Browsed by
Category: whois

Domain registration details

Security broken. WHOIS it?

Security broken. WHOIS it?

As a consumer of WHOIS data in our attempt at fighting cyber fraud, we noticed WHOIS lookups failing the past day and a bit. This failure was noticed using various utilities across various platforms and locations. Further investigations shows the gTLD registry data format had changed for .net and .com domains, specifically the format line to the registrar’s WHOIS server. As per the ICANN specifications, and how it was, this should be the registry format (bold for the sake of…

Read More Read More

Malicious Domains: Heroes and Facilitators

Malicious Domains: Heroes and Facilitators

In a new pending report from the United States Better Business Bureau, they are looking at a new plague that’s hit the United States and the world. While we will not steal their thunder in this most excellent report and the revelations contained in it, it does illustrate certain underlying issues, malicious domains controlled from West Africa. Let’s get some facts straight: A domain registered by a malicious party for malicious purposes, is malicious. This is simple undeniable logic. Such…

Read More Read More

Alert: fastweedonline.com: What you might need to know

Alert: fastweedonline.com: What you might need to know

Domain fastweedonline.com  is currently registered with ICANN accredited registrar Namesilo: Domain Name: fastweedonline.com Registry Domain ID: 1944472965_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namesilo.com Registrar URL: https://www.namesilo.com/ Updated Date: 2017-05-10 Creation Date: 2015-07-04 Registrar Registration Expiration Date: 2020-07-04 Registrar: NameSilo, LLC Registrar IANA ID: 1479 Registrar Abuse Contact Email: abuse@namesilo.com Registrar Abuse Contact Phone: +1.4805240066 Status: clientTransferProhibited This domain is shielded via Namesilo’s associated PrivacyGuardian.org proxy service. Registrant Name: Domain Administrator Registrant Organization: See PrivacyGuardian.org Registrant Street: 1928 E. Highland Ave. Ste F104…

Read More Read More

Understanding the Cameroonian Pet Scam

Understanding the Cameroonian Pet Scam

In a previous article we mentioned that not much is known about the Cameroonian Pet Scam or this type of fraud emanating from West Africa. We mentioned the pet scam, the weed scam and stolen credit card details. This article quickly looks at one scammer found that will illustrate this type of cyber-crime.

A Tale of Two Fraud Facilitators: Ladette and Guy

A Tale of Two Fraud Facilitators: Ladette and Guy

The question has often been asked: How large are the scammers nests? In the previous post, From Benin: A Loan Scam Syndicate, we explored a syndicate operating from Benin, defrauding consumers mainly in Europe, the United Kingdom and Canada, having over 300 domains. To show this is not an isolated incident and that domain fraud abusing fake domain registration details is rife, we will now look at two identified facilitators in Nigeria working in concert. First a female was identified…

Read More Read More

Whoisguard: A proxy for crime targeting the USA from the USA?

Whoisguard: A proxy for crime targeting the USA from the USA?

 Background: A domain proxy is a system whereby a domain owner, the registrant,  hides his or her details for a domain registration behind a registrar or reseller’s proxy. The proxy owner substitutes his own details for those of the registrant, the domain owner. This is a great shield for legitimate users wishing to protect their privacy, but also attracts malicious registrants using fake registration details.