Well Done auDA!

Today is a good news story about auDA. Their Policy Compliance team led by Mark Bouck yesterday dealt decisively with some complaints about scammers. Whilst these concerns had been previously lodged, I figured that because of the ongoing changes at auDA, they might have fallen through the cracks. So I followed up Rachael Falk (Director Technology, Security and Strategy), and she got Mark straight on the case – with amazing results. Well done auDA!

These scammers use illicit identifier details (someone else’s identity / ABN) to purchase domain names on the expired auctions. They then immediately put up fake ecommerce websites. You know the type – the ones that sell shoes or sunglasses at impossibly discounted prices. auDA now has an acronym for these type of scammers – UBU’s (Unauthorised Business Use).

What makes it so obvious that these are scammers is when they use domain names that have no relation to the products they are ostensibly flogging. Scammers pick up these domain names because they previously had “traffic”.

Now In Policy Delete

One of the cases I followed up on yesterday was cryogen.com.au. This was first reported on Domainer back in October 2016 by Robert Kaay when he wrote this excellent guest article.

Heaven only knows how many dollars this site has scammed from unsuspecting customers during this time – but at least it is gone now. Can you believe whose details these scammers used?

What’s even more worrying is this screenshot (below) from DomainTools. Look how many other domains are associated; and where the website is hosted.

Suggestion To auDA

The above scam website is just the tip of the iceberg. There are hundreds (if not thousands) of similar sites operating with impunity.

I have suggested this before, but I will suggest it again now. In the case of scam websites, no one wants to fill out a complicated “complaint form” which asks you to specify which policy is being contravened (see below). 🙁

auDA should have a dedicated email address that concerned cyber citizens of Australia can easily report suspect scammer websites. This should be advertised prominently on their website.

But in the interim, well done again. 🙂

Ned O’Meara – 18th May 2017

10 thoughts on “Well Done auDA!

  • May 18, 2017 at 2:21 pm
    Permalink

    Already registered 40+ from today’s drop. All with alidns.com nameservers.

    lobhere.com.au
    fightbacknews.com.au
    wingandaprayer.com.au
    flexions.com.au
    littlethai.com.au
    pdkc.com.au
    silencingdissent.com.au
    susanromyn.com.au
    waterfordlife.com.au
    freshfeel.com.au
    rippleashlures.com.au
    foreveryoungphotography.com.au
    cadconversion.com.au
    lensmansydney.com.au
    sewingwithshirley.com.au
    marrinersview.com.au
    wyndhamshipping.com.au
    brizzieflowers.com.au
    hinchinbrookrentayacht.com.au
    gerardbrophy.com.au
    shutterperfection.com.au
    lagogame.com.au
    furphyenterprises.com.au
    suryapowerco.com.au
    lumberbunker.com.au
    mandurahmotel.com.au
    dolphinmigration.com.au
    cohesionfitness.com.au
    hartleyyachtclub.com.au
    jaimarke.com.au
    selfstoragestrathfield.com.au
    swimtocolombia.com.au
    actonline.com.au
    drcotton.com.au
    runwithlife.com.au
    cruisejc.com.au
    instituteformission.com.au
    airstleonards.com.au
    pannikin.com.au
    cloud9ap.com.au
    smeblueprint.com.au
    nathaliecook.com.au
    visitkillcare.com.au
    thelearningbee.com.au
    promet.com.au
    taylorstudio.com.au

    Like
    9 people like this.
    • May 18, 2017 at 4:04 pm
      Permalink

      Thanks Drop Watcher – and well done.

      Could you please resend me that email you sent yesterday? I deleted it because I wasn’t sure who it was from – and given current cyber security problems, I  didn’t want to click on an attachment!

      Thanks Ned

      Like
      2 people like this.
    • May 18, 2017 at 5:00 pm
      Permalink

      Good list and very accurate too.

      Interestingly instituteformission.com.au was already 13-14 years old before it got purged so it is going to have quite a few links on the web leading people into the trap.

      I have three more on my list from today which match the same pattern
      thestableco.com.au
      up2meforkids.com.au
      and
      mpol.com.au

      Also to give everyone and idea of how big this problem is, there are 428 domains registered like this in this month so far, 2898 registered this year so far and 4245 registered since auDA announced their success against these scammers by deleting 1500 domains back in October 2016.

      Just in case you are wondering why I don’t just email the list to auDA (because after all I run an auDA accredited Registrar) well it turns out that I am not technically an aggrieved party so I would have to call thousands of small businesses and explain to them what happened so they can each lodge their own complaint. I’ve done this for about 5 domains and it takes hours each time so quite frankly I don’t have the time in my day to even start calling 30 – 40 aggrieved parties.

      It also pains me to point out that the deletion process via auDA is far too slow to combat this scam. I am pretty sure they make back the $20 their spent on registration within a few days, so the fact that it takes auDA months to delete a domain has emboldened the scammers even more. auDA needs figure out a way to delete these domains within 24 hours, and to restrict refunds to the Registrars when doing this (just in case they pass on the refund to the Resellers who may be doing this).

