Chose your color

Frequently visited

Frequently asked questions

  • I am looking for a domain name registrant. Where can I look it up?

    The Whois is an easy-to-use tool for checking the availability of a .nl domain name. If the domain name is already taken, you can see who has registered it.

    On the page looking up a domain name you will find more information about what a domain name is, how the Whois works and how the privacy of personal data is protected. Alternatively, you can go straight to look for a domain name via the Whois.

  • I would like to transfer my domain name to another registrar. What is the procedure?

    To get your domain name transferred, you need the token (unique ID number) for your domain name. Your existing registrar has the token and is obliged to give it to you within five days, if you ask for it. The procedure for changing your registrar is described on the page transferring your domain name.

  • The details registered about me/my company are incorrect or out of date. How can I get them updated?

    To update the contact details associated with your domain name, you need to contact your registrar. Read more about updating contact details.

  • Why is my domain name in quarantine?

    When a domain name is cancelled, we aren't told the reason, so we can't tell you. You'll need to ask your registrar. The advantage of quarantine is that, if a name's cancelled by mistake, you can always get it back.

    One common reason is that the contract between you and your registrar says you've got to renew the registration every year. If you haven't set up automatic renewal and you don't renew manually, the registration will expire.

  • Ik heb een klacht over mijn provider/registrar. Kan ik daarvoor bij SIDN terecht?

    Wanneer je een klacht hebt over of een geschil met je registrar dan zijn er verschillende mogelijkheden om tot een oplossing te komen. Hierover lees je meer op pagina klacht over registrar. SIDN heeft geen formele klachtenprocedure voor het behandelen van een klacht over jouw registrar.

  • What conditions do I have to meet as a registrar?

    Would you like to be able to register domain names for customers or for your own organisation by dealing directly with SIDN? If so, you can become a .nl registrar. Read more about the conditions and how to apply for registrar status on the page becoming a registrar.

More frequently asked questions

Is CEO fraud an underestimated threat?

Business people aren't much worried, despite major incidents

  • Tuesday 2 June 2020

At the end of March, we surveyed security perceptions in the Dutch business community. Amongst the 577 businesspeople who completed our questionnaire, there was a striking rise in the perceived threat from ransomware. In the wake of a high-profile incident at Maastricht University, ransomware shot to top spot in the list of worrying forms of cybercrime. By contrast, CEO fraud was barely seen as a threat, despite various cases making the news. That begs the question why.

What form of cybercrime do you see as the biggest threat to your business?(n=577)

Ransomware

22%

Data breaches

15%

Malware/viruses

14%

Theft of IP/customer data

10%

DDoS attack

10%

Phishing

8%

Commercially sensitive data loss

6%

Identity fraud

3%

Spam

3%

CEO fraud

1%

Defacing

1%

CEO fraud is popular with scammers

A secure .nl domain. Our role. Watch out for CEO fraud during the crisis SIDN and Currence team up to fight fake webshops Cybersecurity more important than ever for the business community

To pull off a CEO fraud, a scammer doesn't need to do any hacking; they just need to pretend to be someone else. They don't even have to expose themselves to detection by creating a fake website, as required for phishing. In fact, they can set up their fraudulent domains so that they redirect to the website of the legitimate organisation they're pretending to represent. So, if someone gets a scam mail and visits the matching web address to check it out, they see a reassuring homepage and may well conclude that the sender is for real. Many won't realise that they've been redirected.

CEO fraud isn't a major worry for most

CEO fraud is a form of cybercrime where crooks con an organisation's staff into making payments by sending mail in which they pose as an executive. The strategy relies on 'social engineering' – getting the victim's active involvement – rather than a direct assault on the victim's systems. As a result, it's a low priority for many system-focused security teams.

Human-centred cybercrime seen as less threatening

People in the business community worry mainly about 'technical' threats, such as malware. Threats like that are hard to assess or influence. Human-centred crime often seems less threatening: when social engineering is involved, people tend to think that the victim has been gullible, and that they themselves would never fall for anything similar. Unfortunately, that's exactly why CEO fraud is a threat.

Most cases aren't made public

CEO fraud is clearly a problem, but just how common is it? The way that victims are viewed means that most cases are never made public. Admitting to being a victim of cybercrime is just about acceptable, but admitting that your staff fell for a scam is a step too far for most organisations. The rapid growth of interest in e-mail security standards and domain name monitoring is a good indicator that (attempted) CEO fraud is much more common than public data suggests. After all, standards and monitoring are good tools for reducing vulnerability to the scams.

Wehkamp case is evidence of scammers' sophisticated tactics

From the cases that have been made public, we know that even highly professional organisations can fall victim to CEO fraud. Incidents involving Pathé, the Rijksmuseum Twenthe and most recently Wehkamp show that crooks often do careful research and use sophisticated tactics. For the Wehkamp fraud, scammers got hold of the real reference numbers of cases handled by the lawyers they impersonated.

Details of the incident would never have reached the outside world, if the victims hadn't started legal proceedings. That's understandable, but unfortunate, because the prevention of CEO fraud depends on the problem being acknowledged. Acknowledgement is the starting point for raising awareness and educating the staff who might get targeted.