Slashdot Mirror
Verisign Sending Deceptive Domain Renewal Mail?
General_Corto writes: "Declan McCullagh's PoliTech list just forwarded a message detailing how Verisign is sending letters to people who own domains through other registrars, attempting to make them change registrar on renewal. Looking at the letter it is very unclear that you are signing up with a different registrar. Sneaky games are being played."
Registrars have been doing this for a while, not just Verisign.
This thing doesn't even have the company name on its return address, it's just called Expiration Department.
This is just an attempt to snare unsuspecting customers aware from other registrars, apparently earning a tidy profit for Verisign (Go Daddy software complains that that Verisign charges $29.95 instead of their $8.95)
No
Yep, taken from the Verisign homepage:
;-)
" Trust is the foundation of every human relationship "
They probably forgot the *: Only applies when you owe us money
This strikes me as a similar, albeit different, tactic to what is known as "slamming" in the phone industry. It was once a common scam for the shadier long distance providers to change your carrier without your permission or consent; the practice was (I believe) outlawed in the 1996 Telcommunications Act (correct me if I'm wrong). This is slightly different because they are just being deceptive about gaining consent, but it does seem similar. Wonder if Congress will step in on this type of practice as well?
Not sure that's the best idea, but it will probably take Washington 10 years to notice this anyway and by then there won't be any players but Verisign left anyway.
The letter is very deceptive. Verisign seems to only be prominently mentioned once, and the address the letter gets mailed to doesn't mention Verisign at all. This is about as shady as switching your long-distance plan by cashing a check they give you (anyone else get those?).
But, I would hope that any sane person would refuse to put down their credit card number on a piece of mail as flimsy as a business reply card. Ignorance only extends so far, right? ...right?
This
I registered several through GoDaddy, by far the best one I have ever used, and Godaddy sent me a "warning" notice that Verisign is sending out these deceptive messages, and suggesting we write to icann about them...
rooooar
For the last 2 months I've been receiving similar mail from Interland (a Verisign partner) for a domain that doesn't expire until late May. I have two sites hosted on Interland and they're sending me renewal notices for a Verisign-registered domain that I parked on Interland servers (no live site).
Initially I was keeping all of my registrations with Verisign/Internic because I felt they provided me with the best service. That's still true as long as I don't need them to do anything like send me a registration report or help me change a contact because the record got munged.
I also felt a bit more secure with Verisign because they don't seem to be going anywhere and domain registrations are long-term investments for me.
These new tactics may be the final straw. The trouble is, I don't know how reliable any of the other companies are. Any recommendations?
Slashdot comments... splitting hairs since 1997.
I really can't think of a good technical reason that I need to see the expiration date and other information off of the whois servers. Only information I really care about is the DNS servers and the admin/technical contact.
They should make the whois servers not give this information so other companies can use it as their own personal sales list.
But since my domain isnt registered with NSI, im going to send it back to them no postage necessary, and im going to write on it in magic marker "NO WAY IN HELL"
maybe ill add a few washers, since they pay by weight of the letter, thats what i suggest, hit em where the investors feel it.
moo.
"Switch to MCI/Sprint from AT&T, it's better!"
"Switch to Linux, it's better!"
This is *totally* different. The difference is that Verisign isn't really telling you that you're switching, other than in the teeny tiny fine print. By your logic, this is akin to MCI sending you a bill for your AT&T service, indicating underneath your signature line that you'll be authorizing them to take over your service. There are laws against this now that specifically require you to say something along the phrase of "I agree to have *** as my long distance provider" on the phone where they can record it, as well as citing some personally identifiable information, so that the telco can prove that you authorized the change in proper sound mind and body.
"Mod, mod, mod...and another troll bites the dust."
don't most domain name holders know who they registered with, when their time expires, and who their options are for renewal? isn't it normally a tekkie who handles the domain name administration for a company? if they really wanted to be sneaky, they'd send it to the administrative assistant to the VP of operations. this isn't any more sneaky than the 5-50$ check that AT$T sends in the mail where they switch your long dial phone service if you cash it.
I'd say that VeriSign is the Microsoft of registrars, but that would be an insult to Microsoft. VeriSign has screwed up billing and renewal of various domains of mine four times in the past - after the last fiasco, in which they triple-charged me for a single two-year renewal their web site told me was not processed, and which they had already told me they couldn't do because my domain had (afterwards) been transferred to eNom, it took me three months and a letter to my bank disputing the charges to get my money back. I now use eNom for all my registrations. (Yes, I know there are cheaper choices...)
