Verisign Sending Deceptive Domain Renewal Mail?

General_Corto writes: "Declan McCullagh's PoliTech list just forwarded a message detailing how Verisign is sending letters to people who own domains through other registrars, attempting to make them change registrar on renewal. Looking at the letter it is very unclear that you are signing up with a different registrar. Sneaky games are being played."

Sneaky letter

[herko_cl]

This thing doesn't even have the company name on its return address, it's just called Expiration Department.
This is just an attempt to snare unsuspecting customers aware from other registrars, apparently earning a tidy profit for Verisign (Go Daddy software complains that that Verisign charges $29.95 instead of their $8.95)

"Interland" does this as well

[Evro]

My girlfriend got a "DOMAIN NAME EXPIRATION" notice from Interland. It said something to the effect of "if you don't renew now, you may lose your domain!" The problem is, she registered it through Network Solutions. NetSol must have taken notice of this and thought it was just a fantastic marketing technique.

I registered several through GoDaddy, by far the best one I have ever used, and Godaddy sent me a "warning" notice that Verisign is sending out these deceptive messages, and suggesting we write to icann about them...

---------- Forwarded message ----------
Date: 22 Mar 2002 20:52:05 -0000
From: service@godaddy.com
To: xxxxxxxxxxxxxx
Subject: A WARNING TO OUR CUSTOMERS

Please be aware that Verisign, Inc. (formerly Network Solutions) is sending via the US Mail, what we believe to be deceptive and predatory domain expiration notices.

The purpose behind these notices is to get the unsuspecting customer to transfer to and renew their domain name(s) with Verisign Inc. at significantly higher prices.

The domain expiration notices are designed so that it is not obvious that the notices are from Verisign, Inc. as opposed to Go Daddy Software. To see a copy of one of these deceptive expiration notices, please go to the following URL: http://www.godaddy.com/gdshop/private_vsrn.asp?dis play=letter.

Those customers who fall prey to the Verisign, Inc. scheme will have their domain name(s) renewed at a price more than 3 times higher than would be the case if they renewed with Go Daddy Software.

For a .com, .net or .org domain name renewal, the victimized customer would pay $29.00 to Verisign, Inc. instead of the $8.95 charged by Go Daddy Software.

Those customers who fall prey to this scheme, will not receive any better service or value. They will however be tricked out of $20.05 per domain name.

Renewal notices from Go Daddy Software are sent via email, and always mention the Go Daddy name. You can be sure that any communications you receive concerning your domain name that do not explicitly and obviously display the Go Daddy name are not from Go Daddy Software.

If you believe, as we do, that this practice of Verisign Inc. is misleading, predatory and improper, we invite you to make your feelings known by writing to ICANN (who is the governing body for all Registrar's and Registries) and to Verisign Registry. Email links for both are provided below.

Sincerely,

Bob Parsons, President
Go Daddy Software, Inc.

ICANN Registrar Complaint Form (hosted at InterNIC)
http://www.internic.net/cgi/registrars/ problem-rep ort.cgi

VeriSign Registry Customer Service
info@verisign-grs.com

Interland is doing a similar thing.

[Binky+The+Oracle]

For the last 2 months I've been receiving similar mail from Interland (a Verisign partner) for a domain that doesn't expire until late May. I have two sites hosted on Interland and they're sending me renewal notices for a Verisign-registered domain that I parked on Interland servers (no live site).

Initially I was keeping all of my registrations with Verisign/Internic because I felt they provided me with the best service. That's still true as long as I don't need them to do anything like send me a registration report or help me change a contact because the record got munged.

I also felt a bit more secure with Verisign because they don't seem to be going anywhere and domain registrations are long-term investments for me.

These new tactics may be the final straw. The trouble is, I don't know how reliable any of the other companies are. Any recommendations?

Good reason for whois server changes

[Leme]

I really can't think of a good technical reason that I need to see the expiration date and other information off of the whois servers. Only information I really care about is the DNS servers and the admin/technical contact.

They should make the whois servers not give this information so other companies can use it as their own personal sales list.

I avoid VeriSign...

[stevel]

I'd say that VeriSign is the Microsoft of registrars, but that would be an insult to Microsoft. VeriSign has screwed up billing and renewal of various domains of mine four times in the past - after the last fiasco, in which they triple-charged me for a single two-year renewal their web site told me was not processed, and which they had already told me they couldn't do because my domain had (afterwards) been transferred to eNom, it took me three months and a letter to my bank disputing the charges to get my money back. I now use eNom for all my registrations. (Yes, I know there are cheaper choices...)

However, I get the last laugh.. When the domain involved in that triple-renewal came up for renewal this year, eNom told me that VeriSign's database had the domain as having been extended for six years - it didn't a year ago when I had the mess with them - so I was all set through 2008! I wrote them to explain what happened - they thanked me for being honest and said that it was more trouble than it was worth to "correct" the situation...

