[CPWG] Interesting domain theft statistic

Theo Geurts atlarge at dcx.nl
Wed Nov 24 12:21:39 UTC 2021 

Here is an interesting case on how far some of these thiefs go to obtain valuable domains. 
https://domaingang.com/domain-crime/warning-tilt-com-is-currently-a-stolen-domain-name/
Also demonstrates having data public can be dangerous for your opsec. 

Best, 
Theo 

On Wed, Nov 24, 2021, at 10:38 AM, John McCormac via CPWG wrote:
> On 24/11/2021 05:34, Alan Greenberg via CPWG wrote:
> > In our discussions related to the Transfer Policy PDP, the issue of 
> > domain hyjacking and other nefarious actions has come up often, with 
> > some people claiming it is a major issue and others that it is not. I 
> > just cam across an interesting  tidbit.
> > 
> > If you register a domain with GoDaddy, one of the things that pops up 
> > (encouraging you to purchase a service from them) is the attached image.
> > 
> > I have no idea where the statistic of 170,000 attempted domain thefts 
> > per year comes from.
> > 
> 
> It may be based on Godaddy's experience, Alan,
> It is the largest gTLD registrar on the web and owns a number of other 
> registrars, brand protection registrars and ccTLD registrars. Like most 
> of the larger registrar operators, it is a bit of an iceberg with a 
> recognisable large brand on many other brands acquired through takeovers 
> of other registrars and businesses over the years.
> 
> Some of the mentions of stolen domain names that appear on the various 
> domainer fora mention that their registrant's logins were compromised as 
> part of the theft. This is often down to phishing e-mails sent to the 
> registrant purporting to be from the registrar.
> 
> High profile brand domain names are often on brand protection registrars 
> and it is typically ordinary registrants and SMEs that are targeted. 
> These are the people that the the 60 day transfer lock manages to protect.
> 
> The ordinary registrant may not even know that ICANN exists or the 
> process for reversing a domain theft.
> 
> Some of the arguments on getting rid of the 60 day lock and the opt-in 
> proposals on the Zoom meetings can only have come from being unaware of 
> the issue domain name thefts.
> 
> The registrants of domain names that are unused as e-mail domain names 
> or developed websites may even be unaware that their domain name has 
> been stolen until it is too late. Most of the time, the targets are high 
> value domain names (short, keyword, short numerical and brand) that can 
> be converted to cash by a quick resale on domain name auction/sales 
> sites. By the time that the domain name has been resold, it can have 
> moved through a number of registrars.
> 
> The gTLD market may be more affected by domain name theft due to global 
> market for most domain names and the ease with which the stolen domain 
> name can be converted to cash. The ccTLD markets are much smaller in 
> scale and some have a more complex transfer process with a pro-active 
> single registry being the final authority. With ccTLDs, cybersquatting 
> and trademark infringement may be larger problems.
> 
> The worst case scenario is when a gTLD registrar gets compromised. As 
> the Epik data breach demonstrated, this happens and there is often a 
> scramble to secure affected domain names before they are transferred 
> out. That 60 day lock is a failsafe.
> 
> Regards...jmcc
> -- 
> **********************************************************
> John McCormac  *  e-mail: jmcc at hosterstats.com
> MC2            *  web: http://www.hosterstats.com/
> 22 Viewmount   *  Domain Registrations Statistics
> Waterford      *  Domnomics - the business of domain names
> Ireland        *  https://amzn.to/2OPtEIO
> IE             *  Skype: hosterstats.com
> **********************************************************
> 
> -- 
> This email has been checked for viruses by AVG.
> https://www.avg.com
> 
> _______________________________________________
> CPWG mailing list
> CPWG at icann.org
> https://mm.icann.org/mailman/listinfo/cpwg
> 
> _______________________________________________
> By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mm.icann.org/mailman/private/cpwg/attachments/20211124/84f5fa71/attachment.html>

More information about the CPWG mailing list