[gnso-rds-pdp-wg] Some reasoning about non-contact-data (was Re: key concepts: say "contact data" when that is what we mean)
Rob Golding
rob.golding at astutium.com
Sat Dec 10 03:00:46 UTC 2016
> How does showing a domain's status fields "increase the 'criminal
> activity' regarding a domain name"?
Simply that domain thieves have learned to concentrate on trying
fake-transfers only with a domain that says status "ok".
Almost the only use of our fax in recent years have been dodgy transfer
attempts on domains which are not locked, so showing it in my experience
is inviting fraud/criminal-activity etc
I've also been one of those taking calls from people attempting "social
engineering" to gain access to or control over a domain, and those
domains are invariablly shown as "ok" due to the status flags
> How does showing a domain's
> create and expiration dates "increase abuse/malicious activity"?
Expiry date gets used by the masses of scum who send fake notices of
renewal, fake directory listings.
Creation date is used by mass spammers for SEO offers, web-design offers
and so on - the amount of those on domains less than a year old is
significantly higher than on established domains
Similarly we've had numerous registrants scammed (and just as many
complaining) because they register a domain, and then get bombarded by
fraudsters with offers of other domains etc
- whilst I know a lot of that is scammers utilising the zone files and
determining the changes, in a considerable number of cases the creation
date is used/mentioned
A relatively common one is for a registrant to get a call which starts
like
"Hi we're from (registrar) [outright lie] and the domain (domain-name)
you registered on (creation date) is held with a question over payment,
can you just confirm the method you used ...."
> As someone who's studied the criminal use of domains for many years,
We see almost no "criminal use" of domains - mostly we do see criminal
attempts to get hold of domains (through theft or payment fraud), and
abuse of services that a domain is being used to point at
> In fact, domain
> status and date information is important to people who investigate
> abuse or many want to make judgements about the trustworthiness of a
> domain.
Yes, something that is (in my experience) to the overall detriment of
the Registrant and Registrar is "useful" to A-N-Other-party (whether
that is valid/legal/whatever or not) - this is always going to be the
issue with "data"
Rob
More information about the gnso-rds-pdp-wg
mailing list