However, I get the last laugh.. When the domain involved in that triple-renewal came up for renewal this year, eNom told me that VeriSign's database had the domain as having been extended for six years - it didn't a year ago when I had the mess with them - so I was all set through 2008! I wrote them to explain what happened - they thanked me for being honest and said that it was more trouble than it was worth to "correct" the situation...
I've gotten numerous letters from various registrars trying to get me to renew with them. None of them were very straightforward about the fact that they weren't my current registrar. Luckily, I know better (what's weird is that my domain is registered for the next 10 years, and some registrars still think it was expiring this year).
.com domain, I had early access to a .info or something like that. They repeatedly implied that they were just a support group calling, and not a company named "The Domain Support Group".
On a slightly related issue, I got a phone call a month or so ago from "The Domain Support Group". They tried telling me that since I owned a
Paraphrasing a bit...
Who would be the registrar for the domain?
"We would be"
And who are you?
"We're your friendly Domain Support Group"
So you're not my current registrar?
"We're the domain support group".
Are you the same company as my existing registrar?
"Uh, no."
Yeah... so, I filed a complaint with the FTC.
Things like this are exactly why I no longer use Verisign/NetSol as my registrar. However, unfortunately this not their only dirty trick.
Aside from this, which is very similar to long-distance carrier slamming, Verisign also has a nasty habit of holding onto domains/not allowing customers to transfer their own domains. I know several people who were forced to wait for MONTHS for Verisign to finally go ahead and transfer their domains to another registrar, and that was only after repeated calls to them. Verisign's own transfer process was completely ignored, in the hopes of squeezing another $35 out of the billing contact.
Verisign also uses deceptive overbilling; if you register a domain with them for a year, come renewal time, they will send you a renewal bill for $70 or more! Of course, only in the very fine print do they tell you that it's $35 a year, so they are trying to make you renew for 2+ years. Yes, you can select 1 year, but they should not default to 2 years unless you previously paid for 2 years. It is very carefully worded to make it look like you actually owe them $70+.
Lastly, they make it ridiculously tough to modify your own contact information for a domain. I had a domain which was registered in my name, and with an email address that was now expired. So, you have to fax them a paper requesting a change of email address. Fine, no problem there. However, I had to send them nine faxes before it got changed. I would call to followup the fax, and they would repeatedly claim that it was never received. It took over 3 1/2 months for me to get an email address changed on a domain contact!! Of course, if you sign up for their expensive premium services, it only takes a day; glad to know where regular customers stand with Verisign.
I recommend that anyone who does use them to switch elsewhere. A company like Verisign/NetSol does not deserve our business.
That's a very apt comparison. Verisign has gone from being a monopoly (as Network Solutions) to having a lot of cheaper competition, just like Ma Bell. And similarly, it finds that it can't hack it in the real world, and is resorting to underhanded techniques like this.
There are two kinds of people: 1) those who start arrays with one and 1) those who start them with zero.
I own a house. For those of you not fortunate enough to understand what that means, consider your average junkmail that you receive now in your rental house, apartment, whatever. Multiply that by roughly 15.
This letter may be somewhat deceptive. So is every other friggin' piece of mail in my mailbox right now. Most people do the same thing with all such letters--they throw them out. But, like always, there is a sucker born every minute who will just plop down the credit card number and send the thing in. That's the ropes, folks.
When I looked at the letter, I saw Verisign's name immediately. I also noticed that you are signing for "renewal and transfer authorization", not just renewal. Sure, this might not say explicitly that you're going to change registrars... but there's a heck of a lot of fine print near the bottom that I can't read. My guess is that everything is spelled out there very clearly--to the person who cares to read it anyways.
Sorry folks, that's life. There's enough stupid people in the world who fall for things like this to make it economically worthwhile. Maybe next time get mad at the people dumb enough to sign things without reading--cause it's really their fault in the end.
Long, cute, or funny Sigs are just another form of over compensation, used by geeks, nerdz, etc.
More importantly, using the WHOIS database for marketing purposes is against ICANN rules and against the AUP on most WHOIS servers.
I wonder if the Telco Act as it stands now already cover this? IANAL nor do I keep the law text lying around to study. :-)
So how is this different from the mail I got from several other Registrars?
