There is an old saying that makes a lot of sense in today’s digitally connected business environment: A person with information is someone that has everything. In fact, this century demands updated data at all times, and those who are lacking it face the risk of being left behind. In the context of domain name ownership and its dynamic nature, WHOIS records are must-have pieces of information for a variety of reasons.
But before digging into the why, let’s look at what WHOIS actually is. In a nutshell, it’s a standardized way that emerged in the 80s to keep track of who has owned which domain address(es) over time. It’s a mandatory process where noncompliance can lead to domain suspension or deletion – such that the info provided is usually accurate for millions of entries.
WHOIS data contain registrants’ details (online contact points, physical addresses, etc.), the registrar through which each registration took place or that currently “host” specific domain names, as well as registration and ownership expiration dates. Records are valuable in several ways – on their own or aggregated in large databases that cover multiple registrars with bulk whois lookup — and this post explores a few of them.
1. Take Action Against Spammers
One thing is sure about emails, we are receiving too much of them, especially from senders we have never asked to hear from. It’s possible to block unsolicited communications at an inbox or email server level, but spammers can also easily switch to fresh IP addresses and domain names in order to remain undetected and keep their nuisance going.
WHOIS records can circumvent this problem by helping gather the contact details of registrants hiding behind dozens or more of addresses and take necessary actions – e.g., filing a formal legal complaint to get it stopped or building a list of the other domain names owned by the same spammy registrants and blacklist them preventively.
2. Stop Misuses Affecting Brand Equity
WHOIS records are useful to keep brands protected and make sure trademark holdings are enforced. With them, companies can monitor for close variations of their domain names that are being newly registered or transferred to a different person or company and may mislead existing and prospective customers,
In addition to detecting infringers, WHOIS data also gives a starting point to remediate the situation as it includes the contact details and address of registrants. That way, legitimate brand owners can proceed with warnings, contact trademark protection associations, and, if required conduct a lawsuit.
3. Take Inappropriate Content Down
The internet is a place full of rich information, but it can also be the channel for inappropriate content to circulate. For example, some websites may publish fake information that is detrimental to a person or company’s reputation, or they may contain immoral and discriminative posts, images, and videos. WHOIS information allows for quick interventions in such instances – e.g., start an investigation, report host details to registrars and authorities in charge of blacklisting, etc.
4. Fight Fraud and Cybercrime
Last but not least, WHOIS is also at the forefront of IT security, providing invaluable information to fight back against scammers. Cybersecurity teams can use the information as they analyze the websites and email recipients which employees interact with on a daily basis to spot anomalies — e.g., suspicious domains that have just been registered and may be the instrument for phishing attacks and website impersonation.
It’s complicated to stay on top of all the information that the internet provides and the line between what is appropriate and safe and what isn’t can easily get blurred. WHOIS records offer some structure by collecting data about domain registration and ownership around the world and making it available to prevent and stop abuses.
About the Author
Jonathan Zhang is the founder and CEO of Threat Intelligence Platform (TIP) and WhoisXMLAPI. He has vast experience in building tools, solutions, and systems for CIOs, security professionals, and third-party vendors and enjoys giving practical tips for better threat detection and prevention. Jonathan can be reached online at [email protected] or [email protected].
