Latest news of the domain name industry

Recent Posts

Three big changes could be coming to .uk

Kevin Murphy, October 9, 2019, Domain Registries

Nominet wants to know what you thinking about three significant policy changes that could be implemented in the next year or so.

The .uk registry today published a consultation document covering two security-related changes and one related to expired domains.

First, Nominet wants to know if it should be allowed to preemptively block resolution on newly registered domains where it has “identified a high risk the domain will be used for phishing”.

It looks like more of a cosmetic policy change, given that the company is already blocking suspected phishing domains where the registrant fails to adequately verify their identity.

About 1,500 domains were blocked like this in the 12 months ending July 2019, Nominet says, on the basis of its Domain Watch program, which combines technical and manual oversight to identify phishy-looking names.

Second, Nominet want to know if it should display an standard informational web page when it blocks a domain on the basis of fraud, copyright infringement, and counterfeiting.

Currently, the company takes down tens of thousands of names every year on this basis, but the names are simply removed from the zone file and refuse to resolve.

Nominet’s friends in law enforcement reckon that allowing the the domains to instead resolve to a standard web page instead could help victims of fraudulent sites help with police investigations, and Nominet wants to know if you agree.

A side-effect of this would be that the names would remain in the zone, so we’d be able to see for the first time which names get suspended for fraud.

Third, Nominet wants to know whether it should start openly publishing drop-lists, the list of domains that have expired registrations and are about to become available.

This appears to be bad news for those registrars currently “excessively” pinging the registry to compile their own lists and get the jump on competitors when it comes to drop-catching valuable names for resale.

Nominet seems to want to see fewer dropped domains winding up in the hands of domainers, saying currently “not all dropping domains are registered and actively used by the new registrant, reducing the vibrancy of .UK domains”.

It’s proposing to give drop-lists just to registrars, or to publish them openly.

All three questions are open for comment until December 15.

Belgium to crack down on fraud domains

Kevin Murphy, November 28, 2018, Domain Registries

DNS Belgium says it will shortly implement a new policy that will see it take down .be domains associated with fraud within 24 hours of discovering them.

The new scheme, which comes into effect December 1, essentially grants the Belgian government’s ministry of the economy — FPS Economy or Federal Public Service Economy in local parlance — a trusted notifier status when it comes to takedowns.

Previously, requests had to go through public prosecutors and took about two weeks, giving attackers a longer window to milk their victims.

Under the old regime, FPS Economy could only request a suspension in cases where the Whois data was inaccurate.

The registry said it will only suspend domains that are involved in “serious crimes”, including phishing and fraudulent web stores.

Registrants will have two weeks to appeal their suspensions. After six months, the domains will be deleted.

Several hundred .be domains per year are expected to be affected.

Famous Four bosses gave “forged documents” to court

Kevin Murphy, December 28, 2017, Domain Registries

The leaders of Famous Four Media produced “forged documents” during a lawsuit filed by the company’s former chief operating officer, according to Gibraltar’s top judge.

The new gTLD registry’s chairman and CEO were both, along with four other unidentified former employees, involved to some degree in “forging” invoices to an affiliated registrar and/or documents relating to a rights issue, according to a ruling by Chief Justice Anthony Dudley.

The ruling was made in October, but appears to have been published more recently.

Former Famous Four COO Charles Melvin is suing CEO Geir Rasmussen and Iain Roache, chair of parent Domain Venture Partners, over a rights issue that diluted his holdings in a related company, according to a court document.

There’s little in the public record about the specifics of the suit. The complaint is not available publicly and neither man wished to comment while the trial is still ongoing.

But Dudley’s ruling shows that the original claims seem to have been sidetracked by Melvin’s new allegations that the “forged” documents demonstrate that Roache, Rasmussen and others engaged in “fraud” and “conspiracy to pervert the course of justice”.

Nick Goldstone, a partner at Gordon Dadds and a lawyer for Rasmussen and Roache, told DI that they both deny any dishonest behavior and that there has been no finding of dishonesty by the court.