I just now sorted through this month's mail, did my bills, and threw away a ton of junk. In my sorting, I had TWO paper mails from other registrars telling me that my domain was about to expire and that in order to keep them I had to re-register them. Well, guess what? I'm registered with Verisign, but both of the letters were from other Registrars. One of which was Registrar of America (or something like that). They're both in the trash now, but the point is, Verisign isn't the only one guilty of it.
"Everything you know is wrong. (And stupid.)"
Moderation Totals: Wrong=2, Stupid=3, Total=5.
Please check out a good scan of the letter in question here: http://www.domainscams.com/. It is not from GoDaddy.
Of course it makes no sense for one person who's lost perhaps $15 by paying too much - and ended up with much worse customer service, but still - to sue. Unless that person becomes lead claimant in a class action suit on behalf of at least everyone who has suckered for this scam, plus perhaps everyone who has wasted valuable business time urgently asking employees or consultants why the renewal hasn't been "taken care of," or assuring bosses or clients that the notice - from the best-known name in the business - is a fraud.
Not to mention that it perpetuates the notion that anything dot.com related is suckersville - but I guess you can't sue for making the neighborhood look bad.
Still, if none of the lawyers reading this can frame it as a rich class action, we need to attract a brighter class of lawyers.
____
"with their freedom lost all virtue lose" - Milton
This is an incredibly sketchy practice on the part of Verisign and it pissed me off (as I'm sure it does many of you). Imagine if the U.S. government or IRS sent notices like this that said "Warning: If you don't send us X amount of dollars by March 31st, you will be in danger of facing criminal prosecution".
Actually, they do. But it's 15 April, not 31 March.
Fascism starts when the efficiency of the government becomes more important than the rights of the people.
on the page w/ the recievers name and address, it clearly has the verisign logo, and the instructions have for step 3..
Sign the form to authorize your renewal, transfer and payment.
It also clearly states the renewal rate and additionally, it has a section of inputs for 'Renewal and Transfer Authorization'
The fine print didn't really come through the scanner very well, so i have no idea what that says.
In any case, if you bother to read the mail, its not deceptive at all. I don't think its the greatest way to advertise, and it certainly doesn't encourage me to use verisign directly again, but theres nothing improper about it.
Need a Catering Connection
Never done a 'whois' lookup, have you?
Vintage computer games and RPG books available. Email me if you're interested.
See: http://www.usps.com/postalinspectors/fraud/MailFra udComplaint.htm
As for unsolicited postal mail, this search at Google will get you started.
"Anything is better than IE, and you can quote me on that." -- Wil Wheaton.
The short version is that I signed up for a domain transfer to Interland. Everything went fine (that is, they were very efficient at ringing u the sale on my credit card). Then, the troubles started. Various snafus at their end made the domain transfer take not one, not two, not three days - but NINE.
To make matters worse, their POP server went down repeatedly. Their "helpful web-based admin tools" didn't work properly - for example, WebTrends worked, but only sporadically. Server response times were atrocious - I regularly ran traceroutes from a variety of locations and found response to routinely be 2x slower than most other comparable sites.
Tech support failed to respond to any of my above complaints, but each time I received a handy message from their automated system, telling me that the problem had been resolved. How had it been resolved? There was no problem in the first place, so everything is OK!
Finally, I elected to end my misery. I switched to another host, which has given me none of the above-mentioned difficulties. I complained yet again to Interland and they finally promised to send a refund for the unused portion of my 1-year contract.
I faxed in the appropriate form over two weeks ago, and haven't been credited the amount due. Why am I not surprised?
Read the EFF's Fair Use FAQ
One of my husband's relatives got a letter like that from Verisign. He was previously with NetSol. and hadn't even noticed the offer was from a different company. He just wanted to know what to do with it. I switched him to Doster. A helluva lot cheaper and easier to work with than either of the other two.
I guess I didn't consider the letter deceptive because it referred to transfering and the poor uncle just thought it was from his regular host to begin with. He had no idea what their name was.
Most people would die sooner than think; in fact, they do.
...for one of my domains. It's actually pretty obvious that it's a transfer application, but I can see how it might confuse some people. It's just a single sheet of paper that you write your name on, check a couple of boxes to renew (and transfer your domain to them), and print your credit card info on.
