Scam Domain News

If you are reading this, the issue below affects you. This is an open letter regarding an issue affecting each and every internet user who is potential cannon fodder to cyber criminals!

Dear ICANN Staff

Why go to the extraordinary measures to put systems such as the ICANN WDPRS system in place, systems as the registrar Problem report system, then only to fob off any complaints that do come through this system?

I have come to the conclusion that the so called mechanisms you put out on your website are only placebos to try and pacify disgruntled netizens. However these systems have no real effectiveness should registrars blatantly violate the ICANN RAA and ignore reports of domains with fake whois registration details .

Where such incidents are reported to ICANN, the reporters are fobbed off and some reason is found to not act upon these reports.

Are the mechanisms put there by ICANN to deliberately deceive the public into some false sense of security, or is it a case that the staff who monitor these reports do not understand the provisions of the RAA, or are they deliberately being obstructive?

Whatever the case may be, this general lack of accountability all around is harming the public. The shocking truth is that nobody really knows what the losses are per annum to cyber muggers. Domains with fake registration details are part and parcel of the tools they use to accost the public.

I will give some examples of issues reported that to date remain unresolved, exposing the general internet user to abuse and losses.

A very obvious case of bogus domain registration details for a domain very numerous victims already:

From:  <WDPRS@icann.org>

Date: Wed, Oct 15, 2008 at 5:15 PM

Subject: Please Confirm Your Whois Data Problem Report

To: <Sender Brend's email address removed>

Hello Brenda Green,

A 'Whois Data Problem Report' has been submitted to InterNIC by you,

or someone claiming to be you, regarding the domain name

'safe-wayonline.com'.

YOU MUST CLICK ON THE LINK BELOW, WITHIN 5 DAYS, FOR YOUR COMPLAINT

TO BE PROCESSED.

In order for this report to be entered into our tracking system and

processed further, it must be confirmed.  Reports that are not

confirmed within five days are automatically deleted by the system.

Please carefully review the following copy of your report before

confirming it:

================================================================

Domain: safe-wayonline.com

Submitted: 2008/10/15 17:15:56

Registrar: XIN NET TECHNOLOGY CORPORATION

Reporter Name: Brenda Green

Reporter Email: <Reporter Brenda's Email removed>

Reporter IPAddr: &lt;Reporter Brenda's IP Address removed>

Errors in Registrant Information:

   Address:INCORRECT

   Phone:INCORRECT

   Description:

The address is a residential address, with the wrong postal code.

http://www.housepricespy.com/scotland/perth/glamis-place/12-PH2-0HP.html

Errors in Administrative Contact Information:

   Address:INCORRECT

   Phone:INCORRECT

   Description:

The address is a residential address, with the wrong postal code.

http://www.housepricespy.com/scotland/perth/glamis-place/12-PH2-0HP.html

Phone number resolves to:

Number billable as geographic number

Country or destination  China

City or exchange location       Guangzhou, GD

Errors in Technical Contact Information:

   Address:INCORRECT

   Phone:INCORRECT

   Description:

The address is a residential address, with the wrong postal code.

http://www.housepricespy.com/scotland/perth/glamis-place/12-PH2-0HP.html

Phone number resolves to:

Number billable as geographic number

Country or destination  China

City or exchange location       Guangzhou, GD

Explanation:

+ Site claims to be an escrow service, but is not registered with

proper authorities. This is a sure sign of a fake escrow service, and

is a guarantee of its illegal nature.

+All escrow services in UK are required to be registered with FSA.

