Chose your color

Frequently visited

Frequently asked questions

  • I am looking for a domain name registrant. Where can I look it up?

    The Whois is an easy-to-use tool for checking the availability of a .nl domain name. If the domain name is already taken, you can see who has registered it.

    On the page looking up a domain name you will find more information about what a domain name is, how the Whois works and how the privacy of personal data is protected. Alternatively, you can go straight to look for a domain name via the Whois.

  • I would like to transfer my domain name to another registrar. What is the procedure?

    To get your domain name transferred, you need the token (unique ID number) for your domain name. Your existing registrar has the token and is obliged to give it to you within five days, if you ask for it. The procedure for changing your registrar is described on the page transferring your domain name.

  • The details registered about me/my company are incorrect or out of date. How can I get them updated?

    To update the contact details associated with your domain name, you need to contact your registrar. Read more about updating contact details.

  • Why is my domain name in quarantine?

    When a domain name is cancelled, we aren't told the reason, so we can't tell you. You'll need to ask your registrar. The advantage of quarantine is that, if a name's cancelled by mistake, you can always get it back.

    One common reason is that the contract between you and your registrar says you've got to renew the registration every year. If you haven't set up automatic renewal and you don't renew manually, the registration will expire.

  • Ik heb een klacht over mijn provider/registrar. Kan ik daarvoor bij SIDN terecht?

    Wanneer je een klacht hebt over of een geschil met je registrar dan zijn er verschillende mogelijkheden om tot een oplossing te komen. Hierover lees je meer op pagina klacht over registrar. SIDN heeft geen formele klachtenprocedure voor het behandelen van een klacht over jouw registrar.

  • What conditions do I have to meet as a registrar?

    Would you like to be able to register domain names for customers or for your own organisation by dealing directly with SIDN? If so, you can become a .nl registrar. Read more about the conditions and how to apply for registrar status on the page becoming a registrar.

More frequently asked questions

Fake buyer fraud: scammers get hold of goods by posing as genuine buyers

"The crooks had created a website that looked very like ours"

Close-up of horse hooves
  • Thursday 10 October 2024

More and more businesses are being affected by online scams – many involving domain names very like the names of trusted brands. One common racket is 'fake buyer fraud', where crooks try to get goods sent to them without paying, by stealing the identities of legitimate buyers. Livery stable proprietor Jeffrey* fell victim to a fake buyer fraud not long ago. Using e-mail addresses based on domain names very like Jeffrey's own website address, scammers placed fake orders in his business's name.

How it all began

Jeffrey first discovered that something was wrong when he got a call from a webshop. Someone had ordered 4,000 euros-worth of jewellery in the name of Jeffrey's business. "The webshop called to check, because of the value of the order," he recalls. "Of course, we knew nothing about an order. I run a livery stable, so the business has absolutely no need for jewellery, and would certainly never place an order that big." Not long afterwards, packages started arriving, which no one at Jeffrey's stables had ordered. The scammers had apparently taken his business's Trade Register number and VAT number from his website, then used them in combination with a domain name very like his own to place orders with all sorts of companies. The crooks had gone after things they could resell quickly, such as jewellery, high-grade tools and expensive lighting equipment. Many of the suppliers had fallen for the scam and sent the goods to an address that had nothing to do with the stables.

Fighting back

Fortunately, the cyber-crooks made a mistake: they got one package delivered to the stables. When it arrived, Jeffrey contacted the webshop that had sent it, leading him to realise what was happening and report the matter to the police. Although the police didn't have the capacity to investigate fully, Jeffrey wasn't willing to drop it. With the help of some techie friends, he traced the IP address used to place the orders.

"The crooks had created a website that looked very like ours, complete with a lookalike domain name and a contact e-mail address similar to the one we use," continues Jeffrey. "They then used their lookalike domain to send e-mails and place orders. I'm pleased to say that we managed to get the site blocked by approaching the hosting service provider in line with the Notice and Take Down Procedure."

Damage mitigation

Jeffrey's alertness and speedy response meant that the scam was stopped before even worse damage could be done. One of the fraudulent orders went to Jeffrey himself because the scammers failed to change the delivery address. In a few other cases, orders weren't fulfilled because the suppliers called to check, sensing that something didn't look right.

Regrettably, though, there may well be other webshops that Jeffrey doesn't yet know about, which did send valuable goods straight to the crooks. Jeffrey passed everything on to the police, but isn't hopeful that much will come of it. "The police simply don't have enough people to tackle crimes like this. We gave them all they needed to build a case: IP addresses, web addresses and order information. But incidents like this often aren't properly investigated."

Preventing future problems

Jeffrey has since taken a range of precautions to reduce the risk of anything similar happening again. He nevertheless recognises that complete protection is hard to achieve. Businesses are legally obliged to publish details such as their Trade Register numbers and VAT numbers, so scammers have easy access to much of the information they need. "One thing we have done is to put a notice on our website saying that we send e-mail only from a particular mail domain. So, if a message with our name on it comes from another domain, it's likely to be a scam."

What can you do to protect against fake buyer fraud?

Tanya Wijngaarde from Fraudehelpdesk.nl makes the point that fake buyer fraud involves the unauthorised use of a business's name. "Business name abuse can take many forms," she says. "In cases like this, where fraudulent orders are placed, supposedly on behalf of a business, that business's brand name and logo are generally used. The fraudster then gets the goods, while the targeted business gets the bill."

"Preventing scams like that is difficult. However, one thing you can do is set up a Google alert or a Talkwalker alert for your business's name. Then you'll be notified whenever the name of your business appears online. You can also take a few technical precautions to prevent your web pages being copied – or at least make sure you're informed if any facsimile pages appear on the web. I would advise contacting an IT specialist about that sort of thing. If it's clear that your business name is being abused, it's important to act immediately to get the abusive website taken down by the host – the firm whose servers are used to put the site online. For that, it's good to have screenprints of the fake website. If the problem site has a .nl address, you can ask SIDN to disable the relevant domain name, on the grounds that the site is a forgery of your own. If the problem site uses some other extension, you can make a similar request through https://whois.com. It's also a good idea to follow Jeffrey's example and put a notice up on your website warning customers. For additional information and personal advice, businesses can contact the Fraud Help Desk."

*For privacy reasons, we've changed the victim's real name.