SIDN at Zorg & ict 2026 to highlight the problem of care sector domain name abuse

Care institutions making progress

The investigation showed that care institutions have been making progress with their domain name management. The number of them that have registered multiple relevant variants of their domain names is up. From the conversations we had at Zorg & ict, it’s also clear that monitoring and security are receiving more attention. Many organisations are active in that area and asked us in-depth questions to support their efforts.

Scope for further improvement

Nevertheless, it’s clear that many care institutions still have little oversight of variants of their names registered by third parties. Yet it’s precisely those domain names that are often used for phishing or for misleading websites that exploit care institutions’ familiarity and trustworthy reputations. While many such sites turn out to be harmless, some are used for activities that threaten the security of the institutions in question and others linked to them.

Continuous process requiring attention

At Zorg & ict, Martijn Sanders, SIDN’s Product Owner Secure Domains & Brand Protection shared our survey results in 2 presentations. He focused particularly on how domain name abuse happens, what patterns we’ve observed in the care sector, and what institutions can do to reduce the risk. Martijn also stressed that domain name management isn’t a one-off initiative, but a continuous process that requires the attention of IT personnel and management.

On-stand demos

Visitors to our stand also had the opportunity to get practical information about their own organisation’s position, such as what domain names resembling their organisations’ names were in use. In many cases, the detected names were recognised by the visitors, providing a low-threshold starting point for discussions about responsibility, prioritisation and governance.

Widespread interest in the care sector

Dozens of care institutions asked for demos over the 3 days. From the resulting discussions, it’s clear that there is awareness of the domain name abuse issue in the care sector. However, responsibilities within organisations are often not clearly defined. Who’s responsible? When is intervention needed? And how does domain name management relate to other areas of digital risk management? It was encouraging to see that, as well as IT professionals, policy officers and managers wanted to talk about the subject. That underlines that domain name abuse isn’t an exclusively technical issue, but is relevant to various aspects of an organisation’s operations.

Structural approach needed

For attackers, care institutions are attractive targets, because of their importance to the community and the sensitivity of their communications. Domain name management therefore needs a structural approach within the wider field of digital resilience, alongside topics such as e-mail security and staff awareness.

The future

We’ll continue to monitor the abuse of care sector domain names, and we’ll share our findings in publications and at events. From the feedback received at Zorg & ict, it’s clear that people in the sector want factual information and practical advice. Domain names are a relatively small, yet critical element of a care institution’s digital infrastructure. And interest in good domain name management is growing. While that’s an important precondition for progress, it doesn’t guarantee a solution.

More information

Want to know what you can do about domain name abuse? Visit www.sidn.nl/en/product/sidn-brandguard and ask for a demo, or get in touch with our online brand protection specialist Peter Rotgans by calling +31 26 352 5555 or mailing peter.rotgans@sidn.nl.