ICANN/GNSO GNSO Email List Archives


<<< Chronological Index >>>    <<< Thread Index >>>

[whois-sc] Article on Domain-Name-Based Scams

  • To: <whois-sc@xxxxxxxx>
  • Subject: [whois-sc] Article on Domain-Name-Based Scams
  • From: "Ken Stubbs" <kstubbs@xxxxxxxxxxx>
  • Date: Mon, 6 Oct 2003 15:54:35 -0400
  • Sender: owner-whois-sc@xxxxxxxxxxxxxx


Net Cop: Crime Pays for Web`s Domain Name Vendors

October 06, 2003 12:48:41 (ET)

By Bernhard Warner, European Internet Correspondent

LONDON (Reuters) - Fraudsters and pedophiles are using lax Web site registration policies to commit an increasingly elaborate web of cyber crime, Britain's top cyber cop said on Monday.

In an interview on Monday with Reuters, Detective Chief Superintendent Len Hynds, head of the UK's National Hi-Tech Crime Unit (NHTCU), called on the legion of domain name resellers to stop the "no-questions-asked" practice of selling Web site names.

"We need to have more confidence around domain name selling," said Hynds in a rare interview. "How can it be that you can buy a domain name that is so similar to your high street bank? It just doesn't seem right to me."

An increasingly popular scam hitting financial institutions and retailers is known as "Web site spoofing" in which a fraudster acquires a Web site name that closely resembles a bank or business's Web site.

Under one such scam, the fraudster sends e-mail messages en masse to random Internet users telling them to visit an authentic looking Web site where they are required to input their banking or credit card details.

In order to work, the scam requires a lot of luck and even more gullibility on the user's part. It takes just one e-mail respondent to follow the trail to net the fraudster a tidy gain.

In the past month, UK retail banking giants Barclays Plc and Lloyds TSB have fallen victim to a Web site spoofing scam. The banks quickly issued statements to customers alerting them to the scam. In the Lloyds case, police took the site offline, the bank told Reuters on Friday.

Hynds said pedophilia rings are also setting up shop online registering Web site domains that carry telltale names of the trade such as "Lolita" or "underagesex."

"That's even more difficult to defend. But people I've been speaking to say there is no human interface with that process," Hynds said.

He added he has met with UK-based domain name registrants, to little or no avail.

Domains are sold by companies ranging from small Internet service providers to major corporations such as Yahoo Inc. and Verisign Inc.

The discussions have failed to ignite any policy changes, mainly because domain name sellers have established an automated process to handle the brisk business.

© Copyright 2001 Reuters. 

<<< Chronological Index >>>    <<< Thread Index >>>