Creating a WHOIS Template to Register Domains
When a domain name is registered, ICANN requires that personal information including your full name, address, phone number, and email address be provided. This information is then made visible to the public via a WHOIS lookup. In fact, it’s available to everyone including marketers, spammers, and even identity thieves. Do you want to find out more about the WHOIS database, how to correct register a domain for business purposes so it is instantly reconisable and how not to expose your personal data while doing so? Perhaps you are wondering what measures should be taken to ensure your organisation’s privacy on WHOIS? To discover answers to these questions, carry on reading this handy guide on “creating a WHOIS template to register domains.”
Introduction
If you’ve ever registered a domain, you’ve probably felt a pang of anxiety about having to enter your address, phone number, and email address in the domain’s public WHOIS record. “Will disclosing this information compromise my online privacy,” you may have wondered? After all, anyone can easily find out who registered a website by doing a simple WHOIS search online…
The term WHOIS is short for “who is responsible for a domain name or an IP address?” Going back to its inception, WHOIS has been an integral part of cyberspace. Since 1999 however, a particular non-profit entity based out of Los Angeles named Internet Corporation for Assigned Names and Numbers (ICANN) has regulated it. Both WHOIS and ICANN are responsible for allocating, governing and maintaining domain names and IP addresses that you find on all webpages today.
To ensure transparency, organisations that register domains must reveal the contact details of purchasers via the WHOIS Directory. This includes their mailing address, full name, phone number and email address in addition to the administrator’s information. This mandate by ICANN leaves your domain and website vulnerable to spammers, direct marketers, identity thieves and hackers – enabling them to use the directory to exploit your sensitive information.
This document has been created to assist private individuals and organisations to minimise the privacy risk that domain names face and to assist with their existing registration practices to provide a more secure environment for their own businesses, as well as a safer and stable online experience for their customers. Andrew Brown – CTO, Elasticito
Objectives
A WHOIS lookup using domain lookup services as listed below can be used to provide information about domain ownership:
In many instances, especially in Europe, the following message is returned when a WHOIS lookup is performed:
“REDACTED FOR PRIVACY”
This obfuscation of WHOIS information was a response by domain registrars to offer WHOIS privacy in response to GDPR. In fact, when an organisation registers a domain no personal information needs to be provided.
In addition, by enabling the redaction of WHOIS information, an organisation’s Brand Protection Team is not able to immediately identify if a domain belongs to their organisation or one of their subsidiaries or if it is a phishing domain or a domain that has been registered for brand impersonation.
This document provides a WHOIS template that highlights best practices which provide the following benefits for domain registration and maintenance:
- Immediate identification by an organisation’s Brand Protection Team of domain ownership – does this domain belong to our organisation or one of our subsidiaries.
- Immediate identification by an organisation’s Brand Protection Team of domains that could be a phishing domain or a domain that has been registered for brand impersonation.
- Automatic association and grouping of domains belonging to an organisation or one of it’s subsidiaries.
In the section below, two examples of a WHOIS template is given:
- Example 1: A simple example of how an organisation can register their main domain and associate brand domains and ensure that they are all instantly identifiable and associated with each other.
- Example 2: Illustrates how an organisation or third party can register a domain for a subsidiary and have that domain associated with the subsidiary and not the main organisation or third party.
WHOIS Key Fields
Example 1
In the example below you can replace abc/ABC with the name of your domain/Company.
| Key WHOIS Field | Example | Comment |
| Domain Name: | abc.com | Domain Name to be registered |
| Registrant Name: | Domain Administrator | First Name/Last Name |
| Registrant Organization: | ABC Limited | Name of Organisation |
| Registrant Email: | domain.admin@abc.com | Generic email associated with a group |
| Admin Name: | Domain Administrator | First Name/Last Name |
| Admin Organization: | ABC Limited | Name of Organisation |
| Admin Email: | domain.admin@abc.com | Generic email associated with a group |
| Tech Name: | Domain Administrator | First Name/Last Name |
| Tech Organization: | ABC Limited | Name of Organisation |
| Tech Email: | domain.admin@abc.com | Generic email associated with a group |
Example 1 – Continued
If “ABC Limited” decide to register another domain that is one of their brands, they could do the following:
| Key WHOIS Field | Example | Comment |
| Domain Name: | Mybrand.com | Domain Name of brand to be registered |
| Registrant Name: | Domain Administrator | First Name/Last Name |
| Registrant Organization: | ABC Limited | Name of Main Organisation |
| Registrant Email: | domain.admin@abc.com | Generic email of main organisation group |
| Admin Name: | Domain Administrator | First Name/Last Name |
| Admin Organization: | ABC Limited | Name of Main Organisation |
| Admin Email: | domain.admin@abc.com | Generic email of main organisation group |
| Tech Name: | Domain Administrator | First Name/Last Name |
| Tech Organization: | ABC Limited | Name of Main Organisation |
| Tech Email: | domain.admin@abc.com | Generic email of main organisation group |
Example 2
When registering a domain for a subsidiary the email addresses should refer to the subsidiary. Central control of the subsidiary domain can be maintained by adding a redirect to the subsidiary email address:
| Key WHOIS Field | Example | Comment |
| Domain Name: | Mysubsidiary.com | Domain Name to be registered |
| Registrant Name: | Domain Administrator | First Name/Last Name |
| Registrant Organization: | MySubsidiary Limited | Name of Organisation |
| Registrant Email: | domain.admin@mysubsidiary.com | Generic email associated with a group |
| Admin Name: | Domain Administrator | First Name/Last Name |
| Admin Organization: | MySubsidiary Limited | Name of Organisation |
| Admin Email: | domain.admin@mysubsidiary.com | Generic email associated with a group |
| Tech Name: | Domain Administrator | First Name/Last Name |
| Tech Organization: | MySubsidiary Limited | Name of Organisation |
| Tech Email: | domain.admin@mysubsidiary.com | Generic email associated with a group |
Note: when registering a domain GDPR Privacy should not be selected, and domain transfer should be locked.
As can be seen in the above examples, no Personally Identifiable Information has been used. The email addresses used are generic and should be associated with an email group that is continuously monitored, for example by a Security Operation Centre.
Cyber Risk Rating Tools and Cyber Threat Intelligence Team can now easily associate domains with the correct organisation and subsidiaries. In addition, phishing domains or domains that have been registered for brand impersonation are now quickly and easily identifiable.
Two examples from internationally recognised Brand Protection companies, CSC Global and Mark Monitor have been included below. All information included in these examples is in the Public Domain.
Conclusion
As an organisation, personal information should not be used to register a domain, most importantly because the person registering could leave the organisation, resulting in missed WHOIS alerts. In addition GDPR Protection should not be turned on because no personal information should be used for registration purposes and this then hides important information which can be used to instantly identify genuinely registered domains belonging to the organisation.
It’s always a good idea to keep your personal information private. If you have additional questions about safeguarding your information online, feel free to give Elasticito a call. We offer world class advice and solutions regarding unique privacy concerns.
A MarkMonitor Example
A CSC Global Example