Others do it as well

[iammichael]

I've gotten numerous letters from various registrars trying to get me to renew with them. None of them were very straightforward about the fact that they weren't my current registrar. Luckily, I know better (what's weird is that my domain is registered for the next 10 years, and some registrars still think it was expiring this year).

On a slightly related issue, I got a phone call a month or so ago from "The Domain Support Group". They tried telling me that since I owned a .com domain, I had early access to a .info or something like that. They repeatedly implied that they were just a support group calling, and not a company named "The Domain Support Group".

Paraphrasing a bit...

Who would be the registrar for the domain?
"We would be"

And who are you?
"We're your friendly Domain Support Group"

So you're not my current registrar?
"We're the domain support group".

Are you the same company as my existing registrar?
"Uh, no."

Yeah... so, I filed a complaint with the FTC.

Re:At least they've gotta ask...

[xigxag]

Y'all remember "slamming?"

That's a very apt comparison. Verisign has gone from being a monopoly (as Network Solutions) to having a lot of cheaper competition, just like Ma Bell. And similarly, it finds that it can't hack it in the real world, and is resorting to underhanded techniques like this.

Re:Farming For Clients

[IIOIOOIOO]

More importantly, using the WHOIS database for marketing purposes is against ICANN rules and against the AUP on most WHOIS servers.

Could It Now Do This?

[EXTomar]

I wonder if the Telco Act as it stands now already cover this? IANAL nor do I keep the law text lying around to study. :-)

Re:Nothing new

[letxa2000]

I agree. I used to have my domains registered with VeriSign. About three years ago we switched all our domains to Register.com. The switch went without a hitch and even doing a whois at NetSol shows the correct registar.

However, without fail we get invoice after invoice from Network Solutions with letters saying if we don't pay we will lose our domain. Duh...

They might not be the only one, but it is very deceptive. I think they send it so comapnies who have an A/P department see the low-dollar bill ($35/$70, whatever) and are allowed to pay it without authorization. Little do they know that they, by paying it, authorize NetSol to transfer the domains of their organization back to NetSol.

Bad, very bad. Kind of like an invoice I once received from somewhere in Europe for something like $1395. It was for being placed in some business directory. What? Obviously they were just fishing. It doesn't cost anything to send invoices and, who knows, someone might actually pay. All you have to lose is postage.

Switch away

[hether]

One of my husband's relatives got a letter like that from Verisign. He was previously with NetSol. and hadn't even noticed the offer was from a different company. He just wanted to know what to do with it. I switched him to Doster. A helluva lot cheaper and easier to work with than either of the other two.

I guess I didn't consider the letter deceptive because it referred to transfering and the poor uncle just thought it was from his regular host to begin with. He had no idea what their name was.

it gets worse - hosting companies getting burned

[mkbz]

i worked for a large company (read: s&p500 listing) that, as one of their services, did web hosting for small businesses - handling the domain registration and renewal internally. boy, did we start getting angry phone calls when people thought their domains were going to expire (and we weren't going to renew them inclusive to their contract/fee.)

doesn't internic have a policy of conduct for domain name registrars? i seem to remember there being a lot of concern when they broke the netsol monopoly that the 'alternatives' would provide poor customer service and business ethics. who's the pot, and who's the kettle NOW?

The letter is quite clear

[dstone]

Looking at the letter it is very unclear that you are signing up with a different registrar.

Okay, Verisign is a lousy registrar and their service sucks. But their letter is reasonably clear, I think. Click on the link to that letter and you'll quickly see:
1. A nice clear Verisign logo. (duh)
2. The words "Transfer Authorization" just above where you sign.

Anyone who can't see those two things in black & white simply isn't up to the responsibility of being the administrative contact for a domain. I still dislike and distrust Verisign, but if the person in charge of my domains didn't clearly see that as a TRANSFER to VERISIGN, then they'd be out of a job.

Re:A lesson in POSTNET barcodes

[pwagland]

This decodes into 0 2 3 4 7 1 1 2 5 2 5 8.

which is ZIP+4+2: 02347-1125-25 Checksum 8

The way the POSTNET checksum value is given by (10-((Summation of all digits) Mod 10)). The total of our digits 02347112525 = 32... (10-(32 mod 10)) = 8. The checksum is valid and our decoding is probably successful. post online.

I know that this is just being picky, but....the check digit cannot be as described above, since if you had the number 02347112523, then using your method you would have a check digit of 10. This is obviously two digits and not one. One can only assume that this s meant to be 0, therefore leading to the checksum digit being computed as follows:

(10 - ( (Summation of digits - 1) Mod 10 ) - 1)

This means that your example would be (10 - ((32 - 1) Mod 10) - 1) = 8, and my example would give (10 - ((30 - 1) Mod 10) - 1) = 0.

Having said that, I want to take nothing away from the the wonderfully instructive example that you gave on how to use/abuse this information! :-) I along with many other slashdotters stand in awe :-)