.CO Anti-Abuse Policy

Introduction

Consorcio Equipo PuntoCO (“the .CO Registry” or “we”) is committed to fostering a safe, secure, and trusted online environment. In alignment with current industry best practice abuse mitigation policies, this document outlines the principles, reporting mechanisms, and enforcement actions that guide our approach to addressing domain name abuse.

This Anti-Abuse Policy describes the kinds of abusive conduct that are prohibited, sets forth procedures for reporting and handling abuse, and clarifies the roles and responsibilities of all parties involved. Its purpose is to protect end-users, promote the responsible use of .CO domain names, and ensure compliance with MINTIC requirements and industry standards.

The .CO Anti-Abuse Policy is a core component of our mission to maintain a safe, trustworthy, and resilient namespace. By working together with registrars, registrants, and the broader Internet community, we strive to protect users and advance the common good online.

Anti-Abuse Policy

  1. Scope and Applicability

    This policy applies to all registrants, registrars, and users of domain names registered under the .CO top-level domain (TLD). It covers all forms of DNS abuse and incorporates additional categories as appropriate for the .CO namespace.

    The policy also extends to any third party acting on behalf of a registrant or domain holder, including resellers and hosting providers, to ensure that all participants in the .CO domain ecosystem are held to the same standards of conduct.

  2. Definition of DNS Abuse

    We define DNS Abuse as the intentional use of domain names for malicious or illegal activity that exploits or attacks the DNS infrastructure or end-users. The primary forms of DNS Abuse are:

    • Malware: The dissemination of software designed to disrupt, damage, or gain unauthorized access to devices, services, or networks.
    • Phishing: The creation of websites, emails, or messages that fraudulently attempt to acquire sensitive information by masquerading as a trustworthy entity.
    • Pharming: The redirection of website traffic to fraudulent websites without user consent, often by exploiting DNS vulnerabilities.
    • Botnet Command and Control: The operation of a domain name as a command and control point for a network of compromised devices.
    • Spam: The use of domain names to send unsolicited bulk messages, particularly when such messages facilitate other forms of abuse.

    We may, at our sole discretion, expand the scope of this policy to include other forms of online harm, such as impersonation attacks, child sexual abuse material (CSAM), fraudulent activities, and violations of applicable law.

  3. Prohibited Activities

    The following activities are considered to constitute abuse under this policy and are strictly prohibited within the .CO TLD. Registering or using a .CO domain name:

    • to distribute, control, or facilitate malware;
    • for phishing schemes or to mislead users for fraudulent purposes;
    • for pharming or DNS hijacking;
    • to facilitate the operation of a botnet;
    • to send or facilitate unsolicited bulk messaging (spam), especially when linked to other harmful activities;
    • for activities that promote, distribute, or link to CSAM;
    • for the main purpose of impersonating a third party or their websites for malicious purposes;
    • to support or enable any activity that violates applicable laws or regulations in any relevant jurisdiction;
    • to facilitate fraud.
  4. Reporting DNS Abuse

    We maintain an abuse reporting mechanism accessible on our website:
    Contact form

    Reports may be submitted by any party who suspects or has evidence of abuse involving a .CO domain name.

    Reports should include as much detail as possible, including, but not limited to:

    • The domain name(s) involved
    • A detailed description of the alleged abuse
    • Evidence supporting the claim (e.g., screenshots, URLs, email headers)
    • Contact information for follow-up

    We will acknowledge receipt of abuse reports and, where appropriate and if time permits, inform the reporting party of the status or outcome of their report, subject to privacy and operational considerations.

  5. Response and Enforcement

    Depending on the nature and severity of the abuse, the following enforcement actions may be taken:

    • Contacting the registrar and/or registrant to inform them of the alleged abuse and seek remediation.
    • Requesting or requiring the registrar to suspend, lock, or delete the domain name if abuse is confirmed.
    • Providing information to law enforcement or other relevant authorities, where legally required or appropriate.
    • Temporarily blocking or redirecting domain resolution to prevent further harm.
    • Imposing additional measures on high-risk domains, such as monitoring or enhanced validation.

