Domain Spats & Disputes

A U.S. federal district court judge in June froze U.S. assets and ordered a stop to fraudulent domain “renewal notices” that were sent to domain registrants by a Canadian company called Data Business Solutions, which also does business as Internet Listing Service, ILS, ILSCORP.NET, Domain Listing Service, DLS, and DLSCORP.NET.

The practice consists of sending official-looking “invoices” warning registrants that their domain will expire if they don’t renew it in time. This is, of course, true, but the notice further implies that the company behind the “invoice” is the actual registrar. In reality, it is not, and when unsuspecting victims pay for the “renewal,” their domain is transferred to Data Business Solutions from the registrar where they registered it. Alternatively, the “invoice” billed for an annual “domain listing service” or “search engine listing,” leading consumers to believe that the invoice was for a service they had signed up for and that was necessary for their site to be found in search engines.

According to the report in Network World, the the FTC charged that “the ‘invoices’ represented that the defendants had a preexisting business relationship with the consumer. The ‘invoices’ also represented that consumers owed money for the continued registration of their Web site names and that the defendants would provide continued registration services for consumers.”

The FTC’s report can be found here. Further information is also available at flyteblog.com and the webmail blog.

TechCrunch reported in April that Network Solutions was highjacking subdomains to serve advertising-link filled pages when a user requests a subdomain that isn’t used by domains hosted with NetSol.

This means, for example, that if I hosted domainspats.com with Network Solutions, and if I did not set up a subdomain for domains.domainspats.com, or spats.domainspats.com, or anything.domainspats.com, if anyone typed that address into their browser, instead of getting my standard error page, they would get a page filled with ads for which NetSol gets paid.

This would include domains that aren’t set up to resolve the www version of the domain (e.g., www.domainspats.com), and even with www set up properly, it would apply to any and all typos, such as 222.domainspats.com or eee.domainspats.com, or ww.domainspats.com or wwww.domainspats.com.

According to TechCrunch, this practice is affecting hundreds of thousands of sites hosted with Network Solutions.

Shame on Network Solutions. It’s not the first time they’ve been caught engaging in questionable behavior, and it almost certainly won’t be the last.

According to the temporary blog set up by MakeUseOf.com, the MakeUseOf.com domain was highjacked right out of the owner’s GoDaddy account.

According to the report, the attacker somehow got the GoDaddy account details by hacking into the account holder’s Gmail account. Apparently, social engineering was also used to convince GoDaddy to go ahead and transfer the domain immediately.

Official-looking e-mails are really attempts to steal your domains

Both eNom and Network Solutions, two very large registrars that handle millions of domain registrations, are the target of a major phishing attack. It is believed that the perptrator(s) purpose is to acquire the login details for victims’ domain registrar accounts and thereby steal or otherwise compromise their domain registrations.

The phishing warning on Network Solutions home page

Phishing warning on eNom

If you receive any e-mail about your domain registration (or any other online account you may have) you should never click any link in the e-mail. Go the website where you have your account by entering the address in the address bar of your browser.

And it never hurts to drop into your domain registrar account to double-check that your contact information (particularly your e-mail address) is current, and to lock your domain, if your registrar offers such an option.

The domain registrar Directi announced that it has suspended more than 175,000 domain names. Of those, over 50,000 were “involved in various types of abuse, such as spamming, phishing/spoofing, malware perpetration, suspected pedopornography, financial frauds and falsified ‘Whois’ information.”

Directi is targeting “bad actors” who engage in various forms of spam, phishing, and other harmful activities. For example, their analysis looked for bulk registrations of multiple domains with slight variations in the domain — e.g., 018xyz.com, 018xyb.com, 018xyzc.com, etc. — and for domains that use blacklisted nameservers.

Directi disabled their privacy protection service for more than 500,000 domain names.

The move has touched off a discussion at the WebmasterWorld forum over whether a registrar should act as “the domain police” or whether a registrar’s job is merely to register domains for paying customers.

The Sarasota Association of Realtors first charged one of its members, Marc Rasmussen, with an ethics violations, and then, after losing that case, dragged him to an ICANN hearing to get control of his domain.

Even though he won the ethics hearing, Rasmussen lost the ICANN arbitration, which ordered that the domain be transferred to SAR. He has filed a federal lawsuit to regain/retain control of his domain. Then, even though Network Solutions, the registrar of the domain, told him they would keep it in place and locked until the litigation was over, NetSol almost immediately transferred the domain to SAR, which promptly began redirecting it to their own lame site.

Read more about it here and here.