As guardians of .UK, we have a duty to protect the integrity of our namespace. Tackling domain abuse is a vital part of that commitment.
We’re setting ourselves the ambitious mission:
“To make .UK the most trusted namespace through proactive, proportionate and collaborative measures. We seek to achieve systemic deterrence against abuse, while preserving the openness and accessibility of the domain space.”
This work is aligned to two of our strategic goals:
Our Strategic goals
Excellent stewardship of .UK
Champion a safe, secure and resilient internet
What is domain abuse?
ICANN’S definition of DNS abuse focuses primarily on harmful activities that exploit the DNS for malicious purposes. This includes:
- Botnets – collections of internet-connected devices infected by malware
- Malware – malicious software designed to spy on, damage or disrupt systems
- Phishing – tricking users into revealing personal information
- Pharming – redirecting users to fraudulent websites
- Spam – unsolicited bulk email; but only when spam is used to deliver one of the other four forms of abuse
In addition to this, we also review cases of domains used for fraud or unlawful purposes.
To report a website distributing Child Sexual Abuse Materials (CSAM), please go directly to the Internet Watch Foundation
Our principles for tackling domain abuse
Proportional
The action taken to mitigate the abuse reported for a domain should be proportionate to the risk it poses. This is also why we separate reports of abuse into the classifications of compromised, malicious registered and exploitable services – handling each differently.
Registrar first approach
As the primary relationship holder with registrants, registrars are often best positioned to initially deal with a domain being used for abusive purposes. We work with registrars to enable them to tackle abuse effectively, including providing them with bespoke reports and alerts should a domain be flagged.
Timely intervention
Intervention on abuse should be timely to prevent further harm being caused.
Transparent & consistent
The approach taken in tackling abuse should be well documented and consistently applied so impacted parties know what to expect.
4 key Pillars
Policy
The focus of this pillar is to maintain and develop a robust policy position in consultation with stakeholders that allows both registrars and Nominet to tackle abuse proportionally and transparently.
Capability
People, Processes, and Technology all constitute Nominet’s capability in tackling abuse. This pillar represents improvements in all of these areas to detect, analyse, and report abuse.
Partnerships
Partnerships with our internal and external stakeholders allow us to greatly increase the impact we have when tackling abuse. Sharing intelligence and broadening our perspectives is key to taking a more strategic view in addressing the problem at scale.
Communication
Transparency is key to tackling abuse with the trust of our members and wider stakeholders. It’s through case studies and knowledge sharing that we hope to greatly increase awareness. Bringing wider attention to this area, will help to deliver increasing support in the escalating fight against abuse.
Further information on domain abuse
The UK Domain Abuse Working Group
To support our efforts, we also facilitate the UK Domain Abuse Working Group – which has been established to develop collaborative approaches to reducing domain abuse. This group is open to registrars interested in supporting our mission to make .UK the safest TLD in the world.
Email accountmanagement@nominet.uk for more information.
Criminal Activity Reports
Each year, we produce an update on .UK domains suspended for criminal activity. This demonstrates the impact of our work with law enforcement agencies and our members to help protect internet users from criminality online.
Read the latest Impact Issue – our annual rundown of how our work is benefitting society – for more information on how we’re tackling abuse on .UK.
Help us keep the internet safe
If you’ve encountered a domain being used for abuse for any TLD that we manage, you can submit a report.