This escrow service does not appear in their online register:

http://www.fsa.gov.uk/register/firmMainSearch.do;jsessionid=40db061ec98d4d9f8bc5953dfefb915c.s6fNml1Ka38InBbv-ArJrwTPoNCNa30Ocybtah0IaNuIahiIbh0IaNfwmxiInxiObk9ynhvybMSHc30Ka2aToi5hch0Na2TSn7bvq70KawTAqQ4InQXQ-BjF8NaPaxaKc2bMnkrDqRfzqwbMnkrDqRfzqwbynknvrkLOlQzNp65In0__

+Site is listed on escrow-fraud.com databse of known fraudulent escrow websites:

http://escrow-fraud.com/index.php?page=gallery&lay=23&img=safe-wayonline.com.jpg

+Site uses a template/layout commonly used for fraudulent escrow and

shipping websites:

http://escrow-fraud.com/index.php?page=gallery&layout=23

+ No telephone number listed on the site. This is the websites contact page:

http://www.safe-wayonline.com/contact.php?SID=9c7bd4223c5186eba739e2c10c41ee77

+ The addresses are all fake: how would a customer visit this business

in person?

http://www.safe-wayonline.com/contact.php?SID=9c7bd4223c5186eba739e2c10c41ee77

+ Site gathers personal information on insecure form. Legitimate

businesses do not gather this type of information without security

precautions:

http://www.safe-wayonline.com/register.php

http://www.safe-wayonline.com/signin.php

+ The site has no Internet presence beyond their main site, but makes

claims to have been in business for a while.

http://www.google.com/search?hl=en&rls=p%2Ccom.microsoft%3Aen-us%3AIE-SearchBox&rlz=1I7GGIK&q=safe-wayonline&btnG=Search

+ Evidence of victims of the scam site can be seen here:

http://www.scamvictimsunited.com/phpBB2/viewtopic.php?f=13&t=3228&start=0&st=0&sk=t&sd=a

http://forum.escrow-fraud.com/viewtopic.php?f=8&t=1590

http://forum.purseblog.com/ebay-forum/beware-escrow-scam-www-safeway-online-com-341490.html

+False Whois details:

Registrant: Organization : JOHN CARTER

Name : JOHN CARTER

Address : 12 Glamis Place

City : perth

Province/State : perth Country : united kingdom

Postal Code : 100011

The address is a residential property:

http://www.mccashhunter.co.uk/HTML_PAGES/Estate%20Agency/Detail%20Pages/Printable.asp?ID=926

The Postal code is wrong.

Phone numbers resolve to Gangzhou China:  Phone Number : 86-207-2405377

 Fax : 86-207-2405377

Number billable as geographic number

Country or destination  China

City or exchange location       Guangzhou, GD

Registrars site contains a Trojan virus.

================================================================

               WHOIS INFORMATION AS OF 2008/10/15 17:15:56

REGISTRAR WHOIS:

The Data in Paycenter's WHOIS database is provided by Paycenter

for information purposes, and to assist persons in obtaining

information about or related to a domain name registration record.

Paycenter does not guarantee its accuracy. By submitting

a WHOIS query, you agree that you will use this Data only

for lawful purposes and that,

under no circumstances will you use this Data to:

(1) allow, enable, or otherwise support the transmission

of mass unsolicited, commercial advertising or solicitations

via e-mail (spam); or

(2) enable high volume, automated, electronic processes that

apply to Paycenter or its systems.

Paycenter reserves the right to modify these terms at any time.

By submitting this query, you agree to abide by this policy.

Domain Name : safe-wayonline.com

Registrant:

 Organization : JOHN CARTER

 Name : JOHN CARTER

 Address : 12 Glamis Place

 City : perth

 Province/State : perth

 Country : united kingdom

 Postal Code : 100011

Administrative Contact:

 Name : JOHN CARTER

 Organization : JOHN CARTER

 Address : 12 Glamis Place

 City : perth

 Province/State : perth

 Country : united kingdom

 Postal Code : 100011

 Phone Number : 86-207-2405377

 Fax : 86-207-2405377

 Email : onlinesafeway@gmail.com

Technical Contact:

 Name : JOHN CARTER

 Organization : JOHN CARTER

 Address : 12 Glamis Place

 City : perth

 Province/State : perth

 Country : united kingdom

 Postal Code : 100011

 Phone Number : 86-207-2405377

 Fax : 86-207-2405377

 Email : onlinesafeway@gmail.com

Billing Contact:

 Name : JOHN CARTER

 Organization : JOHN CARTER

 Address : 12 Glamis Place

 City : perth

 Province/State : perth

 Country : united kingdom

 Postal Code : 100011

 Phone Number : 86-207-2405377

 Fax : 86-207-2405377

 Email : onlinesafeway@gmail.com

REGISTRY WHOIS:

Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered with many

different competing registrars. Go to http://www.internic.net for detailed

information.

