|
ICANN introduced a requirement for domain name registrars to send out annual notices to all their customers (registrants) to check the Whois on their domain names to ensure the information is correct. While this seemed fairly reasonable (if cumbersome), the fact is it confuses the heck out of people—and creates a whole lot of confusion for registrants. But that was a problem we could deal with.
Fast-forward to October, 2008. It seems domain slammers have clued into the confusion, teamed up with phishers (or have become phishers themselves) and are now sending out fake notices of their own. But instead of checking Whois, these ones are a little more serious and ask people to “login” at the (fake) link provided. Can you see what comes next?
I have already received one from a fake Network Solutions and one from a fake eNon, both starting yesterday—nicely corresponding with the “real” release of the reminders that Network Solutions has already been sending clients.
I think it might be wise for targeted registrars to take reasonable steps to inform registrants of this scam, but more importantly, I think it might be wise for ICANN to rethink this whole idea.
Example 1
Dear Network Solutions Customer,
We recently notified you that the registration period for your Network Solutions domain name had expired. As a benefit of having previously registered a domain name(s) with Network Solutions, you are eligible to receive a percentage of the net proceeds that were generated from the renewal and transfer of the domain name you chose not to renew. Since you have chosen not to renew the domain name listed below during the applicable grace period, we were successful in securing a backorder for this domain name on your behalf and it has been transferred to another party in accordance with the Service Agreement.
Renew your domain now - http://www.networksolutions.com (not the real link)
You must click on the following link, enter your domain name, and confirm your contact information in order to claim these funds. If your contact information is not correct, you must enter Account Manager and make the appropriate changes prior to clicking “submit” from the confirmation screen. If you do not do this, you will be confirming inaccurate information and will not receive any payment. Checks will only be made payable and mailed to the Account Holder of record.
Sincerely,
Network Solutions® Customer Support
Example 2
Dear user,
On Wed, 29 Oct 2008 22:26:54 +0600 we received a third party complaint of invalid domain contact information in the Whois database for this domain. Whenever we receive a complaint, we are required by ICANN regulations to initiate an investigation as to whether the contact data displaying in the Whois database is valid data or not. If we find that there is invalid or missing data, we contact both the registrant and the account holder and inform them to update the information.
The contact information for the domain which displayed in the Whois database was indeed invalid. On Wed, 29 Oct 2008 22:26:54 +0600 we sent a notice to you at the admin/tech contact email address and the account email address informing you of invalid data in breach of the domain registration agreement and advising you to update the information or risk cancellation of the domain. The contact information was not updated within the specified period of time and we canceled the domain. The domain has subsequently been purchased by another party. You will need to contact them for any further inquiries regarding the domain.
PLEASE VERIFY YOUR CONTACT INFORMATION - http://www.enom.com
If you find any invalid contact information for this domain, please respond to this email with evidence of the specific contact information you have found to be invalid on the Whois record for the domain name. Examples would be a bounced email or returned postal mail. If you have a bounced email, please attach or forward with your reply or in the case of returned postal mail, scan the returned letter and attach to your email reply or please send it to:
Attn: Domain Services 14455 N Hayden Rd Suite 219 Scottsdale, AZ 85260
LINK TO CHANGE INFORMATION - http://www.enom.com
Thank you,
Domain Services[IncidentID:37069]
Sponsored byVerisign
Sponsored byVerisign
Sponsored byWhoisXML API
Sponsored byRadix
Sponsored byDNIB.com
Sponsored byCSC
Sponsored byIPv4.Global