ZARC Complaint 520952 spoof Petsplaceza.co.za
Dear ZARC
Hereby we wish to notify you that Complaint 520952 (Petsplaceza.co.za) submitted and acknowledged by you on 2024-01-24 has become moot. The scammer decided to abandon this domain six months after being reported to you, sadly also after twelve known victims.
However, this does beg the question, what restitution there is for the victims, having suffered losses at least a month after us jumping through all the bureaucratic ZARC hoops to submit an official complaint to you?
ZARC was supplied with all the pertinent information to show how the domain Petsplaceza.co.za is being used for fraud in a continuous pattern of systemic abuse in the ZADNS system, how it’s part of organized crime. Additionally, you were supplied with an additional report linking this malicious domain to other open South African Police cases. Example:
There were plenty of other such gems communicated and shared with you. It’s a fact that much less evidence is overly sufficient at other abuse report recipients for mitigation.
The complaint was brought in line with ZARC’s own ZA REGISTRY CONSORTIUM (ZARC) COMPLAINTS MANAGEMENT POLICY AND PROCESS, VERSION 001_OCTOBER 2022:
ZARC’s Take Down Policy No.001 of 2022 has this to say:
We even took the liberty of pointing out the definitions of fraud in our report to you, so that there could be no misunderstanding:
Yet somehow, despite having more than sufficient evidence for ZARC to live up to it’s stated policies, ZARC somehow ignored this untenable situation. On 2024-02-06 a follow-up query email was sent to ZARC which was ignored. Then “potentially prejudicial” became real; the victims started reporting losses with the first such report received 2024/02/20. An attempt at phoning in to ZARC and querying this complaint, resulted in a response that it was at Legal, but nobody at Legal answered the phone when the call was tranferred.
On 2024/04/29, an email was sent to ZADNA, ZARC and the Minister of Communications and Digital Technologies (then Minister Mondli Gungubele), also the South African Police on this situation, also the profuse DNS abuse in other areas like RFQ scams.
This resulted in a response from ZARC:
This was the only reply received, no response from any of the other parties addressed.
No further promised update was received from ZARC either, though.
Considering the list of victims and the dates these were reported, vs the initial complaint’s date, the victims’ losses were totally preventable.
These are South Africans that shared full details of their victimization with us, reports that included details of bank accounts etc used. Additionally there were another five victims we know of, victims that were not willing to share further details with us, making it twelve known and totally unnecessary victims, had ZARC lived up to it’s publicly stated policies.
The owner of the entity spoofed, was also a victim numerous times, having to field accusations. In our report to you, it was motivated why this is not an ADR issue, rather a fraud issue. No legitimate business owner should be held to ransom to follow the not free ADR system to protect South African consumers against fraud. The resulting harm was however predictable and immense, yet lost on ZARC.
It is also worthwhile pointing out that, while we say 2024-01-24 was the date of the official complaint to ZARC, ZARC had received a heads up regarding this malicious domain on 2024-01-15 already in a joint email to abuse@1api.net and abuse@zacr.co.za which resulted in the following reply from 1API on 1API GMBH TICKET ID: #2127981:
This email was received by ZARC as was shown in a later report. The above template response from ZARC’s registrar 1API, received by many parties sending abuse reports to them, makes a mockery of ZARC’s own Takedown policy
Yet ZARC is aware of this template reply even still used today. This guarantees abuse, a jurisdiction shift for law enforcement in what will follow, fraud. What was trivially easy to prevent, suddenly become a profit center for criminals abusing the ZA DNS system since the loss has to be large before the South African Police will put the effort into obtaining information from a reseller in another country, which requires complex time consuming and expensive legal processes. This dooms victims to zero restitution. Yet ZARC, 1API and Godaddy knows this better than anybody else.
Considering there may be more such victims to the domain PetsPlaceza.co.za, this begs the question as to why all these South Africans were scammed? It also begs the question as to who do we hold responsible? “The scammers” would be an easy answer, also a cop out. Does ZARC not have some responsibility here? What about the reseller 1API serially absolving themselves from their responsibility, continuously passing the buck to GoDaddy who simply doesn’t care? It’s no coincidence that this is one of the most used channels for abuse of DNS ZA domains in all types of fraud.
Yet, all that South Africans can do is report this Police Number CAS Factory‘s products, while simply having to accept it? Banks are held accountable for money laundering, yet the CAS Number Factory and downstream partner’s somehow have license to profit off these same criminal activities?
Dare we point out that ZARC knows about this ongoing situation, that domain Petsplaceza.co.za is but only one such domain regularly scamming South Africans with impunity? ZARC and ZADNA were shown what information that is freely available to them, OSINT information meticulously documented. Ironically Godaddy’s abuse team as well.
ICANN regularly talks about trusted abuse reporters and their role in fighting DNS abuse. Artists Against 419 fulfills such a role at numerous registrars and registries, receives queries from some of them on issues we have not even reported. South Africa has one of the largest anti-scam communities where consumers are doing a stellar task defending their fellow South Africans, yet this somehow does not translate into ZARC and ZADNA being able to keep its own DNS system clean, guaranteeing criminals that they will profit from abuse of ZA’s DNS system.
In Australia, the exact same model with a fraction of a percentage of the South African consumer base manages to protect their DNS system, where the average lifetime of a malicious domain once reported, is less than a day.
It actually does get worse. Remember the snapshots from https://petsplaceza.co.za/beagle vs https://puppylovesa.co.za za/beagle?
What do we do here, considering nobody cares and not even official complaints as per ZARC’s own prescribed policies helps since ZARC doesn’t adhere to them?
http://petskennelza.co.za/beagle
‘Insanity is doing the same thing over and over again and expecting different results.’
- The result for the fraudsters will be more handsome paydays.
- The result for the victims will be financial loss, identity theft, intimidation, heartache and more disenfranchisement via their own .ZA DNS system.
- The results for ZADNA, ZARC is just another domain sale to congratulate themselves upon, recklessly disregarding the real cost to South Africa, while registrars such as 1API (and their reseller Godaddy) and certain similar Can’t-Care ZARC channels also profit off crime against South Africans.
- The results for abuse reporters will be more frustration using the stated policies.
We will be attempting to break this cycle of abuse and insanity in the ZA DNS system. The ZA DNS system should not be a bullet-proof toy in the hands of criminals.
Artists Against 419 has shown itself to be trusted abuse reporters, verifying South African abuse reports, allowing it’s resources to be used to also protect South Africans.
ZARC has not reciprocated and cannot currently be considered trusted recipients of reports honouring its own stated policies, nor can we have faith that such reports won’t get lost in it’s system. Until normality and sanity returns to ZACR, all interaction will be done with maximum transparency for all of South Africa to see.
Regards,
Artists Against 419 and South African Citizens