[gnso-rds-pdp-wg] Use Case - False registration data to appear as Facebook owned domain name

Volker Greimann vgreimann at key-systems.net
Tue Aug 2 08:18:50 UTC 2016 

Hi Susan,

depending on how that registrars validation system is set up, it may 
merely need a response to the verification request from any email, 
provided certain triggers are included. I do not know the details, but 
is it conceivable you accidentally verified the address in your response?

Just trying to guess what happened.

Volker



Am 01.08.2016 um 19:28 schrieb Susan Kawaguchi:
> No auto response on Domain at fb.com.  Not validated.
> Susan Kawaguchi
> Domain Name Manager
> Facebook Legal Dept.
>
>
> From: <gnso-rds-pdp-wg-bounces at icann.org 
> <mailto:gnso-rds-pdp-wg-bounces at icann.org>> on behalf of Volker 
> Greimann <vgreimann at key-systems.net <mailto:vgreimann at key-systems.net>>
> Date: Monday, August 1, 2016 at 10:13 AM
> To: "gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>" 
> <gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>>
> Subject: Re: [gnso-rds-pdp-wg] Use Case - False registration data to 
> appear as Facebook owned domain name
>
> Possibly the response was received, automatically noted as a valid 
> response from that email address and presto: validated!
>
> Volker
>
>
> Am 01.08.2016 um 19:07 schrieb benny at nordreg.se:
>>
>> Yes I am aware of that but status on the domain per today indicates 
>> that it’s validated already, thats why I asked.
>>
>> --
>>
>> Med vänliga hälsningar / Kind Regards / Med vennlig hilsen
>>
>>
>> Benny Samuelsen
>> Registry Manager - Domainexpert
>>
>> Nordreg AB - ICANN accredited registrar
>>
>> IANA-ID: 638
>>
>> Phone: +46.42197080
>> Direct: +47.32260201
>> Mobile: +47.40410200
>>
>> *From: *Susan Kawaguchi <susank at fb.com>
>> *Date: *Monday 1 August 2016 at 19:04
>> *To: *Benny Samuelsen <benny at nordreg.se>, "gnso-rds-pdp-wg at icann.org" 
>> <gnso-rds-pdp-wg at icann.org>
>> *Subject: *Re: [gnso-rds-pdp-wg] Use Case - False registration data 
>> to appear as Facebook owned domain name
>>
>> The registrar sent an email to Domain at fb.com which I received but I 
>> immediately responded it was not a valid registration and asked for 
>> transfer.  No word yet.
>>
>> All phishers need is a few days to use the domain name.
>>
>> Susan Kawaguchi
>>
>> Domain Name Manager
>>
>> Facebook Legal Dept.
>>
>> *From: *"benny at nordreg.se <mailto:benny at nordreg.se>" 
>> <benny at nordreg.se <mailto:benny at nordreg.se>>
>> *Date: *Monday, August 1, 2016 at 10:01 AM
>> *To: *Susan kawaguchi <susank at fb.com <mailto:susank at fb.com>>, 
>> "gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>" 
>> <gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>>
>> *Subject: *Re: [gnso-rds-pdp-wg] Use Case - False registration data 
>> to appear as Facebook owned domain name
>>
>> Curious, how did it get validated?
>>
>> --
>>
>> Med vänliga hälsningar / Kind Regards / Med vennlig hilsen
>>
>>
>> Benny Samuelsen
>> Registry Manager - Domainexpert
>>
>> Nordreg AB - ICANN accredited registrar
>>
>> IANA-ID: 638
>>
>> Phone: +46.42197080
>> Direct: +47.32260201
>> Mobile: +47.40410200
>>
>> *From: *<gnso-rds-pdp-wg-bounces at icann.org 
>> <mailto:gnso-rds-pdp-wg-bounces at icann.org>> on behalf of Susan 
>> Kawaguchi <susank at fb.com <mailto:susank at fb.com>>
>> *Date: *Monday 1 August 2016 at 17:17
>> *To: *"gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>" 
>> <gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>>
>> *Subject: *[gnso-rds-pdp-wg] Use Case - False registration data to 
>> appear as Facebook owned domain name
>>
>> Hello All,
>>
>> Attached is a use case we run into frequently, bad actors will use 
>> valid Facebook information in the registration data to make the 
>> registration to appear authentic.
>>
>> Best regards,
>>
>> Susan Kawaguchi
>>
>> Domain Name Manager
>>
>> Facebook Legal Dept.
>>
>>
>>
>> _______________________________________________
>> gnso-rds-pdp-wg mailing list
>> gnso-rds-pdp-wg at icann.orghttps://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>
> -- 
> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
>
> Mit freundlichen Grüßen,
>
> Volker A. Greimann
> - Rechtsabteilung -
>
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901
> Fax.: +49 (0) 6894 - 9396 851
> Email:vgreimann at key-systems.net
>
> Web:www.key-systems.net  /www.RRPproxy.netwww.domaindiscount24.com  /www.BrandShelter.com
>
> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
> www.facebook.com/KeySystemswww.twitter.com/key_systems
>
> Geschäftsführer: Alexander Siffrin
> Handelsregister Nr.: HR B 18835 - Saarbruecken
> Umsatzsteuer ID.: DE211006534
>
> Member of the KEYDRIVE GROUP
> www.keydrive.lu  
>
> Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.
>
> --------------------------------------------
>
> Should you have any further questions, please do not hesitate to contact us.
>
> Best regards,
>
> Volker A. Greimann
> - legal department -
>
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901
> Fax.: +49 (0) 6894 - 9396 851
> Email:vgreimann at key-systems.net
>
> Web:www.key-systems.net  /www.RRPproxy.netwww.domaindiscount24.com  /www.BrandShelter.com
>
> Follow us on Twitter or join our fan community on Facebook and stay updated:
> www.facebook.com/KeySystemswww.twitter.com/key_systems
>
> CEO: Alexander Siffrin
> Registration No.: HR B 18835 - Saarbruecken
> V.A.T. ID.: DE211006534
>
> Member of the KEYDRIVE GROUP
> www.keydrive.lu  
>
> This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
>
>
>

-- 
Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.

Mit freundlichen Grüßen,

Volker A. Greimann
- Rechtsabteilung -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreimann at key-systems.net

Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com

Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
www.facebook.com/KeySystems
www.twitter.com/key_systems

Geschäftsführer: Alexander Siffrin
Handelsregister Nr.: HR B 18835 - Saarbruecken
Umsatzsteuer ID.: DE211006534

Member of the KEYDRIVE GROUP
www.keydrive.lu

Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.

--------------------------------------------

Should you have any further questions, please do not hesitate to contact us.

Best regards,

Volker A. Greimann
- legal department -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreimann at key-systems.net

Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com

Follow us on Twitter or join our fan community on Facebook and stay updated:
www.facebook.com/KeySystems
www.twitter.com/key_systems

CEO: Alexander Siffrin
Registration No.: HR B 18835 - Saarbruecken
V.A.T. ID.: DE211006534

Member of the KEYDRIVE GROUP
www.keydrive.lu

This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20160802/acc1bdfe/attachment.html>

More information about the gnso-rds-pdp-wg mailing list