Update spoof invoices

Published on: Friday 18 July 2014

We recently reported that two firms – NL Domein Host and Domeinhost Nederland – were sending out ‘spoof invoices’. We are advising anyone who receives a spoof invoice not to pay it. However, we have been unable to establish that the two firms are doing anything unlawful, which would allow us to intervene directly.

What SIDN has done so far

We believe that the practices of NL Domein Host and Domeinhost Nederland are undesirable and that they detract from the trustworthiness of the .nl domain and our registrars. Over the last few days, we have therefore taken action to minimise the undesirable effects of the two firms’ activities. The steps we have taken are as follows:

Registrar approached

The firms’ domain name and website are registered and hosted by a .nl registrar. We have approached the registrar in question and asked for action to be taken against NL Domein Host and Domeinhost Nederland as a matter of urgency.

Website user approached

We have additionally written to the user of the website, highlighting the matter of the spoof invoices and asking that appropriate action is taken.

Advertising Fraud Support Centre contacted

We have been in touch with the Advertising Fraud Support Centre to exchange information and experience.

Registration and legality checked

We have established that the domain name used by the two firms was correctly registered. The content of the website has been examined and appears to be legal. We nevertheless regard the covering e-mail and spoof invoice associated with the website as undesirable.

What can you do?

Don’t pay the invoice

We advise anyone who receives an invoice from NL Domein Host and/or Domeinhost Nederland not to pay it.

Report the matter

We suggest that you report any spoof invoice you receive to one of the following organisations:

  • The Advertising Fraud Support Centre (fraudemeldpunt.nl)
  • The registrar that acts for NL Domein Host and Domeinhost Nederland

Pooling evidence about multiple cases makes it easier to tackle the abuse.

Comments

  • Thursday 5 April 2018 Knowledge bank

    Centralised DNSSEC validation on closed networks

    31 October 2012 The Authentic Data (AD) flag is used by caching DNS servers to indicate that they have validated the DNSSEC records. The idea is that the client doesn't then have to repeat the check. Use of the AD flag is, of course, safe only on a network where the security of the last mile is assured. Examples include company networks, campus networks and the closed networks belonging to internet access providers and mobile operators. On such networks, DNSSEC validation and DNS caching can be centralised on the recursive DNS servers.

    Afbeelding van Centralised DNSSEC validation on closed networks
    Read more
  • Tuesday 27 February 2018 .nl domain name

    A tale of two TLDs

    Marketing the .ca and .nl domains

    Afbeelding van A tale of two TLDs
    Read more
  • Tuesday 27 February 2018 Internet security

    DNSSEC-validating DNS service: successful pilot completed

    "It's high time access providers in the Netherlands enabled validation"

    Afbeelding van DNSSEC-validating DNS service: successful pilot completed
    Read more