I am looking for a domain name registrant. Where can I look it up?
The Whois is an easy-to-use tool for checking the availability of a .nl domain name. If the domain name is already taken, you can see who has registered it.
On the page looking up a domain name you will find more information about what a domain name is, how the Whois works and how the privacy of personal data is protected. Alternatively, you can go straight to look for a domain name via the Whois.
I would like to transfer my domain name to another registrar. What is the procedure?
To get your domain name transferred, you need the token (unique ID number) for your domain name. Your existing registrar has the token and is obliged to give it to you within five days, if you ask for it. The procedure for changing your registrar is described on the page transferring your domain name.
The details registered about me/my company are incorrect or out of date. How can I get them updated?
To update the contact details associated with your domain name, you need to contact your registrar. Read more about updating contact details.
Why is my domain name in quarantine?
When a domain name is cancelled, we aren't told the reason, so we can't tell you. You'll need to ask your registrar. The advantage of quarantine is that, if a name's cancelled by mistake, you can always get it back.
One common reason is that the contract between you and your registrar says you've got to renew the registration every year. If you haven't set up automatic renewal and you don't renew manually, the registration will expire.
Ik heb een klacht over mijn provider/registrar. Kan ik daarvoor bij SIDN terecht?
Wanneer je een klacht hebt over of een geschil met je registrar dan zijn er verschillende mogelijkheden om tot een oplossing te komen. Hierover lees je meer op pagina klacht over registrar. SIDN heeft geen formele klachtenprocedure voor het behandelen van een klacht over jouw registrar.
What conditions do I have to meet as a registrar?
Would you like to be able to register domain names for customers or for your own organisation by dealing directly with SIDN? If so, you can become a .nl registrar. Read more about the conditions and how to apply for registrar status on the page becoming a registrar.
How to recognise, prevent and respond to CEO fraud
CEO fraud is on the rise in the Netherlands
Monday 30 July 2018
An estimated 12.5 billion dollars has been lost to CEO fraud around the world, according to the FBI. That figure covers the period from October 2013 to May 2018 and was calculated from the US law enforcement agency's own data and crime statistics from other countries. A total of 78,000 incidents were recorded, involving 12.5 billion dollars. In the Netherlands, CEO fraud is a relatively new phenomenon, but on the rise. The precise scale of the problem is unclear, because many companies keep quiet for fear of reputational damage. What you can be sure of is that it pays to understand the risks and protect against them.
CEO fraud usually starts with a fake e-mail, which appears to come from one of the organisation's senior managers. In it, the 'manager' will instruct someone lower down in the company to urgently arrange a large payment, typically to a foreign bank account. If the recipient hesitates, there may be a follow-up phone call from a fake law firm or the like. Convinced by the body of correspondence and calls, the victim makes the payment in good faith.
Characteristics of CEO fraud
Fake e-mail sent from a lookalike domain name or a spoofed e-mail address
Direct 'contact' from the CEO of CFO
Mail often sent to someone who doesn't know the CEO or CFO personally
Many targets are large/international companies with newly appointed CEOs
Messages include genuine details, e.g. the names of people who work with the recipient
An exceptional transaction requiring departure from standard procedure
Need for confidentiality and urgency is stressed
Recipient is new and often unsure how things work
*Spoofing involves sending e-mail that appears to come from someone else (in this case, the CEO).
'We won't fall for anything like that'
No one who gets hit by CEO fraud ever imagines that it could happen to them. In many cases, the fraud isn't discovered until it's too late to intervene, and the money is never recovered. To stand any chance of rescuing the situation, the scam has to be detected within a few hours.
If you find you've paid a scammer
Step 1: Tell your bank. If you're quick, they might be able to freeze the payment. Many CEO frauds involve international payments and there's a short time lag before an international payment goes through. Unfortunately, however, domestic transactions can't usually be reversed. And receiving banks tend to be reluctant to intervene.
Step 2: Contact the payee's bank. Perhaps they'll be willing to help.
Step 3: Report the matter to the police.
Preventing CEO fraud
You can reduce the risk of falling victim by taking preventive measures:
Put CEO fraud on the organisation's agenda and get people talking about it.
Tell staff never to be overawed by the status of the person making a payment request.
Check payments by contacting recipients.
Put clear payment procedures in place.
Make sure everyone knows who is allowed to initiate payments.
Ensure that significant payments always require more than one person's approval.
Never make exceptions.
Preventing abuse of your domain name
Scammers can sometimes spoof the e-mail addresses of CEOs and other executives. A spoof e-mail appears to come from the real address of the impersonated individual. That's done by falsifying certain fields in the message, such as 'From', 'Return-Path' and 'Reply-To'. Fortunately, there are open standards that protect against e-mail abuse: DKIM, SPF and DMARC. The standards are normally used together to verify the sender and the sending host, and to check that the message content hasn't been modified in transit. For the highest level of protection, we strongly recommend using DNSSEC as well. DNSSEC is a security system for the DNS. Many e-mail packages already make use of DKIM, SPF and DMARC.
You can find out whether your domain name supports the recommended standards by visiting internet.nl. For advice on making your domain name and e-mail service more secure, it's usually best to contact your internet service provider or to put them in touch with your system administrator.
Finally, you can use our SIDN BrandGuard to keep an eye on your internet brand day and night. As soon as anyone registers a domain name similar to your brand name or domain name, we'll alert you. You can also use the service to get an idea whether a suspect domain name is being use for phishing or malware. So you can quickly take appropriate action.