 Domain Name: SAFE-WAYONLINE.COM

 Registrar: XIN NET TECHNOLOGY CORPORATION

 Whois Server: whois.paycenter.com.cn

 Referral URL: http://www.xinnet.com

 Name Server: NS2.XINNET.CN

 Name Server: NS2.XINNETDNS.COM

 Status: ok

 Updated Date: 14-jul-2008

 Creation Date: 14-jul-2008

 Expiration Date: 14-jul-2009

&gt;&gt;&gt; Last update of whois database: Wed, 15 Oct 2008 19:56:49

EDT &lt;&lt;&lt;

NOTICE: The expiration date displayed in this record is the date the

registrar's sponsorship of the domain name registration in the registry is

currently set to expire. This date does not necessarily reflect the

expiration date of the domain name registrant's agreement with the

sponsoring registrar. Users may consult the sponsoring registrar's Whois

database to view the registrar's reported date of expiration for this

registration.

TERMS OF USE: You are not authorized to access or query our Whois database

through the use of electronic processes that are high-volume and automated

except as reasonably necessary to register domain names or modify existing

registrations; the Data in VeriSign Global Registry Services' ("VeriSign")

Whois database is provided by VeriSign for information purposes only, and

to assist persons in obtaining information about or related to a domain

name registration record. VeriSign does not guarantee its accuracy. By

submitting a Whois query, you agree to abide by the following terms of use:

You agree that you may use this Data only for lawful purposes and that

under no circumstances will you use this Data to: (1) allow, enable, or

otherwise support the transmission of mass unsolicited, commercial

advertising or solicitations via e-mail, telephone, or facsimile; or (2)

enable high volume, automated, electronic processes that apply to VeriSign

(or its computer systems). The compilation, repackaging, dissemination or

other use of this Data is expressly prohibited without the prior written

consent of VeriSign. You agree not to use electronic processes that are

automated and high-volume to access or query the Whois database except as

reasonably necessary to register domain names or modify existing

registrations. VeriSign reserves the right to restrict your access to the

Whois database in its sole discretion to ensure operational stability.

VeriSign may restrict or terminate your access to the Whois database for

failure to abide by these terms of use. VeriSign reserves the right to

modify these terms at any time.

================================================================

If this report was not submitted by you, please simply disregard it. If

you submitted the report, but it contains errors, please disregard this

version, return to the problem report page at

   http://wdprs.internic.net/

and submit a new report.

If the data above is what you intended to submit, please confirm your

submission by visiting the following URL:

   http://wdprs.internic.net//cgi/rpt.cgi?a=3&sid=R9L1SK0QURU

Thank you for your help.

Best regards,

InterNIC Whois Data Problem Reports System

Of course this should look familair. It was a response from ICANN to a party called Brenda that submitted a report via your “Whois Data Problem Report System”, called a WDPRS report. This report was ignored by Xin Net (What is new?)

