Latest news of the domain name industry

Recent Posts

US officials gunning for coronavirus domains

Kevin Murphy, March 24, 2020, Domain Registrars

US state and federal law enforcement are pursuing domain names being used to push bogus products and misinformation related to coronavirus Covid-19.

In separate actions, the US Department of Justice forced Namecheap to take down a scam site that was allegedly using fear of coronivirus to hoodwink visitors out of their cash, while the New York Attorney General has written to registrars to demand they take action against similar domains.

The DoJ filed suit (pdf) against the anonymous “John Doe” registrant of coronavirusmedicalkit.com on Saturday and on Sunday obtained a temporary restraining order obliging Namecheap to remove the DNS from the domain and lock it down, which Namecheap seems to have done.

Namecheap is not named as a defendant, but the complaint notes that the DoJ had requested the domain be taken down on March 19 and no action had been taken by the evening of March 21.

The web site in question allegedly informed visitors that the World Health Organization was giving away free coronavirus vaccines to anyone prepared to pay a $4.95 shipping fee by handing over their credit card details.

This is an identity theft scam and wire fraud, the complaint says.

Meanwhile, NYAG Letitia James has sent letters, signed by IT chief Kim Berger, to several large US registrar groups — including GoDaddy, Dynadot, Name.com, Namecheap, Register.com, and Endurance — to ask them to “stop the registration and use of internet domain names by individuals trying to unlawfully and fraudulently profit off consumers’ fears around the coronavirus disease”.

In the letter to GoDaddy (pdf), Berger asks for a “dialogue” on the following preventative measures:

  • The use of automated and human review of domain name registration and traffic patterns to identify fraud;
  • Human review of complaints from the public and law enforcement about fraudulent or illegal use of coronavirus domains, including creating special channels for such complaints;
  • Revising your terms of service to reserve aggressive enforcement for the illegal use of coronavirus domains; and
  • De-registration of the domains cited in the articles identified above that were registered at GoDaddy, and any holds in place on registering new domains related to coronavirus, or similar blockers that prevent rapid registration of coronavirus-related domains.

In other words: try to stop these domains being registered, and take them down if they are.

No specific malicious sites are listed in the letter. Rather, Berger cites a study by Check Point Software that estimates that something like 3% of the more than 4,000 coronavirus-related domains registered between January and March 5 are “malicious” in nature.

EasyDNS changes take-down policy after man dies

Kevin Murphy, August 15, 2014, Domain Registrars

Canadian registrar EasyDNS has amended its take-down policy after a customer of one of its registrants died of an overdose.

In a frank blog post today, CEO Mark Jeftovic said that the man had died using a “controlled substance” ordered online. The web site in question used a domain registered via EasyDNS.

As a result of the death, and conversations with ICANN and the US Food and Drug Administration, EasyDNS has changed its policy.

It will now turn off any domain used for a pharmacy web site unless the registrant can produce a license permitting it to sell pharmaceuticals in the territories it sells to.

Previously, the company would only turn off a pharmacy-related domain with a court order.

It’s a notable U-turn for the company because Jeftovic is an outspoken critic of unilateral take-down notices.

In January, he referred to the National Association of Boards of Pharmacy as a “batch of clowns” for demanding that EasyDNS and other registrars take down unlicensed pharmacies without court orders.

He also has an ongoing beef with the UK police over its repeated requests for file-sharing and counterfeiting-related domains to be taken down without judicial review.

Jeftovic blogged today:

[I]n one case we have people allegedly pirating Honey Boo Boo reruns and on the other we have people dying. We don’t know where exactly, but the line goes somewhere in between there.

We have always done summary takedowns on net abuse issues, spam, botnets, malware etc. It seems reasonable that a threat to public health or safety that has been credibly vetted fits in the same bucket.

As a private company we feel within our rights to set limits and boundaries on what kinds of business risk we are willing to take on and under what circumstances. Would we tell the US State Department to go to hell if they wanted us to take down ZeroHedge? Absolutely. Do we want to risk criminally indicted by the FDA because of unregulated vicodin imports? Not so much.

You can read his full blog post here.