IGF Workshop Focuses on Challenges and Opportunities in Combating Domain Name System Abuse

INTA recently hosted an Internet Governance Forum (IGF) workshop called Domain Name System (DNS) Abuse: Defined and Experienced. The event took place in Riyadh, Saudi Arabia, and online, in December last year.

The panel was moderated by Internet Committee member Alexis Douglas (K+L Gates, USA), with panelists Dr. Sameh Abdel Rahman Ahmed (Egypt’s National Telecom Regulatory Authority), Tara Harris (Prosus Services, the Netherlands), and Emerging Issues Committee member Daniel Zohny (Abion, Switzerland).

The workshop’s objectives were to:

1. Outline the importance of access to accurate WHOIS data to allow the Internet community to act against domain name registrants involved in deceptive and abusive activities;
2. Highlight the need for more consistent policies that make domain name registrants accountable; and
3. Emphasize the need for cost-effective and fast-acting tools that allow brand owners, governments, and other involved parties to act quickly.

Panelists shared definitions of “DNS abuse” from the EU Commission, the Internet Corporation for Assigned Names and Numbers (ICANN) Registry Agreement, DNS Abuse Institute, ICANN’s Business Constituents, and INTA to categorize the differences throughout the industry and emphasize the need for a broader definition.

The workshop focused on INTA’s definition of DNS abuse, which is broader and more inclusive, defining DNS abuse as any activity that makes use, or intends to make use, of domain names, the DNS protocol, or any digital identifiers that are similar in form or function to domain names to carry out deceptive, malicious, or illegal activity.

The panel then presented the history of DNS abuse, including early examples of domain extortion. Historically, brands would register a .COM domain and someone else would register the brand in a different top-level domain (TLD) with the intention of selling the domain back to the brand owner. An example of domain extortion referenced during the panel involved the registration of a .GG domain needed by FIFA. The domain registrant sought US $17 million from FIFA to recover the domain. However, FIFA was able to use ICANN’s Uniform Domain-Name Dispute Resolution Policy (UDRP) process to recover the domain.

The panel also covered newer, more sophisticated forms of domain abuse, including:

1. Typosquatting: using domains with common misspellings of well-known brands that direct consumers to fraudulent websites. Typosquatters use the fraudulent webpages to provide an air of legitimacy to their scams and to gain financial institution information from the consumer;
2. Deep fakes: using artificial intelligence to create convincing but false content on fraudulent websites. The use of deep fakes is often what engages consumers on fake websites; and
3. Impersonation issues: creating fake job postings to lure people and steal their personal information. Scammers register domain names and create websites with fake job postings to lure people and get their contact information as they apply for the nonexistent job.

Due to a lack of Internet literacy among the general public, these scams are easy to execute, and many consumers have lost money. The issue may become more widespread as the Internet expands to more unsophisticated users in new geographic locations.

The primary challenge with combating these issues is the inability to quickly take down abusive domains. The speed of domain suspension depends on the company, host, and registrar, often relying on the UDRP process. Smaller companies may struggle to know where to start, while larger companies, despite having more resources, face greater potential harm and time pressure. Also, the host and/or registrar’s policies and takedown procedures impact responsiveness to takedown or suspension requests. Most registrars/hosts understand abuse and have trust and safety teams that monitor many forms of abuse at all times.

The panel received feedback from participants who noted that the Internet community uses different processes to combat abuse, creating inconsistencies in reporting and eliminating DNS abuse.

Participants also shared that ICANN now has tools to hold registrars accountable for phishing scams and can withdraw accreditation from noncompliant registrars.

Representatives from country code top-level domain (ccTLD) registries, including from the United Kingdom and Vietnam, shared feedback about their own mechanisms that have helped mitigate DNS abuse. These ccTLD frameworks for combating DNS abuse should be analyzed in greater detail and potentially proposed as models or required mechanisms for all registries/registrars to follow. However, the ccTLD registries cannot address abuse that involves generic TLDs and are looking for solutions to offer their customers when abuse issues are raised.

INTA Consultant Charles Shaban supports the Association’s members across the Middle East. In collaboration with the staff at INTA’s headquarters in New York City and Representative Offices around the world, Mr. Shaban works on the Association’s policy, membership, marketing, and communications initiatives in the region. To learn more about INTA’s activities in the Middle East, please contact INTA Consultant Charles Shaban.

Although every effort has been made to verify the accuracy of this article, readers are urged to check independently on matters of specific concern or interest.

© 2025 International Trademark Association