A follow up report followed from ICANN for this WDPRS report:

From:  <WDPRS@internic.net>
Date: Mon, Dec 1, 2008 at 2:16 AM
Subject: safe-wayonline.com -- Whois Data Problem Report
To: <Brenda's Email address removed>

Hello Brenda Green,

This message is in follow-up to the Whois Data Problem Report you submitted
on October 15, 2008 regarding safe-wayonline.com.  As indicated to you
at the time of submission, a copy of your report was forwarded to the
sponsoring registrar for investigation.  We would appreciate it if you could
assist us in monitoring registrar compliance with Whois data accuracy
obligations by selecting one of the options below:

   1. The data inaccuracy was corrected.  Please go to the following URL:
   &lt;http://wdprs.internic.net/cgi/followup.cgi?a=r&s=R9L1SK0QURU&r=corrected>

   2. The domain has been deleted or re-registered.  Please go to:
   &lt;http://wdprs.internic.net/cgi/followup.cgi?a=r&s=R9L1SK0QURU&r=deleted>

   3. The whois data is still inaccurate.  Please go to:
   &lt;http://wdprs.internic.net/cgi/followup.cgi?a=r&s=R9L1SK0QURU&r=unchanged>

   4. None of the above.  Please go to:
   &lt;http://wdprs.internic.net/cgi/followup.cgi?a=r&s=R9L1SK0QURU&r=other>

For your reference, the current whois data for the domain is appended below.

Thanks again for your assistance.

Best regards,

InterNIC Whois Data Problem Reports System

================================================================
               WHOIS DATA AS OF 2008/12/01 01:15:02

REGISTRAR WHOIS:

The Data in Paycenter's WHOIS database is provided by Paycenter
for information purposes, and to assist persons in obtaining
information about or related to a domain name registration record.
Paycenter does not guarantee its accuracy. By submitting
a WHOIS query, you agree that you will use this Data only
for lawful purposes and that,
under no circumstances will you use this Data to:
(1) allow, enable, or otherwise support the transmission
of mass unsolicited, commercial advertising or solicitations
via e-mail (spam); or
(2) enable high volume, automated, electronic processes that
apply to Paycenter or its systems.
Paycenter reserves the right to modify these terms at any time.
By submitting this query, you agree to abide by this policy.

Domain Name : safe-wayonline.com
PunnyCode : safe-wayonline.com

Registrant:
 Organization : JOHN CARTER
 Name : JOHN CARTER
 Address : 12 Glamis Place
 City : perth
 Province/State : perth
 Country : united kingdom
 Postal Code : 100011

Administrative Contact:
 Name : JOHN CARTER
 Organization : JOHN CARTER
 Address : 12 Glamis Place
 City : perth
 Province/State : perth
 Country : united kingdom
 Postal Code : 100011
 Phone Number : 86-207-2405377
 Fax : 86-207-2405377
 Email : onlinesafeway@gmail.com

Technical Contact:
 Name : JOHN CARTER
 Organization : JOHN CARTER
 Address : 12 Glamis Place
 City : perth
 Province/State : perth
 Country : united kingdom
 Postal Code : 100011
 Phone Number : 86-207-2405377
 Fax : 86-207-2405377
 Email : onlinesafeway@gmail.com

Billing Contact:
 Name : JOHN CARTER
 Organization : JOHN CARTER
 Address : 12 Glamis Place
 City : perth
 Province/State : perth
 Country : united kingdom
 Postal Code : 100011
 Phone Number : 86-207-2405377
 Fax : 86-207-2405377
 Email : onlinesafeway@gmail.com

REGISTRY WHOIS:

Whois Server Version 2.0

 Domain Name: SAFE-WAYONLINE.COM
 Registrar: XIN NET TECHNOLOGY CORPORATION
 Whois Server: whois.paycenter.com.cn
 Referral URL: http://www.xinnet.com
 Name Server: NS2.XINNET.CN
 Name Server: NS2.XINNETDNS.COM
 Status: ok
 Updated Date: 14-jul-2008
 Creation Date: 14-jul-2008
 Expiration Date: 14-jul-2009

================================================================

That should have at least triggered some alarm bells. However, no! This domain remains registered with fake whois, available to the criminal to merrily scam the public.

Here are some screen snapshots as on the 5 th of April 2009!