    All enforcement actions will be conducted in a transparent and non-discriminatory manner, with due respect for registrant rights and applicable law.

  6. Registry and Registrar Collaboration

    We recognize the importance of close cooperation with accredited registrars to prevent and address domain name abuse and will:

    • Maintain clear contractual requirements prohibiting domain name abuse.
    • Provide registrars with guidance and resources to support rapid response to abuse reports.
    • Share relevant information with registrars and, where necessary, coordinate on investigation and remediation efforts.
    • Monitor registrar compliance and take action against registrars who fail to address abuse effectively.

    Registrars are expected to maintain up-to-date contact information to receive abuse reports, respond promptly to abuse notifications, and implement and enforce anti-abuse measures in line with this policy.

    As standard practice, we will forward all credible and actionable reports, including the accompanying evidence, if any, to the sponsoring registrar, with a request to investigate the issue further and to take appropriate action where necessary to mitigate the abuse. The sponsoring registrar has a direct relationship with the registrant and therefore possesses further information not available us, such as payment details, sales history, and information on further registrations of the customer, reseller data (if applicable) and other specific data unique to the customer. In case the registrar determines in the course of the investigation that the use of the domain name violates the applicable terms of use, MINTIC Policies or this Policy, the registrar is required to take action within reasonable time. We further reserves the right to act directly and immediately in cases of obvious and significant malicious conduct.

  7. Safeguards and Due Process

    We are committed to protecting the legitimate rights and interests of registrants and users. Before taking enforcement actions that affect domain functionality, the following principles will apply:

    • Verification of abuse reports and substantiation of claims with reasonable evidence.
    • Opportunity for the registrant to respond to allegations, unless delay poses an immediate security or safety risk.
    • Documentation of all actions taken, including rationale and supporting evidence.
    • Appeal and review mechanisms for registrants whose domains are suspended or deleted.

    Appeals regarding any mitigation action should be directed to the Registrar regardless of whether the action was taken by the Registrar or by us. We will not interact directly with Registrants regarding any mitigation action taken.

  8. Mitigation

    In the event of DNS abuse, we will aim to choose the least invasive mitigation action to address the issue effectively. The following methods are listed in order of severity:

    1. Notification of the Registrant: Informing the domain name registrant about the abuse and requesting immediate action to mitigate the issue.
    2. Notification of the Registrar: Alerting the registrar responsible for the domain name registration to take appropriate measures.
    3. Suspending a Domain Name Registration Temporarily: Temporarily suspending the domain name registration until the abuse is mitigated.
    4. Sinkholing a Domain Name: Redirecting the domain name to a controlled server to prevent further abuse while allowing for analysis and monitoring.
    5. Suspending a Domain Name Registration Permanently: Permanently suspending the domain name registration for clearly identified malicious registrations.
    6. Deleting a Domain Name: Removing the domain name from the registry entirely.

    By following this approach, we ensure that the most appropriate and least disruptive action is taken to address .CO domain abuse while maintaining the integrity and security of our systems.

  9. Prevention and Awareness

    We will implement preventive measures and promote awareness to reduce the incidence of domain name abuse, including:

    • Screening and monitoring of new registrations for patterns indicative of abuse.
    • Education and outreach to registrars, law enforcement, and the public on domain name abuse and responsible domain use.
    • Collaboration with industry groups, security researchers, and law enforcement to share best practices and threat intelligence.
  10. Policy Review and Updates

    This Anti-Abuse Policy will be reviewed on a regular basis to reflect technological, legal, and industry developments. We reserve the right to amend this policy at any time to enhance the security and integrity .CO or in response to changes in applicable law, contractual requirements, or best practices.

    All material changes to this policy will be communicated to registrars and posted publicly with adequate advance notice.

  11. Contact Information

    Please send all abuse reports to [email protected] or use the contact form on the homepage. Please provide as much evidence as possible to assist in assessing your complaint.