Chose your color

Frequently visited

Frequently asked questions

  • I am looking for a domain name registrant. Where can I look it up?

    The Whois is an easy-to-use tool for checking the availability of a .nl domain name. If the domain name is already taken, you can see who has registered it.

    On the page looking up a domain name you will find more information about what a domain name is, how the Whois works and how the privacy of personal data is protected. Alternatively, you can go straight to look for a domain name via the Whois.

  • I would like to transfer my domain name to another registrar. What is the procedure?

    To get your domain name transferred, you need the token (unique ID number) for your domain name. Your existing registrar has the token and is obliged to give it to you within five days, if you ask for it. The procedure for changing your registrar is described on the page transferring your domain name.

  • The details registered about me/my company are incorrect or out of date. How can I get them updated?

    To update the contact details associated with your domain name, you need to contact your registrar. Read more about updating contact details.

  • Why is my domain name in quarantine?

    When a domain name is cancelled, we aren't told the reason, so we can't tell you. You'll need to ask your registrar. The advantage of quarantine is that, if a name's cancelled by mistake, you can always get it back.

    One common reason is that the contract between you and your registrar says you've got to renew the registration every year. If you haven't set up automatic renewal and you don't renew manually, the registration will expire.

  • Ik heb een klacht over mijn provider/registrar. Kan ik daarvoor bij SIDN terecht?

    Wanneer je een klacht hebt over of een geschil met je registrar dan zijn er verschillende mogelijkheden om tot een oplossing te komen. Hierover lees je meer op pagina klacht over registrar. SIDN heeft geen formele klachtenprocedure voor het behandelen van een klacht over jouw registrar.

  • What conditions do I have to meet as a registrar?

    Would you like to be able to register domain names for customers or for your own organisation by dealing directly with SIDN? If so, you can become a .nl registrar. Read more about the conditions and how to apply for registrar status on the page becoming a registrar.

More frequently asked questions

Cloaking: a disturbing new phishing trend

Cybercriminals are hiding their phishing sites to maximise profits

Smartphone with an email icon on the screen with a fishing hook through it.

Cybercriminals are becoming more and more inventive with their phishing tactics. In recent years, the methods used to detect phishing sites have improved considerably – pushing scammers to adopt combinations of avoidance tricks. They'll make sites visible only from certain locations, for example, or only from mobile devices, so that the authorities and hosting service providers can't easily see them. Known as 'cloaking', such techniques represent a challenge to global efforts to clamp down on phishing.

What is cloaking?

Cloaking is a general term that covers all the methods used to hide malicious content from everyone except the targets or intended victims. Its purpose is to maximise the length of time that a phishing site remains online. In that context, just a few extra hours can be important, because most phishing sites are nowadays taken down within a day. So delaying detection even briefly can significantly increase the number of people scammed and therefore the economic viability of the fraud.

Forms of cloaking

There are various forms of cloaking. The main 4 are:

1. User-agent cloaking

The tools used to detect online phishing are often recognisable. Scammers can therefore adapt their phishing sites so that they don't show malicious content to tools that scan their URLs.

2. Geolocated cloaking

Phishing content is shown only to visitors whose IP addresses are in certain geographical regions of the world. A detection tool operating elsewhere will therefore be unable to see the fraudulent content.

3. Timed cloaking

Making a phishing site visible only at certain times. For example, a scammer first mails a business, including a link to some legitimate content in the message. Because the material is harmless, the recipient's firewall allows delivery of the message. Then, on Monday morning, the scammer switches the content at the linked URL. So, when the recipient clicks the link, they see a phishing site.

4. Mobile-only cloaking

Many scams are aimed exclusively at mobile users. If a PC is used to visit the phishing site, only legitimate content is visible. So, because anti-abuse personnel are typically using PCs, they don't see the malicious content when checking out the site.

What can be done about cloaking?

The use of cloaking by scammers means that anti-abuse teams and the authorities will have to upgrade their detection methods. For example, they'll need tools that perform additional checks, such as scans of both the desktop and mobile versions of a site, in case mobile-only cloaking is active. To address the problem of geolocated cloaking, sites will have to be scanned from multiple IPs, maybe using a VPN.

While such adaptations are feasible, they imply a substantial increase in the number of tests performed. When purchasing spam filters, firewalls and domain name monitoring tools, it's therefore a good idea to look at a product's or service's ability to cope with the various forms of cloaking and to process test data efficiently.

Article by:

Michiel Henneke

Michiel Henneke

Marketing Manager