Let us see what harm this domain is doing. I suggest searching on Google: http://www.google.com/search?q=”safe-wayonline.com”+scam

We quickly find we have numerous victims to this fraudulent website registered with bogus whois details. I will zoom in on two of these articles:

http://forum.escrow-fraud.com/viewtopic.php?f=8&t=1590

Maddening, but more frustrating – look at the date of this post: Dec 09, 2008 11:16 pm !

Look at the date of the WDPRS report again:

From:  <WDPRS@icann.org>

Date: Wed, Oct 15, 2008 at 5:15 PM

Subject: Please Confirm Your Whois Data Problem Report

So, if the folks that are supposed to be looking at thisactually did look at this, “coachaddict6″ would not have lost her engagement ring. Shame on Xin Net! This was absolutely unnecessary!

Let us look at http://www.scamvictimsunited.com/phpBB2/viewtopic.php?f=13&t=3228&start=0&st=0&sk=t&sd=a

Nov 2nd, 2008, 05:02 PM
Boohoo1234567

I am devastated. This exact scam happened to me with a cherished heirloom ring worth 15,000. Same wording in buyer’s e-mails, same escrow company, safe-way online. Buyer was a Derek Aalbers from Marbella, Spain. I’m so stupid! I am absolutely crushed to think that this ring that meant so much to me is now in the hands of the devil! I was selling it because of a desperate financial situation and wanted it to be true so much that I was blinded. I’m just an idiot and still poor. Can he do anything with my address that I had to enter on that site? Why hasn’t that site been shut down?

Look again at the date of the WDPRS report again:

From:  <WDPRS@icann.org>

Date: Wed, Oct 15, 2008 at 5:15 PM

Subject: Please Confirm Your Whois Data Problem Report]

Yes, it seems the criminal registrant is targeting victims for jewelry, we see other reports of the same in these Google hits.

We also clearly see the crimes were reported to the authorities. Yet, as mentioned in the recent eCrime session in Mexico, and numerous times previously, the authorities can not investigate each and every internet crime.

Surely if this breach of the RAA were to be reported to the registrar Xin Net and ICANN, action will be taken given the evidence available?

Subject: fake whois and fraud: safe-wayonline.com
Date: Tue, 31 Mar 2009 04:04:31 +0200
From: Derek Smythe
To: mengfr@xinnet.com
CC:

Hello Xin Net and everybody copied

Re: http://www.safe-wayonline.com/ – hidden at
http://www.safe-wayonline.com/contact.php etc

I really think this situation is way overdue for resolution.

First of all for the sake of ICANN and the registrar, XinNet:

Why have an Registrar Accreditation Agreement if the registrar is not
going to uphold this agreement and investigate bogus whois details?

See: http://forum.aa419.org/viewtopic.php?t=26622

I point out:
> tymewastr : Posted: Fri Nov 28, 2008 10:05 pm
> Was sent to ICANN, still waiting to hear back.
*
> tymewastr: Posted: Tue Dec 02, 2008 1:34 am
>
> I heard back today. The whois is still inaccurate. I have continued
> the complaint.
>
> Site has no IP but the MX i still good.
>
> Report also sent to Internet Security Alliance about abuse of their logo.

*
As such this WDPRS report was ignored?

Let us have a detailed look at the whois details:
> Registrant:
> Organization : JOHN CARTER
> Name : JOHN CARTER
> Address : 12 Glamis Place
> City : perth
> Province/State : perth
> Country : united kingdom
> Postal Code : 100011
>
> Administrative Contact:
> Name : JOHN CARTER
> Organization : JOHN CARTER
> Address : 12 Glamis Place
> City : perth
> Province/State : perth
> Country : united kingdom
> Postal Code : 100011
> Phone Number : 86-207-2405377
> Fax : 86-207-2405377
> Email : onlinesafeway@gmail.com
First, Postal Code :

100011 is not appropriate and invalid for the United Kingdom. See here
about UK postal codes and their formats:

12 Glamis place, Perth UK is a property listing (more about this later)

86-207-2405377 is a number for China, not the UK. However, changing the
Chinese dialing code (86) to the UK’s (44) makes this 44-207-2405377.
However, this is also not correct as this telephne number is that of
Catherine Grout72, Programme Director, e-Content at JISC:
See http://www.jisc.ac.uk/digitisation/

As such the whois details are bogus.

