive mail. This is a UPS store in a small shopping plaza near a Dunkin' Donuts. I notice that the other two addresses they use, one in London and one in Melbourne, have a similar type of mail-forwarding look. This helps them cover their tracks.

Why isn't this a punishable crime/offence?

Is it that they can't find them, or that what they're doing isn't necessarily illegal. It seems like computer crime/phishing/hacking is really low on the priority list of crimes to go after, but think of the money that could be saved for the economy (including time spent dealing with malware and hacked sites) if governments took these things more seriously. Very under-appreciated assault on our economy.

The legality of so-called

The legality of so-called "domain slamming" is borderline.  There is no specific law against it, although (in my non-legal opinion) one might be feasible based on sanctions for abuse of WHOIS data.  DRoA and its various other brands will presumably claim they are merely soliciting business.  The US Federal Trade Commission may say they have taken action to ensure there do not make clearly deceptive statements.  But the question might be whether the overall impression is a "false representation".    Since people have been taken in by it, not knowing how domain registration works but only that they have a domain registered, and are at least confused, there is still an argument to be put by law enforcement.  If you have been taken in by it and suffered losses in the UK, probably "Action Fraud" would be interested.

In my opinion, "caveat emptor" may not be enough in this case, but more awareness of the problem of course helps people educated and defend themselves against deception.  DRoA must spend a fortune on postage though.

Phishing and unauthorised website intrusions (cracking/"hacking") are of course a different case, clearly illegal and harder to trace internationally.  I would agree that law enforcement's priorities on the internet could better contribute to resolving extremely widespread internet security issues; at the moment they seem more directed at Intellectual Property Rights (IPR) violations.  There is perhaps a lack of skill in government to understand what can really be done constructively, with ministers simply using the prefix "cyber-" in a misguided and unsuccessful attempt to appear educated on the issue.  In fact, the most effective security measures seem to come from non-profit organisations, individual software maintainers, and very small security research companies.  Current Government initiatives include "cyber-security principles" (GCHQ/BIS) and a "Cyber-crime reduction partnership".

Featured services

GreenNet web projects are all about planning, designing, building and hosting websites that work for you and the issues you’re working on.

GreenNet provides a unique anti-spam service geared to NGOs, the voluntary sector, charities and activists.

Our managed Drupal hosting is for organisations who want a managed and dynamic presence on the web with easy access to expert Drupal advice and development support.