Chose your color

Frequently visited

Frequently asked questions

  • I am looking for a domain name registrant. Where can I look it up?

    The Whois is an easy-to-use tool for checking the availability of a .nl domain name. If the domain name is already taken, you can see who has registered it.

    On the page looking up a domain name you will find more information about what a domain name is, how the Whois works and how the privacy of personal data is protected. Alternatively, you can go straight to look for a domain name via the Whois.

  • I would like to transfer my domain name to another registrar. What is the procedure?

    To get your domain name transferred, you need the token (unique ID number) for your domain name. Your existing registrar has the token and is obliged to give it to you within five days, if you ask for it. The procedure for changing your registrar is described on the page transferring your domain name.

  • The details registered about me/my company are incorrect or out of date. How can I get them updated?

    To update the contact details associated with your domain name, you need to contact your registrar. Read more about updating contact details.

  • Why is my domain name in quarantine?

    When a domain name is cancelled, we aren't told the reason, so we can't tell you. You'll need to ask your registrar. The advantage of quarantine is that, if a name's cancelled by mistake, you can always get it back.

    One common reason is that the contract between you and your registrar says you've got to renew the registration every year. If you haven't set up automatic renewal and you don't renew manually, the registration will expire.

  • Ik heb een klacht over mijn provider/registrar. Kan ik daarvoor bij SIDN terecht?

    Wanneer je een klacht hebt over of een geschil met je registrar dan zijn er verschillende mogelijkheden om tot een oplossing te komen. Hierover lees je meer op pagina klacht over registrar. SIDN heeft geen formele klachtenprocedure voor het behandelen van een klacht over jouw registrar.

  • What conditions do I have to meet as a registrar?

    Would you like to be able to register domain names for customers or for your own organisation by dealing directly with SIDN? If so, you can become a .nl registrar. Read more about the conditions and how to apply for registrar status on the page becoming a registrar.

More frequently asked questions

Make sure your staff don't fall for phishing scams

Five basic e-mail safety rules

Close-up of a monitor with a mouse pointer hovering over the spam folder in a mailbox.
  • Monday 2 November 2020

Many successful hacks still start with phishing scams

Phishing certainly isn't a new threat. But it is an urgent one. Over the years, cyber-crooks have professionalised their activities, making it increasingly easy for them to mount large-scale attacks. Their tactics are more and more cunning too, so that even experts can find it hard to spot the scams. Several recent studies, including one by Verizon, have highlighted how successful hacks usually start with phishing. Consequently, phishing remains a bigger problem than ever, despite the growing availability of anti-phishing solutions. So what's behind that startling observation?

Raising awareness

Many businesses struggle with the technical aspects of cybersecurity, and security experts are scarce and expensive. Against that background, it's easy to see why so many organisations still find it hard to achieve a basic level of security. Awareness training is different, though. It's a solution that everyone can understand, but is extremely effective and cost-efficient. Most organisations can easily make themselves more resilient by giving their staff regular awareness training.

Why is anti-phishing training so important? Check out the facts and figures!

Attack frequency differs from one industry to the next. However, 88 per cent of organisations worldwide reported getting phishing mail in 2019 (DBIR, Verizon), and in 55 per cent of cases, the attacks succeeded. The situation is particularly bad in the United States, where 65 per cent of phishing scams worked.

For the vast majority of phishers (96 per cent), e-mail is the chosen medium. However, malicious websites are sometimes used as well (3 per cent) and occasionally scammers make contact by phone.

Clearly, therefore, it's vital to draw everyone's attention to the threat posed by phishing, especially e-mail based phishing, and to keep reminding them.

Five basic rules you can share with your staff tomorrow:

  1. Be especially cautious about messages that appeal to the emotions. Words such as urgent, priority, attention, request, important, payment and required should be treated as 'red flags'.

  2. Got a feeling something might be fishy? Check the sender's e-mail address before clicking any links or passing on information. That's extra important if the sender is a trusted brand, a prominent individual and/or a manager. To check an address, simply hover on the sender's name – position your mouse pointer on the name without clicking.

  3. Check where links in e-mails actually lead. The text in a link doesn't always match the URL that it points to. To reveal the URL, hover over the link. Not sure about a link? Don't click it!

  4. Before entering data on a website, make sure that the site's address matches the organisation you think you're dealing with. Also, check that the site's secure by looking for the padlock symbol in your browser's address bar.

  5. Finally, remember: reputable brands and professionals won't ever ask you to share sensitive, personal information. If you do get asked for info, contact the company or individual in question via another channel to make sure the request is genuine.

Any employer who keeps reminding their staff about those five rules is well on their way to increased cyber-resilience. Repetition is vital, because it's normal for people to gradually get more relaxed about a threat. Hackers know that and try to strike just when they think people might have lowered their guard. So they'll pick up on current events, by for instance sending messages about the coronavirus pandemic or trending conspiracy theories.

Do regular phishing tests

A phishing simulation works best if no one, including you, knows exactly what to expect and when. So it makes sense to leave testing to an external service provider. That way, you know the tests will be frequent enough, and you'll get proper reports telling you and your staff how well prepared you are. Also, it's no bad thing to include a play element if that helps to raise awareness of the phishing threat.

Close-up of a monitor with a mouse pointer hovering over the spam folder in a mailbox.