The content is used for a scam. Already victims have lost money and
other people have been targeted for eBay scams by this bogus “Escrow”. See
http://forum.escrow-fraud.com/viewtopic.php?f=8&t=1590
http://www.scamvictimsunited.com/phpBB2/viewtopic.php?f=13&t=3228&start=0&st=0&sk=t&sd=a
http://forum.purseblog.com/ebay-forum/beware-escrow-scam-www-safeway-online-com-341490.html
etc etc etc

Additionally, from the website at
http://www.safe-wayonline.com/contact.php
> Licensed and bond under no. 05094815 at UK Data LTD
See

http://www.ukdata.com/creditreports/viewCompanyDetails.do?companyId=05094815&full=1

This is WWW.ESCROW.LTD.UK SUITE B, 29 HA, LONDON, LONDON, W1G 9QR, W1G 9QR

Most notably a non trading company.

UK Data has no authority to register or bond companies etc, they sell
company intelligence reports!

Registration has to happen at Companies House in the UK:
http://wck2.companieshouse.gov.uk/
Since Safeway Online would be delivering Financial Services – they would
have to be registered at the Financial Servcies Authorities in the UK:
http://www.fsa.gov.uk/register/home.do

Safe-WayOnlineis not registered here! As such they are bogus, just like
the domain’s whois details.

Additionally see an email sent to isalliance.org rgearding abuse of
their name in this scam.

Furthermore this website is plagiarized from various sources. Example:
http://www.safe-wayonline.com/support.php
- wording has been copied from

http://www.escrow.com/solutions/transaction_settlement/index.asp

As such we have a sure and simple case of a criminal using “bogus whois
registration details to evade responsibility for fraud”. I hope that
sounds familiar to Xin Net – it is addressed in an ICANN advisory, the
same one ICANN makes the public aware of if they file reports on domains
with bogus whois details:

http://www.icann.org/en/announcements/advisory-03apr03.htm

Considering this issue has been ongoing for months already, WDPRS
reports are ignored in violation of the ICANN RAA and as such we have a
rogue domain registration under the control of a criminal targeting
innocent internet users, will Xin Net accept responsibility for the
losses of the public? Or will they try and hide behind lawyers and
suddenly claim “we are only the registrar” or try and throw up non RAA
compliant company policies?

Already Xin Net has had a lot of bad publicity (“Xin Net’s Pile of
Pills”) due to non-compliant domain registrations causing harm on the
Internet and the service they export is definitely not one to make their
country proud. We have had legitimate escrow companies shutting down in
the onslaught of exactly this type of domain and website that
safe-wayonline.com represents.

This is harming the internet community and trust in the internet!

I strongly suggest Xin Net starts taking their registrar obligations
seriously and not be a haven for criminal registrants. Nobody forced Xin
Net to become a registrar, so please do what a registrar is supposed to
do under these circumstances.

Thank you

Derek Smythe

Derek Smythe
Artists Against 419

http://www.aa419.org

——– Original Message ——–
Subject: Fraud
Date: Tue, 02 Dec 2008 03:37:08 +0200
From: Derek Smythe
To: <removed>@isalliance.org

Hi

On your website, you say:
ISA does not endorse any internet escrow or payment service company. If
you see the ISAlliance name or logo on an escrow or payment site we
recommend extreme caution. Please report fraudulent use of our name/logo
to info@isalliance.org .