He said in an emailed statement: “both of the individual defendants deny (if it be alleged) that they are dishonest and both deny that they have been engaged in the creation of any forged documents in the wider sense, as alleged by counsel for the opponents in the Court case, or at all.”

According to Dudley’s ruling, the defendants’ trial lawyers have claimed that errors in the invoices provided to the court were the result of “honest incompetence”, which the judge said has “a ring of truth” to it.

Dudley, having decided Roache and Rasmussen “have historically been guilty of serious shortcomings in relation to their disclosure obligations” at some point ordered that metadata be gathered from various documents handed over during the disclosure phase of the trial.

This metadata showed that some documents “were created after (in some instances long after) the date on the face of the documents”, which led the judge to conclude they were technically “forged documents”.

But Goldstone told DI that the documents in question were “forged” only in “explicitly a narrow characterisation of the term”, adding that they had been created by former employees who have all since been fired.

The documents included 10 invoices from Famous Four to AlpNames, also based in Gibraltar, the affiliated registrar responsible for selling hundreds of thousands of cheap names in Famous Four gTLDs.

They also included documents concerning a rights issue in a company called Myrtle Holdings that reduced Melvin’s stake to a negligible amount. Again, dating seems to have been an issue.

Dudley wrote in his decision (pdf):

It is accepted by the respondents that the material produced by them contained inaccurate and misleading information; and that the forged documents have been deployed in the litigation and relied upon in pleadings and witness statements. It also formed part of the material provided to the expert witnesses, whose opinions are consequently tainted.

But Goldstone told DI: “no conclusion has been reached in the ruling as to any ‘dishonesty’ or ‘forgeries’ in the wider sense.”

The trial had been due to kick off in October, but it’s been delayed due to the fact that a lot of evidence and testimony has to be reevaluated.

Roache and Rasmussen had proposed to settle the case with a buy-out offer earlier this year, but that offer was rebuffed by Melvin, according to Dudley’s ruling.

Famous Four runs 16 new gTLDs including .science, .download, .loan and .bid.

Many of its TLDs have been offered at super-cheap prices that have boosted sales volumes but have often attracted high levels of abuse.

Cybersquatter jailed for seven years after prison break

Kevin Murphy, April 20, 2015, Domain Policy

Fraudster Neil Moore, who escaped from prison by cybersquatting, has reportedly been handed a seven-year sentence by a British court.

As we reported last month, Moore escaped from Wandsworth prison merely by sending an email ordering his release from an hmcts-gsi-gov.org.uk email address.

He’d registered the name, a typo of the genuine hmcts.gsi.gov.uk used by the UK court service, on a smuggled smartphone.

He was being held on remand for an unrelated fraud at the time.

Today’s sentencing follows Moore pleading guilty to eight counts of fraud (it doesn’t seem those were related to cybersquatting) and one count of wrongful escape from custody.

New domain scam? ICANN issues vague warning

Kevin Murphy, July 16, 2014, Domain Services

ICANN has warned internet users about a domain name scam that exploits the ICANN name and logo.

Not giving away much information, ICANN said in a statement:

It has been brought to ICANN’s attention that some online entities have attempted to sell fraudulent “certificates”, which they claim are required to protect generic top-level domain names. The perpetuators of this scam threaten registrants on the protection service with the objective of securing a fee from the registrant. The “certificates” look official and include an unauthorized use of the ICANN logo.

Please note that ICANN does not issue certificates to registrants and does not collect fees from registrants directly.

It’s not clear whether the scam is related to the “ICANN certificates” fraudsters sometimes demand as part of domain appraisal scams, which have been well-documented online.

The reference to a “protection service” and new gTLDs suggest this might be something new.

I asked ICANN for a sample of the scam in question yesterday but haven’t heard back yet.

UPDATE: The certificates look like this:

and this:

  • Page 1 of 2
  • 1
  • 2
  • >