Domain Registrars Identified Web Addresses Referred in Spam
The Internet's main governing body, ICANN (The Internet Corporation for Assigned Names and Numbers) said on October 15, 2008 that a German organization, Joker.com and a Chinese organization, DNS.com.cn are selling domain addresses connected to spam mails.
Anti-spam site Knujon.com stated that spammers appear to prefer Websites registered through DNS.com.cn and Joker.com. After exhaustively analyzing junk e-mails for six months, Knujon discovered that 3.3% of Websites registered with DNS.com.cn, over 10,000 in total, referred in spam mails. And over 9,000 Websites registered with Joker.com, 1.42% in total were also linked to spam mails.
Furthermore, Knujon ranked both organizations, commonly known as registrars as they permit Web users to register domain on the Web, among the most awful ten sites sending spam mails as well as being non-compliant with ICANN rules.
Additionally, the Web security specialists stated that the spammers and other cyber-crooks that manipulate Web pages to trade fake products, propagate malware or steal identities, seldom provide accurate WHOIS information and sometimes provide none at all. WHOIS information is referred to a protocol applied to request an authorized database so as to figure out the owner of an IP address, a domain name, or an independent system number online, as reported by Middle East Times on October 2, 2008.
Furthermore, Garth Bruen, Founder of Knujon, an anti-spam promotion group, said that there are certain domain registrars which facilitated criminal operations on the internet by not being particular about the registrants who purposely provided incomplete or false WHOIS information, as reported by MediaCircus on October 14, 2008.
Moreover, Mr. Bruen said that out of all Web addresses advertised in spam, 90% had been taken on lease by only 20 registrars.
ICANN said that it has sent a notice of breach to both the registrars for domains.
However, Joker.com has responded to the notice saying that it suspended the domains providing incomplete or false information.
Security specialists said that applying a year-long process to levy what is really a wrist-slap maneuver for permitting spammers to establish domains with incomplete/false information and subsequently withdrawing could be a great starting point.
Related article: Domain Kiting and Typosquatting – New Dangers of Malware
» SPAMfighter News - 23-10-2008