How it.com Domains Prevents Abuse and Fraud

  • by Joe Alagna
How it.com Domains Prevents Abuse and Fraud

Table of contents

  1. The it.com Domains Abuse Prevention Program
  2. Evolving for a Safer Internet
  3. Questions or Reports

Thanks to our partners, our team, and our end users, the .it.com suffix is growing exponentially. The year 2024 was a banner year for us, and along with that success have come increasing attempts at fraud and abuse. From the beginning, we decided that our domain extension would be one of quality and healthy growth. We don't allow illegal activities. We monitor the .it.com suffix regularly using multivariate data that we have gathered into an exclusive “special sauce,” which is already in place and improving by the day.

There are many benefits to owning an .it.com domain. Our clients can register keywords under the .it.com suffix for an SRP (Suggested Retail Price) of $49.00 annually. Many recent registrations are for keywords worth millions of dollars in the .com zone, meaning that average end users are getting bargains on highly valuable keywords.

The most important benefit, however, is the degree of trust that comes with any domain that ends in .com. Yes, our clients buy third-level domains, but they still get a domain with .com at the end.

We take that trust very seriously. That's why we've developed policies designed to enhance trust over time. Our policies are evolving as we encounter new cases and develop better methods to prevent abuse. And because our zone is unique, we believe it's important to be transparent and to communicate our policies and methods with you—our registrar partners.

We recognize that our zone, as a private third-level domain operation, is a little different. But that difference also gives us better insight into what is happening within the zone. We take many proactive measures, including:

  • Monitoring ICANN (Internet Corporation for Assigned Names and Numbers) and following their best practices for registries.
  • Membership and participation in the International Trademark Association (INTA) and other brand-related groups.
  • Cooperating closely with our registrar partners to stay informed about new abuse types.
  • Receiving regular reports from some of the world's best abuse-reporting agencies.
  • Maintaining contact with the most important spam list aggregators.
  • Using several proprietary, third-party reporting services.
  • Working with leading domain name arbiters to prevent trademark abuse. We offered a widely promoted Sunrise Period (a period of 30-60 days before domain names are made available to the general public) in January–February 2023.
  • Partnering with the Brand Safety Alliance since day one.
  • Evaluating copyright complaints as they arise, although we are not an arbiter of validity.
  • Cooperating with law enforcement agencies worldwide to prevent illegal activities.

Through extensive experimentation and collaboration with our experienced DevOps team, we've developed a comprehensive set of policies and practices. Below, we outline some of the key aspects of our program.

The it.com Domains Abuse Prevention Program

Level 1 – Suspicious

We have developed multiple levels of abuse severity. Level 1 represents a suspicious registration.

For example, we've found that domains containing keywords such as bank.it.com and other finance-related terms are commonly used for fraud. Suspicion flags are also raised for domains that include the names of famous software brands and terms related to email, security, passwords, and logins.

Additionally, we maintain an unpublished and evolving list of trending suspicious keywords. At our discretion, we may temporarily withhold these domains from registration until we determine they are safe.

We use machine learning to assess suspiciousness, so this assessment will become increasingly accurate. Suspicious flags don't always lead to blocking the domain; optionally, we can contact the registrar to draw their attention to it.

Level 2 – Reported Spam (ClientHold)

A domain that appears on lists such as Spamhaus, SpamCop, or SORBS may not be automatically blocked or affected, but may be placed on ClientHold at our discretion. Certainly, we will monitor it more closely. We understand that many legitimate domain registrants can end up on these lists and often resolve the issues that led to their inclusion.

Level 3 – Reported & Verified Mass UCE or Abuse (ServerHold)

Level 3 violations trigger Domain Block Status called ServerHold. This abuse category includes:

  • Phishing attacks
  • Malware distribution
  • Botnets
  • Pharming
  • Excessive spam
  • Excessive copyright complaints

We have mechanisms in place to detect and prevent these abuses. Any malicious activity that uses a domain name to deceive users or distribute harmful content (DNS abuse) will result in a Domain Block action (ServerHold).

A few key points:

  1. We will notify the registrar partner.
  2. No refunds are offered when abuse is involved.
  3. The Partner Registrar may unblock the domains on ClientHold if it believes the blocking was made in error and the registrant has provided sufficient evidence of the domain's legal use. Domains are not placed on ServerHold without corroborating evidence, and it is our policy not to release a ServerHold until we feel it is safe to do so.
  4. In case of repeated violation, the domain is blocked in accordance with Level 4.

Level 4 – Reported Illegal Activities (Server Block Status)

Higher-level violations are more severe and treated accordingly. The most egregious cases trigger a Server Block Status, which applies when we receive reports of:

  • Child exploitation.
  • Human trafficking.
  • Child pornography.
  • Other illegal content.

If we confirm such violations, we will immediately notify the registrar partner and place the domain in ServerHold Status. The domain will be blocked.

Legal Actions & Government Requests:

Level 4 ServerHold Blocking Status may also be applied in cases involving legal proceedings or government authorities.

Evolving for a Safer Internet

Our Abuse Prevention Program is subject to change as we adapt to the growing challenges of protecting our partners and end users. Our policy is designed to protect the public and keep abuse out of the .it.com zone.

Questions or Reports

For most inquiries, start with the domain name's registrar. If you are reporting abuse, the registrar is often the best first point of contact because they have a direct relationship with the registrant. If you are not sure which registrar manages the domain, you can look it up here: https://get.it.com/whois

If you are a domain registrant, please contact the registrar where you registered your domain. They can help with account access, billing, renewals, DNS settings, and general domain management questions.

The it.com registry follows RDAP and registration data rules as closely as possible. That means some registrant contact information may not be publicly available. If you cannot find the information you need, or if your inquiry involves abuse in the .it.com namespace, you may contact us at: [email protected]

Our registrar partners are an important part of our abuse prevention process, and we work with them to help keep the .it.com namespace safer for everyone.

Joe Alagna
Joe Alagna
Share this post!

Join Our Newsletter!

Insights on domains, behind-the-scenes company news, and what’s happening across the industry — delivered to your inbox.
You’re in!
We’ll be in touch with fresh updates and stories.

Read also