A recent article in “Network World” says that domain-name abuse is proliferating, and cyber criminals are stealing from registrars around the world at an unprecedented rate. According to the story, thieves are “amassing domain names by registering them under phony information, paying with stolen credit cards or hard-to-trace digital currencies.” Then, criminals are breaking into legitimate domain-name accounts.
Phony domain names play a key role in phishing and other cybercrimes.
To give you an example of the problem, in the story, ScanSafe researcher Mary Landesman reported that in August she found a handful of Go Daddy domains “were being farmed out for use in three distinct botnet-controlled SQL injection attacks against Web sites in India, U.S. and China.”
But Landesman says the problem’s not with GoDaddy, which manages 36 million registered domains and suspends and kills hundreds each week. Rather, it is with “the entire domain-name registration system, along with the faulty Whois database of registrant information (overseen by ICANN) that contains fake data, even total gibberish.”
This is an important story to read because it highlights the dangers for both server providers and their customers. What we need is reform of the domain-name registration process, and now! Check out the story here.