Is This A Scam?

Pulling Hair DFCThis is a story about fake registrations of domain names in Australia.

What I mean by “fake registrations” is that I believe some people are using the ABN or ACN details of legitimate companies or businesses to purchase domain names at the expired domain auctions.

I’m not sure how many times this has happened, but I first raised this about a suspicious transaction supposedly involving the National Australia Bank. Have a look at my Daily Snippets post back on 2nd May – “Is This Legit?“.

Then I noticed that a domain investor raised a similar issue on DNTrade earlier this month. This has apparently been reported to Netfleet by the legitimate owner of the business. And not just once either – ticket after ticket apparently goes unanswered.

So I did some further digging, and now believe this is more of a widespread problem. And not only for the person above (where I found at least a further dozen names that had also been purchased using his details).

I have so far discovered a number of highly suspicious registrations, and I believe I am probably only scratching the surface. For example, health-clinic.com.au and bestofwa.com.au were recently bought at the expired auctions by a company supposedly called Bremco Metal Products based in Queensland. If you compare the WhoIs details of these two domains with that of Bremco.com.au (the website for Bremco Metal Products), there is one subtle difference. You guessed it! It’s the email address.

Now I may be wrong, and if I am, I apologise. However, this just doesn’t pass the sniff test.

It seems to be only happening on Netfleet, though in fairness to them, once again I may be incorrect (perhaps it is more noticeable given that they win 95% of drops). Hopefully, they will now take some action.

I must stress that I am not accusing Netfleet of doing anything untoward – it’s just that their platform is being used (by some) in a manner that it shouldn’t be.

How Does This Happen?

Very easily.

  • Select any random business and get their ABN or ACN.
  • Create throwaway email address with someone like Google or Yahoo or Outlook.
  • Purchase disposable or rechargeable Visa or Mastercard debit card at somewhere like Woolworths or Coles. Or even worse, use someone else’s credit card details without their knowledge.
  • Armed with the above, create online account with Netfleet (takes a couple of minutes).
  • Start trading.

How Does This Affect The Integrity Of The .au Namespace?

Do I really need to bullet point this? 😉 Oh alright, here’s a few reasons:

  • The .au namespace is highly regulated by auDA in order to protect it’s hard won integrity. Therefore, every registrant must be eligible to purchase a domain. No ifs, buts, or maybe’s.
  • Registrants must be Australian; or at least eligible to do business in Australia. i.e. they must for instance have an ABN or ACN; or a trademark / trademark application.
  • An unsuspecting business owner could unwittingly become a cybersquatter by virtue of some “nice person” using their details to purchase a domain name that used to belong to a brand or business.
  • These “new buyers” could outbid genuine businesses who are seeking to purchase a domain name for their operation.

There are plenty more when you think about it.

auDA’s Role

As the administrator of the .au domain namespace, one of auDA’s primary responsibilities is to preserve policy integrity.

Here are two relevant clauses from the 2012-04 – Domain Name Eligibility and Allocation Policy Rules for the Open 2LDs

4.1 It is the responsibility of auDA to preserve the integrity of the .au domain by ensuring that the policy rules are applied correctly and enforced as necessary. auDA reserves the right to revoke any domain name licence that has been granted, or subsequently held, in breach of the relevant policy rules.

5.1 Where auDA considers on reasonable grounds that a registrant has made a false warranty to the registrar regarding their compliance with the policy rules, or otherwise acted in bad faith in order to obtain the domain name licence, auDA reserves the right to revoke the domain name licence.

So I believe auDA needs to step up to the plate here, and nip this type of activity in the bud.

What do you think?


Disclaimer by Ned O’Meara – Webmaster
Disclaimer 2

 

 

 

 

 

6 thoughts on “Is This A Scam?

  • May 20, 2016 at 1:14 pm
    Permalink

    Ned,

    Thanks for bringing this to my attention, as a drop catcher my company (Domain Shield) also needs to be concerned about this type of activity since it has the potential to occur at any .au registrar.

    I would like to point out that this is a difficult activity to address as a Registrar as we need to have a legitimate complainant (ie we need to be in contact with the owner of the ABN/ACN that has potentially been used fraudulently).

