Chose your color

Frequently visited

Frequently asked questions

  • I am looking for a domain name registrant. Where can I look it up?

    The Whois is an easy-to-use tool for checking the availability of a .nl domain name. If the domain name is already taken, you can see who has registered it.

    On the page looking up a domain name you will find more information about what a domain name is, how the Whois works and how the privacy of personal data is protected. Alternatively, you can go straight to look for a domain name via the Whois.

  • I would like to transfer my domain name to another registrar. What is the procedure?

    To get your domain name transferred, you need the token (unique ID number) for your domain name. Your existing registrar has the token and is obliged to give it to you within five days, if you ask for it. The procedure for changing your registrar is described on the page transferring your domain name.

  • The details registered about me/my company are incorrect or out of date. How can I get them updated?

    To update the contact details associated with your domain name, you need to contact your registrar. Read more about updating contact details.

  • Why is my domain name in quarantine?

    When a domain name is cancelled, we aren't told the reason, so we can't tell you. You'll need to ask your registrar. The advantage of quarantine is that, if a name's cancelled by mistake, you can always get it back.

    One common reason is that the contract between you and your registrar says you've got to renew the registration every year. If you haven't set up automatic renewal and you don't renew manually, the registration will expire.

  • Ik heb een klacht over mijn provider/registrar. Kan ik daarvoor bij SIDN terecht?

    Wanneer je een klacht hebt over of een geschil met je registrar dan zijn er verschillende mogelijkheden om tot een oplossing te komen. Hierover lees je meer op pagina klacht over registrar. SIDN heeft geen formele klachtenprocedure voor het behandelen van een klacht over jouw registrar.

  • What conditions do I have to meet as a registrar?

    Would you like to be able to register domain names for customers or for your own organisation by dealing directly with SIDN? If so, you can become a .nl registrar. Read more about the conditions and how to apply for registrar status on the page becoming a registrar.

More frequently asked questions

What is typosquatting?

Asian man looks worried on mobile as fraud has been committed against his domain name

Typosquatting is a form of cybersquatting, which exploits the fact that people often make slips when typing domain names. It targets people who reach sites by typing an address into their browser’s search bar, rather than using a search engine, and people who are sent phishing mail.

If someone gets the address they are typing wrong, or someone makes the mistake of clicking a link in a phishing mail, they will often find themselves looking at a website that’s almost identical to the site they were expecting to see. Typosquatters will even go as far as to copy the logo and house style of the spoofed website, to make visitors think they’re looking at the real thing. The deceptive tactics are aimed at tricking people into giving personal information.

Another thing scammers often do is tempt the people they lure to their site to pay for products or services, which are never actually provided. As well as hitting the innocent people who are tricked out of money and information, typosquatting affects the organisations whose sites are spoofed, because victims will often complain to them.

A less harmful version of typosquatting involves the user landing on a page full of adverts. In cases like that, the typosquatter is exploiting the popularity of a legitimate site and earning revenue from advertisers who pay on the basis of how often their ads are seen – even if the viewers have been tricked into seeing them.

What's the difference between cybersquatting and typosquatting?

  • Cybersquatting

    is a general term for registering domain names deliberately chosen because of their similarity to the domain names used by prominent people and brands.

  • Typosquatting

    is a form of cybersquatting that involves the registration of domain names based on common misspellings with the aim of misleading people.

Examples of typosquatting

Google and goggle.com

Google holds more than 14 distinct .com domain names that all redirect to google.com, including gogle.com and googlr.com. They were registered after Google was confronted by a typosquatting problem in 2000. A phishing website was put up at goggle.com, whose URL was very similar to Google’s.

