Outlines of a man and woman speaking with word bubbles, one of which has the OTW logo and the other which says 'OTW Announcement

Phishing and Domain Names

A few months ago, we learned that someone had registered the domain name archiveofourowno.com and copied the front page of Archive Of Our Own at that url; they even included a login screen that mimicked the AO3 login.

We immediately went to GoDaddy–the registrar of the domain name–and asked them to remove the website, because it violated their bar on phishing (that is, tricking someone into giving away login or other personal information). GoDaddy’s Terms state that they will not allow a site to impersonate “a legitimate, trustworthy site” by tricking “visitors into providing them sensitive information like logins.” However, GoDaddy never responded and did not take the site down.

Therefore, in January, the OTW Legal Committee initiated a proceeding with the World Intellectual Property Office with the goal of stripping the domain name from the infringers. In April, after the infringers had failed to respond, the WIPO Panel ruled in our favor. The panel held that Bradley Binkley of Chicago, who had registered the domain name, had “in all likelihood… registered the disputed domain name with the aim of exploiting and profiting from the Complainant’s mark, through the impersonation of the Complainant in furtherance of a fraudulent phishing scheme.” As a result, the panel voided Binkley’s registration of the name, and the OTW is currently in the process of setting up the domain name to point to the main Archive of Our Own page.

One important takeaway from this situation is that you should never enter in your AO3 login information unless you are completely sure that you are on the real archiveofourown.org site. While we also own the domain names archiveofourown.net and archiveofourown.com they redirect you to archiveofourown.org, and that is the only site where you should enter your AO3 login information. And if you go to any site and find yourself needing to login when you thought you were already logged in, it’s possible that you’re on a phishing site rather than a genuine site–double check the URL to make sure!

If you visited archiveofourowno.com and entered your login information there, you should change your password on AO3, as well as any other sites where you use the same username/password combination, and run a virus-checker on your computer. We attempted to review the code from the phishing site to see if there was anything malicious; we didn’t see anything obvious but it’s better to be safe than sorry.

If you have more questions about the work done by the all-volunteer Legal Committee at the OTW, you can visit the Legal Advocacy page on our website.