LegitScript Reports Illicit Websites’ Domain Names to Registrars — Here’s Why

Image depicting virtual pills on a dark background.

LegitScript’s Domain Name Enforcement program reports illicit websites' domain names to their associated registrars. Read more to understand what a domain registrar is, and how we report domain names.


What is a Domain Name Registrar — And What Are Their Responsibilities?

Domain names were designed to help users navigate the internet by using a text-based label rather than a numerical address, which can be harder to remember. They’re regulated by the Internet Assigned Numbers Authority (IANA), and IANA is under the umbrella of the Internet Corporation for Assigned Names and Numbers (ICANN).

Domain name registrars are companies that facilitate the registration of domain names on behalf of registrants. Most domain name registrars have signed an agreement with ICANN called the Registrar Accreditation Agreement (RAA), and they provide domain name registration services to entities primarily seeking generic top-level domains (gTLDs) such as .com, .org, and .edu.

The registrar accreditation agreement put forth by ICANN is in part intended to keep the internet safe for the public; however, not all registrars comply with the rules or with LegitScript's abuse notifications for rogue internet pharmacies. So what happens when bad actors pollute the ecosystem? Let’s explore why LegitScript reports domain names to registrars.


LegitScript’s Domain Name Enforcement Program Notifies Registrars of Violations to Terms of Service

In 2022, LegitScript’s Domain Name Enforcement DNE program sent 100 notifications for 1,013 domain names, and enforced the removal of 1,602 registrants.

LegitScript’s Domain Name Enforcement (DNE) program helps remove rogue internet pharmacies from the online space by identifying these websites and encouraging registrars to take action against them. Our Domain Name Enforcement program has helped to stop roughly 90,000 rogue pharmacy websites since its inception.

The success of LegitScript’s DNE program relies heavily on compliance from registrars. According to ICANN’s 2013 Registrar Accreditation Agreement, Section 3.18.1, a “Registrar shall take reasonable and prompt steps to investigate and respond appropriately to any reports of abuse.”

If a bad actor uses a domain name for illicit activity, the registrar is responsible for taking action. When LegitScript notifies a registrar of rogue internet pharmacies, the best action a registrar can take is to lock and suspend the domain name.

As such, a registrar is empowered to lock and suspend the domain name from the TLD registry. This prevents the website from operating and stops the domain name from moving to another registrar.

While many registrars are compliant — some are not. These registrars ignore LegitScript's notices or inaccurately claim they are unable to take action without a court order. Compliant registrars, such as GoDaddy, NameCheap, and PDR, not only take action in response to LegitScript's abuse notifications, but are proactively finding and actioning illicit internet pharmacies themselves.


How Legitimate Pharmacies Can Stand Out

Did you know that the majority of internet pharmacies are operating with flagrant disregard for the law? These "rogue" internet pharmacies not only expose consumers to danger, but they drown out the efforts of legitimate pharmacies trying to reach patients in need.

Let the world know that you operate safely and legally with LegitScript Healthcare Merchant Certification. Our certification provides a recognized stamp of approval for businesses that facilitate transactions for pharmacies. Many banks, advertising programs, social media platforms, and e-commerce websites require certification from a recognized organization like LegitScript to support your merchant account. Our certification is recognized by Visa, Mastercard, Google, Microsoft Bing, Facebook, and TikTok.

Learn more about our certification program or download our primer to understand the steps toward certification.