I guess if NetSol wants "what--the--fuck.com", they can have it.
"Remember when the U.S. had a drug problem, and then we declared a War On Drugs, and now you can't buy drugs anymore?"
i worked for a large company (read: s&p500 listing) that, as one of their services, did web hosting for small businesses - handling the domain registration and renewal internally. boy, did we start getting angry phone calls when people thought their domains were going to expire (and we weren't going to renew them inclusive to their contract/fee.)
doesn't internic have a policy of conduct for domain name registrars? i seem to remember there being a lot of concern when they broke the netsol monopoly that the 'alternatives' would provide poor customer service and business ethics. who's the pot, and who's the kettle NOW?
www.pixelectric.com
If you look at the image of the letter you will see that they blocked out the address, but not the postnet barcode.
To my eyes the POSTNET barcode looks like this to me : (where t represents a tall bar and s a short one)
t ttsss sstst sstts stsst tssst ssstt ssstt sstst ststs sstst ststs tssts t
This decodes into 0 2 3 4 7 1 1 2 5 2 5 8.
which is ZIP+4+2: 02347-1125-25 Checksum 8
The way the POSTNET checksum value is given by (10-((Summation of all digits) Mod 10)). The total of our digits 02347112525 = 32... (10-(32 mod 10)) = 8. The checksum is valid and our decoding is probably successful.
Next step... head to the usps website to find that 02347 is in Lakeville, MA. Mind you, a ZIP+4+2 code in most cases is a unique address. However, the USPS is not going to make this easy for us.
Lets try our friend Google instead... searching for 02347-1125 give us the personal web site of Steve Douillette.
But how can we be sure that this is the letter Mr. Douillette recieved and diligently forwarded to godaddy to warn other customers? I wonder where Steve registered his domain name steve-d.com.
If you want to be anonymous, please be careful with what you post online.
But I don't see your point. Verisign has some responsibility here don't they? They own the company, right?
Will they do anything about this? If not, then they are endorsing it by their silence.
Bill
Upon seeing the box was too small, Schrodinger's Elephant breathed a sigh of relief.
Looking at the letter it is very unclear that you are signing up with a different registrar.
Okay, Verisign is a lousy registrar and their service sucks. But their letter is reasonably clear, I think. Click on the link to that letter and you'll quickly see:
1. A nice clear Verisign logo. (duh)
2. The words "Transfer Authorization" just above where you sign.
Anyone who can't see those two things in black & white simply isn't up to the responsibility of being the administrative contact for a domain. I still dislike and distrust Verisign, but if the person in charge of my domains didn't clearly see that as a TRANSFER to VERISIGN, then they'd be out of a job.
The solicitation must bear on its face either the disclaimer required by 39 USC 3001(d)(2)(A) or the notice: THIS IS NOT A BILL. THIS IS A SOLICITATION. YOU ARE UNDER NO OBLIGATION TO PAY THE AMOUNT STATED ABOVE UNLESS YOU ACCEPT THIS OFFER. The statutory disclaimer or the alternative notice must be displayed in conspicuous boldface capital letters of a color prominently contrasting with the background against which it appears, including all other print on the face of the solicitation and that are at least as large, bold, and conspicuous as any other print on the face of the solicitation but not smaller than 30-point type (see Exhibit 1.2).
The notice or disclaimer required by this section must be displayed conspicuously apart from other print on the page immediately below each portion of the solicitation that reasonably could be construed to specify a monetary amount due and payable by the recipient. It must not be preceded, followed, or surrounded by words, symbols, or other matter that reduces its conspicuousness or that introduces, modifies, qualifies, or explains the required text, such as "Legal Notice Required by Law."
If you get a solicitation that looks like a bill, and you don't see those disclaimers in huge type, contact the U.S. Postal Inspection Service.
This is exactly as if you were subscribed to e.g Sprint as your long distance carrier, and then all of a sudden you start getting "past due" bills from MCI.
1) MCI has NO BUSINESS sending me "bills".
2) It's deceptive.
3) It's illegal.
4) The FTC *has* spanked companies over issues like this.
Why should verisign get away with it, just because "others do it too"?
Using that logic, M$ should be let off the hook just because "other companies violate federal law too".
Just because others do it doesn't mean it's OK for verisign to do it too.
Every registrar using these deceptive and illegal practices should be fined and/or shutdown by the FTC.