    In the case on dntrade which you linked to, where the ACN/ABN owner was in contact with the registrar I am confident it can be resolved relatively quickly.

    However the examples you have quoted here are more difficult to resolve unless someone gets in contact with the actual owners of the ABN/ACNs and convinces them to lodge a complaint. In my experience this takes a few weeks and would be a massive drain on any Registrar’s resources to investigate.

    It also raises another interesting dilemma. This one occurs when the scammer is successful and “sells” the domain back to the old owner and does not bother to do a Change of Registrant. When this happens the domain could potentially be investigated and then Policy Deleted which puts it back onto the drop lists. The old owner could potentially have to buy it again from a drop catcher or it could get picked up by a domain investor and they may have to face buying it from a legitimate domain investor. Whatever happens at that point is anyone’s guess but I am reasonably confident that the old owner is going to be moaning in the pub on Friday afternoon about being scammed by auDA, drop catchers and domain investors (all of whom tried to do the right thing) and will have forgotten all about the original scammer who fleeced him (or her) for $150.

    In my experience this is a complicated problem to address so I don’t expect to see any quick resolution in these issues but it is a good conversation to have. Hopefully potential scammers don’t read this blog and use it to get tips on how to abuse the system.

    Regards
    Anthony

    • Ned O'Meara
      May 20, 2016 at 3:34 pm
      Permalink

      @Anthony – you’ve raised some really good points.

      I was trying to work out the angle of some of these “scammers” – how would they easily make money? And you’ve basically answered it for me.

      Given that some of these domains are actually resolving to the original sites (even though they were expired domains), it appears as if the “scammers” have cut a deal with the original registrants. A bit like ransomware on your computer!

      All of us who have picked up domains on the drops have had an email from a previous registrant saying “you’ve got my domain”. And sometimes we do a deal and give them back their old domain for a small consideration.

      The difference however between the “scammers” and us is that we do a Change of Registrant back to the original registrant. None of the domains that now point to the old sites reflect the previous registrant’s details on the WhoIs. Hmmm! I wonder how that’s all going to get sorted out?

  • May 21, 2016 at 12:42 am
    Permalink

    If we, as domainers, see this again, can’t we just complain to auDA to check that the ABN/ACN is legitimate? Once they see it isn’t, they revoke the names. You’d think if these “scammers” have their name taken off them a few times, and waste their money, they will stop doing it?

    Perhaps we all actively monitor closely over the next few months, take the time to complain for these legitimate reasons, to put a stop to this?

    I for one have never made an auDA complaint, but this exact scenario, if it’s playing out like you suggest, Neddy, and it certainly looks that way, is just plain unfair and should be monitored and stopped.

    • Ned O'Meara
      May 21, 2016 at 2:12 am
      Permalink

      @Robert – I think we have to be vigilant, as these scammers are having a real go at the moment.

      However, as Anthony said to me today, it’s hard to police – these scammers can (and do) at random pick anyone’s ABN or ACN. Hard to know what’s genuine and what’s not. We were lucky to identify these ones.

      If you do suspect any domains as being dodgy, I’d be really happy if you let me know!

    • May 23, 2016 at 12:08 pm
      Permalink

      Robert,

      Lodging a complaint with auDA is limited to specific breaches of policy. Our industry is on the receiving end of complaints so sometimes it feels like it might be easy to lodge a complaint but in reality auDA actually block a majority of attempted complaints.

      In a scenario like the one described here where you think an ABN/ACN has been used without the companies permission it would be necessary for you to actually have a relationship with that company so you can be sure an issue has actually occurred before lodging a complaint. This makes sense since auDA cannot just investigate every single complaint lodged based on an individuals suspicions.

      I think might be better to seek some clarity from Netfleet on how they are compatting the scams as if they can get on top of this activity quickly then the cost to the scammers will quickly outweigh the benefit and they will move on to softer targets.

  • May 21, 2016 at 9:15 pm
    Permalink

    To regulated.  Time to open it up to the world.  Got $20, no problem, here you go, congrats you own a .com.au.

Comments are closed.