Hi, Maybe AuDa could use one of the methods the RBL lists do in identifying spam. Register a 100 or so domain names for internal use, make sure they are not advertised anywhere etc .. anyone who comes up with one of that names for any reason, has to have had access to the DB. This coupled with many other ideas would make the chances of getting caught a lot less remote. Think for a sec, someone posted all of jamesguys's domains in this very list, most of us realise the chances are that the list was gained by foul means. The person, using the devlish ploy of a yahoo address, knows that he/she has already beaten the powers that be. Is the auDA going to contact Yahoo and get the IP and whatever other detail that was used to reg the account? Is anything going to be done? Cheers Tony ----- Original Message ----- From: "Phil Wright" <newsstuff§network.au.com> To: <dns§lists.auda.org.au> Sent: Friday, July 25, 2003 10:06 AM Subject: [DNS] Gaping security flaw that may have helped domain name scammers > Enetica, one of Australia's largest auDA accredited Registrars, has > exposed a gaping security flaw that may have helped domain name > scammers. > > Domain name scammers that have plagued the industry for years use domain > name expiry dates to send fake invoices for domain renewals to unaware > consumers in an attempt to solicit overly expensive domain name > renewals. > > By visiting <https://www.enetica.com.au/register.cgi?action=renew> > https://www.enetica.com.au/register.cgi?action=renew, you can enter any > domain name administered by Enetica and have returned the expiry date. > Domain name scammers, like Domain Names Australia would find it very > easy to query 1,000's of domain names against this webpage and acquire > domain expiry dates for their dubious business. > > An example domain name you can query is "enetica.com.au" or > "hiltonsydney.com.au" > > Domain name owners whose names are administered by Enetica or their > resellers should be doubly vigilant about such domain renewal scams. > > An example of the results of such a query are: > > Error: Domain is not due for renewal. > > Thank-you for choosing to renew/transfer your domain name(s). However, > the domain 'hiltonsydney.com.au' does not expire until 18/06/2005. As > '.au' domains cannot be renewed prior to 90 days before their expiration > date, we cannot process a renewal for this domain at this time. Please > try again in 607 days (a renewal notice will be sent to the admin > contact for this domain when it is due for renewal) > > If you have other domains to renew/transfer, please press the back > button on your browser and edit the details on that page. > > Take a look at the screenshots > http://www.atlanticportfolio.com/enetica/enetica/ > > Instead of chasing tigers' tails and wasting industry development monies > on trivial legal pursuits, how about auDA put money and effort into > ensuring our privacy as consumers is protected and let the likes of the > legislative bodies like ACCC handle the scammers after all they actually > have a jurisdiction? > > Cheers > > Phil Wright > > > >Received on Fri Oct 03 2003 - 00:00:00 UTC
This archive was generated by hypermail 2.3.0 : Sat Sep 09 2017 - 22:00:07 UTC