Some 29,000 UK web domains suspended for criminal activity

The number of .uk web domains suspended for criminal activity fell to 28,937 from 32,813 in the 12 months to October 2019, according to the UK’s national domain name system (DNS) operator, Nominet, the first recorded fall in five years.

Nominet will usually move to suspend a web domain following notification either from the police or several other law enforcement agencies rule it’s is being used for criminal activity.

In practice, it receives the bulk of requests from the Police Intellectual Property Crime Unit (Pipcu), which processes and coordinates any case relating to IP infringements, and made 28,606 requests in the past 12 months.

Other requesting organisations include the National Fraud Intelligence Bureau, which made 178 requests in the past year; Trading Standards, which made 90; the Financial Conduct Authority, which made 48; and the Medicines and Healthcare Products Regulatory Agency, which made 31.

In the same period, Nominet said it received no requests from the Internet Watch Foundation on Child Sexual Abuse Images (CSAM) relating to .uk domains.

Nominet CEO Russell Haworth said this was evidence that the organisation’s closer collaboration with law enforcement bodies was having a demonstrable impact on the ability of criminals to operate online.

“We will not tolerate .uk domains being used for criminal activity,” said Haworth. “Suspensions have fallen for the first time since 2014, indicating that using collective established processes combined with technology-driven interventions is, it seems, acting as a deterrent.”

Detective constable Weizmann Jacobs of Pipcu said: “Partnership working is vital in the fight against intellectual property crime. We work closely with Nominet and the law enforcement community to disrupt criminals who try to operate in the .uk domain, and the figures released today demonstrate the success we have had in doing so.

“By collaborative working, we can help protect consumers from the dangers of counterfeit goods and safeguard their personal information when shopping online. When consumers purchase from illicit sites, they are unknowingly handing over their personal and payment details to criminals who often use these to commit further crime.

“In light of the figures Nominet have released, and in the run-up to Christmas, we would like to warn online shoppers that there’s more risk when it’s counterfeit. If it looks too good to be true then it probably is; heavily discounted products are often a tell-tale sign that something isn’t right.”

As further evidence that Nominet’s processes are working as intended, during the same 12-month period, the number of requests that didn’t result in a suspension was just 16, down from 114. This could happen for several reasons, often because the domain had already been suspended through a parallel process, transferred on a court order, or the registrant had become compliant following notification. A total of five suspensions were reversed, which happens if offending behaviour stops and the enforcing agency confirms this.

Meanwhile, Nominet’s proscribed terms policy caught 1,600 newly registered domains as potential breaches, but removed none, while its Domain Watch anti-phishing initiative saw 2,668 domains suspended.

According to Nominet’s MD of registry solutions Eleanor Bradley, these fraudulent domains included examples such as hmrc-taxrefund-gov.co.uk, login-micorosoftoffice.co.uk and netfllx.uk.

“We are constantly looking for ways to improve .uk for the millions of individuals and businesses that rely on it,” she said. “Using Domain Watch to catch domains intent on confusing people for criminal gain is proving fruitful, but we and other likeminded partners – as well as individuals – must not rest on our laurels.”