One of my clients forwarded to me an email he received regarding the renewal of his domain name. The email had the appearance of an invoice for the renewal. The problem? The invoice was not from my client’s domain name registrar, but from a vendor that wants my client to transfer his domain away from his existing registrar.
How Does This Work?
If you have a web site, your web site has a registered domain name. That name (ending with a .com, .net, or another .something) has to be registered with an authorized domain name registrar, like Network Solutions or GoDaddy. There is an international body, ICANN, that is responsible for approving registrars for the “top level domain names.” ICANN acts as a coordinator to make sure that a particular domain name is controlled by one responsible registrar, who is the host for translating the domain name into an IP address, which your computer needs to find each internet site that you are trying to reach. Without such a coordination, the internet would likely stop functioning in that you would be unable to consistently find a web site when you went to visit it.
Underneath the covers, each time you go to visit a web site, your computer asks what the IP (internet protocol) address the domain name you’ve asked for translate to. For example, my domain, faithatlaw.com, has an IP address of 184.108.40.206. My computer finds this IP address by asking a domain name server close to it (usually on the same local area network as my computer). This local domain name server, in turn, asks itself whether it is an “authoritative” server for the domain name, and if not, asks a domain name server above it who is the authoritative server to tell it what the IP address for this domain name is. Most DNS servers have a list programmed into them of “root hint” or upstream servers to ask when the local server does not know. Ultimately, (and usually within a few seconds, which is kind of incredible, given that there are billions of computers on the worldwide internet), the local domain name server finds the address and tells my computer, 220.127.116.11. My computer, in turn, uses this information to point my web browser to where I was trying to go.
This architecture only works if there is one authoritative domain name server out on the internet. If there were many authoritative servers, each might have a different IP address for the same name, which would mean my question of where to go might be answered differently each time I asked it. Talk about mass confusion. So, if you own a domain, you registered it with a registrar. You pay a fee to have a registration. Usually you need to pay this fee annually.
The problem is that for many business owners, the registration is handled by a web developer, or was done years ago (because you can purchase a web site registration for several years at a time). It is easy, then, to forget about who you registered with when it comes time to renew your domain name. And then, it is even easier to be fooled into sending your credit card information to “Domain Services” (the originator of the spam that spurred this posting). One way to solve this is to setup your domain names to automatically renew with your current registrar. You can also determine who is your current registrar by performing a “WhoIs” query on your domain name. You can use this information to determine when your domain name is due to renew.
Be careful – the internet is a wild place. This is but one way to get into trouble!