[CPWG] Interesting domain theft statistic
Theo Geurts
atlarge at dcx.nl
Wed Nov 24 12:21:39 UTC 2021
Here is an interesting case on how far some of these thiefs go to obtain valuable domains.
https://domaingang.com/domain-crime/warning-tilt-com-is-currently-a-stolen-domain-name/
Also demonstrates having data public can be dangerous for your opsec.
Best,
Theo
On Wed, Nov 24, 2021, at 10:38 AM, John McCormac via CPWG wrote:
> On 24/11/2021 05:34, Alan Greenberg via CPWG wrote:
> > In our discussions related to the Transfer Policy PDP, the issue of
> > domain hyjacking and other nefarious actions has come up often, with
> > some people claiming it is a major issue and others that it is not. I
> > just cam across an interesting tidbit.
> >
> > If you register a domain with GoDaddy, one of the things that pops up
> > (encouraging you to purchase a service from them) is the attached image.
> >
> > I have no idea where the statistic of 170,000 attempted domain thefts
> > per year comes from.
> >
>
> It may be based on Godaddy's experience, Alan,
> It is the largest gTLD registrar on the web and owns a number of other
> registrars, brand protection registrars and ccTLD registrars. Like most
> of the larger registrar operators, it is a bit of an iceberg with a
> recognisable large brand on many other brands acquired through takeovers
> of other registrars and businesses over the years.
>
> Some of the mentions of stolen domain names that appear on the various
> domainer fora mention that their registrant's logins were compromised as
> part of the theft. This is often down to phishing e-mails sent to the
> registrant purporting to be from the registrar.
>
> High profile brand domain names are often on brand protection registrars
> and it is typically ordinary registrants and SMEs that are targeted.
> These are the people that the the 60 day transfer lock manages to protect.
>
> The ordinary registrant may not even know that ICANN exists or the
> process for reversing a domain theft.
>
> Some of the arguments on getting rid of the 60 day lock and the opt-in
> proposals on the Zoom meetings can only have come from being unaware of
> the issue domain name thefts.
>
> The registrants of domain names that are unused as e-mail domain names
> or developed websites may even be unaware that their domain name has
> been stolen until it is too late. Most of the time, the targets are high
> value domain names (short, keyword, short numerical and brand) that can
> be converted to cash by a quick resale on domain name auction/sales
> sites. By the time that the domain name has been resold, it can have
> moved through a number of registrars.
>
> The gTLD market may be more affected by domain name theft due to global
> market for most domain names and the ease with which the stolen domain
> name can be converted to cash. The ccTLD markets are much smaller in
> scale and some have a more complex transfer process with a pro-active
> single registry being the final authority. With ccTLDs, cybersquatting
> and trademark infringement may be larger problems.
>
> The worst case scenario is when a gTLD registrar gets compromised. As
> the Epik data breach demonstrated, this happens and there is often a
> scramble to secure affected domain names before they are transferred
> out. That 60 day lock is a failsafe.
>
> Regards...jmcc
> --
> **********************************************************
> John McCormac * e-mail: jmcc at hosterstats.com
> MC2 * web: http://www.hosterstats.com/
> 22 Viewmount * Domain Registrations Statistics
> Waterford * Domnomics - the business of domain names
> Ireland * https://amzn.to/2OPtEIO
> IE * Skype: hosterstats.com
> **********************************************************
>
> --
> This email has been checked for viruses by AVG.
> https://www.avg.com
>
> _______________________________________________
> CPWG mailing list
> CPWG at icann.org
> https://mm.icann.org/mailman/listinfo/cpwg
>
> _______________________________________________
> By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mm.icann.org/mailman/private/cpwg/attachments/20211124/84f5fa71/attachment.html>
More information about the CPWG
mailing list