How Donuts is Working to Prevent Malicious Domain Registrations


One way I learn about domain industry news is through a variety of Google Alerts I have set for various topics and keywords related to domain names. For the past few weeks, a great deal of the Google Alert emails I have received have highlighted articles about domain names that have been registered and used to scam people. This has always been an issue, but it seems to be more prevalent with the current coronavirus pandemic.

Donuts published a blog post discussing a report about malicious .com domain name registrations. The report discussed the steps Verisign made to help mitigate these domain registrations.

In its blog post, Donuts discussed the steps it has been taking to prevent malicious domain registrations in its extensions:

“Since its inception, Donuts has recognized the need to prevent and take action against abusive domain name registrations, many of which prey on online communities. Donuts delivers proactive protective solutions through our Domains Protected Marks List, DPML, which today protects 3,500 of the world’s largest consumer brands. In 2018, Donuts enhanced DPML to include logic that prevents the registration of malicious homograph internationalized domain names for the entirety of Unicode’s Confusables table, including Latin, Greek, and Cyrillic scripts.

Today, that table contains more than 6,000 potentially confusing characters, 80 of which appear in both Donuts and Verisign’s ICANN approved Latin script tables. Thus, one can see that the issue stretches beyond the three characters identified by “

It’s good that domain registries recognize the potential for abuse, and it is good to see action. I know other registries have worked on their own abuse policies to mitigate this issue, and it is especially crucial for a company like Donuts to have this type of policy given the number of extensions the company operates.

Pandemic aside, this issue exists and continues to be pervasive. While domain registrars are often blamed for malicious domain registrations, it is good to see the registrar side take steps to help mitigate the problem.


  1. I reported so many Apple Store nonesense spoof emails I had from their domains, nobody ever did anything about it. They should have done it sooner as gtlds get the reputation of being spammy, and donuts an opportunist who just wants to make an extra $1,99

Leave a Reply