      Anthony

      Like
      10 people like this.
      • May 21, 2017 at 7:30 am
        Permalink

        @Anthony – your last paragraph makes a lot of sense.

        Like
        Anonymous likes this.
      • May 21, 2017 at 5:09 pm
        Permalink

        Appreciate your valuable feedback on this Anthony.

        This is absolutely crazy.

        I also made the point in October last year that it is MIND BOGGLING that the complainant is “not technically an aggrieved party so we  have to call thousands of small businesses and explain to them what happened”

        As I wrote in my actual formal complaint to auDA, back in October 2016:

        “I think this current auDA complaint system for reporting scammers is crazy. Do you know how much time I would have to spend to call up the charity mentioned and speak to various people about this? And this is happening more often, almost every day now. So if I can see three or four domain names have been scammed, I have to spend hours ringing up various companies telling them people are using their ABN for domain name scamming purposes?! Who’s going to pay me for this job of policing the Australian domain name space? Isn’t that what auDA is supposed to do?!
        I could spend another thirty minutes quoting auDA policy in this particular case, but quite frankly I believe you can see this person is a scammer. Why should it be my job to phone the charity and get confirmation that this person is a scammer? You’re the one who’s getting paid to protect the Australian domain name space!
        The current system and policy for reporting scammers to auDA appears to be outdated and broken.”

        It is obvious to see that not one thing has changed in the last 8 months.
        auDA didn’t listen. Which makes this look clearly like auDA DON’T CARE.
        I stand behind my response from 8 months ago and it is still valid at the exact same level as it was then, as it is today.
        THE CURRENT SYSTEM and POLICY for REPORTING SCAMMERS to auDA is OUTDATED and BROKEN.
        What is auDA going to do to fix this ridiculous situation, with scammers making possibly ten’s of thousands of dollars while auDA bumble along for eight months to delete the scam-registration names?!
        Anthony seems to already be inferring that Domain Shield would do something about it, at the Drop Catcher level, immediately, if it was possible! The sheer numbers involved here are unbelievable!
         

        Like
        Anonymous likes this.
    • May 21, 2017 at 4:27 pm
      Permalink

      Awesome  article, Ned, and awesome job, Drop Watcher.

      Ned is right, auDA need to very quickly add another options to their “complaint list” and UBU would be a good start!

      Like
      Anonymous likes this.
  • May 20, 2017 at 7:41 am
    Permalink

    Looks like regulation is failing on a massive scale and has been for a very long time. Well done auDA! So how about since you’re doing such a great job at regulating our namespace and keeping it safe like the posters above have shown, you should take on more risky and complicated responsibilities like manage the entire vital infrastructure that keeps all Australian businesses online as well!

     

    Like
    Anonymous likes this.
  • May 21, 2017 at 4:44 pm
    Permalink

    Ok. This is OUT OF CONTROL!!

    In the last few days, a new scammer has risen…

    2 days ago, a new scammer going by the email address: madeinputian@hotmail.com registered:

    outlet.org.au

    510,000 backlinks from 355 different website locations, making it a powerful traffic name…

    Other names he currently owns include:

    luisvuttons.us

    freeshoes.us

    prada-bags.co

    I am going to be submitting an auDA complaint about this guy right now. Hopefully they can figure out all the other names he has registered and take them all off him.

    This is absolutely out of control!!

    I mentioned this to auDA in October last year, as per my article above…

    It took them 8 months to put Cryogen.com.au into policy delete. How much traffic and money did this guy make during this time scamming people to buy his fake shoes…? And how about the hundreds of other sites he has? Thousands?

    How are auDA going to stop UBU (Unauthorised Business Use) permanently?

    This guy pretends to be called Luca Hirst, but I have also seen his name written as Luigii Cardinaee in other locations using the same email address.

    He is pretending to be from: OCEANTRADE LINE OTL AU PTY LTD and he hijacks their ABN which is a PRIVATE COMPANY … this is NOT a not-for-profit organisation…

    Yet he chose NON PROFIT ORGANISATION in the Eligibility Type, and TucowsDomains (his Registrar) just said, “Oh, you’re a fake private company who wants to pretend you’re a NOT FOR PROFIT ORGANISATION – no problem, we give you a GREEN LIGHT to register this high-traffic Australian .org.au domain name, sir!”

    What the hell?!?!?!?

    HOW ARE auDA GOING TO FIX THIS?!

     

    Like
    2 people like this.
  • May 22, 2017 at 3:07 am
    Permalink

    Here’s another scammer I just found:

    Registered MyStyleFurniture.com.au a few days ago.

    Email address: zhuanbanfdw6318@163.com

    163.com is a dead giveaway now. Some sort of massive scamming traffic company…

    Now I have to go and report this guy too.

    I’m going to need to start billing auDA an hourly rate for doing all their work…

    Like
    Anonymous likes this.

Comments are closed.