Trade journals and phishing sites

The registration of domain names resembling the names of prominent trade journals and other media outlets is a growing trend in phishing. It involves cybercriminals registering domain names matching the names of well-known trade journals and other outlets that often report on a particular company, e.g. a financial journal that often writes about banks. The scammers then post spoof articles containing links to fake web pages resembling pages on a genuine bank’s website. The thinking behind the tactic is to avoid the need for a domain name resembling the bank’s name, which might well catch the attention of anti-abuse scanners. Without a name like that, the scammers have a better chance of being able to get on with their activities unnoticed. Unfortunately, many businesses focus on monitoring their own domain names, and forget about the domain names of trade journals and other media outlets, leaving them vulnerable to this kind of phishing.

One variant of the model that’s currently on the rise involves the publication of fake news bulletins on websites, alongside real articles. For example, sites have been found that are exact copies of news sites. An article will then suddenly appear on the site’s front page, falsely claiming that the CEO of a listed company has committed fraud, or that the company itself is having legal problems. Links to the fake article are then shared using various channels. If enough people are taken in, the targeted company’s share price will tumble. And, of course, the person behind the fake news site has gambled on that outcome on the stock market.

Types of typosquatting

Imitators

An imitation website uses the logo, house style, colour scheme and layout of the original website (e.g. a well-known insurance company). The idea is to trick people into entering their login details, which are then harvested for abusive purposes.

Bait-and-switch

A bait-and-switch site imitates a legitimate website and offers the same products. Visitors are lured into paying for things, thinking that they’re ordering from the real site, but their purchases never arrive.

Surveys and competitions

Internet users who make a slip when typing a domain name, or who click on a phishing link, are directed to a website that pretends to be a customer feedback site. However, it’s actually a site designed to harvest data for use in identity theft scams.

Mock websites

Mock websites ridicule or make fun of the website that the internet user was trying to reach. They are often set up by people wanting revenge. For example, the animal rights organisation PETA was targeted by a typosquatter who registered the domain name peta.org. The squatter used the name for a website called People Eating Tasty Animals, with links to other sites selling meat and leather products.

How can you spot typosquatting?

Typosquatted domains usually have various telltale characteristics:

  • Typos and spelling errors: as in goggle.com and gooogle.com.

  • Other extensions: such as .nl, .com or .net, e.g. nike.org instead of nike.com.

  • Alternative spellings: typically involves using a British spelling instead of a US spelling, or vice-versa, e.g. program instead of programme.

  • Not registered to the right organisation: with .nl domain names, you can check who the registrant is at

    https://www.sidn.nl/whois.

How can you prevent typosquatting?

Register variants of your domain name

If you don’t want cybersquatters to register domain names that look like yours, it’s important to register some obvious variants yourself. Variants to consider include alternative spellings of your name, versions with hyphens added or removed, and the same name with other extensions.

Keep track of your own domain names

Many large organisations have extensive domain name portfolios. Sometimes, that leads to some names being forgotten about, or to the organisation losing track of names registered by someone who has left. It’s not unusual for such domain names to remain known to internal mail servers and applications. With the result that a criminal who gets control of one can use it to gain access to company systems, for example. Good domain name portfolio management and usage monitoring are therefore vital for all organisations.

Use extended-validation TLS certificates

An extended-validation (EV) SSL certificate is a vital addition to your website. As well as showing that your site is legitimate, it serves to protect your user data. With an EV certificate, the user can be confident that they are looking at your actual, secure website, because typosquatted sites rarely have certificates of this type. Many do have certificates, but the anonymous type that don’t cost anything and can be obtained without proving your identity. However, many legitimate small businesses prefer to use free certificates, which only assure the user that they are on a site linked to the right domain. Only 1 in 10 small businesses have EV certificates. Read more about the various types of certificate.

SIDN BrandGuard

SIDN BrandGuard is a monitoring service featuring a personalised dashboard. You get an immediate notification whenever a domain name based on a typo of your brand name, or otherwise similar to it, is registered. That enables you to take prompt action to prevent typosquatting, domain name fraud, invoice fraud and CEO fraud.

SIDN BrandGuard also enables you to keep tabs on all your organisation’s registered domain names and see which of your partners are using your brand. So that you retain a proper overview of the digital landscape.

Read more about SIDN BranGuard