See here: http://www.safe-wayonline.com/
http://forum.aa419.org/viewtopic.php?t=26622

Regards

Derek

Then, just to make sure ICANN is alerted to this issue, this report was copied to ICANN via the “InterNIC Complaint Form” at http://reports.internic.net/cgi/registrars/problem-report.cgi - This portion was added to the top of the online report:

Name: Derek Smythe
Organization: Artists Against 419
Email:<Removed>
Phone:
Domain: safe-wayonline.com
Real Registrar Name: XIN NET TECHNOLOGY CORPORATION

Summary:
The following email was also sent directly to Xin Net regarding their failure to investigate invalid whois details and the harm it is causing to the general internet users.

On the form I am using to submit this report the following applies:
Spam/Abuse
Abusive Registration
Whois – Inaccurate Whois
Registrar Customer Service
Website Content

However this issue would not have existed if the registrar simply took time to investigate a WDPRS report as they are supposed to under the RAA.

Based upon the nature of the inaccuracies they clearly did not.

Surely some sanity should prevail? But true to form as per complaints lodged via this form previously, the complaint reviewer at ICANN simply fobbed off the complainant again:

Subject: Re: Complaint Form – safe-wayonline.com
Date: Mon, 30 Mar 2009 19:12:14 -0700
From: no-reply@icann.org
To: <removed>
References: &lt;200903310212.n2V2CDnc014176@reports.internic.net>

Thank you for your inquiry concerning unsolicited commercial email, better
known as spam. ICANN does not have contractual authority to address
complaints about spam.

ICANN is not a government agency. ICANN is a private sector, not-for-profit
organization with limited technical responsibility for coordinating the unique
assignment of Internet domain names and IP addresses.

Therefore, ICANN cannot address consumer complaints regarding the following
matters:

1. Spam complaints
2. Website content complaints
3. Failure to answer phones promptly
4. Failure to respond to e-mail messages promptly
5. Overbilling/Multiple billing
6. Computer viruses

These types of consumer complaints are not addressed in the Registrar
Accreditation Agreement (RAA) and are therefore not a violation of the RAA.
Please see, http://www.icann.org/registrars/ra-agreement-17may01.htm.

If you believe the content of any email message is illegal or you are being
spammed in violation of the law, your best course of action is to contact a
law enforcement agency in your jurisdiction.

You can also file a formal complaint with consumer protection entities such as
the International Consumer Protection and Enforcement Network
http://www.icpen.org/, the US Federal Trade Commission (www.ftc.gov), or with
your Internet Service Provider.

We hope this information is helpful.

Best regards,

ICANN Services

(I leave it up to the reader to decide what they would have said to ICANN. I would start with questioning ICANN’s literacy …)

At this point I would like to point out that the form leading up to the “InterNIC Complaint Form” shows this:

Note the “Have a problem with a registrar?”?: Yes we have and that is why we tried reporting an issue to ICANN via this form. So this is the correct link as per ICANN, not the reporter.

“… or about enforcement of an alleged violation of the terms listed in the Registrar Accreditation Agreement (RAA)” – So this is the correct place to report it – as per ICANN!

The party at ICANN which responded clearly does not know about provision 3.7.8 of the RAA, or if he/she did, was clearly being obstructive. However it be, the inaction is clearly not in line with the projected image of ICANN and does the credibility of ICANN extreme harm. Unfortunately the general public are the victims, not ICANN.

I just need to add that numerous report on non responsive registrars have met the same type of reply where ICANN staff clerarly do not read the reports.

Godaddy is still in violation of the RAA, despite being reported via this form to ICANN. Sadly reports are not copied back to the reporter and despite asking for such a copy, no such copies are sent. Read about this issue here: http://www.badwhois.info/wp/?p=212

(Reminder: ICANN – Derek still wants a copy of his report sent to you)

Here ICANN was copied on all correspondence from day one between Godaddy and the reporter. WDPRS reports are also ignored in this instance (note a pattern forming). Escalation to ICANN via the online “InterNIC Complaint Form” yielded this:

Subject: [#BYN-565546]: Complaint Form – xx32wreken.info
Date: Wed, 21 Jan 2009 15:15:39 -0800
From: Compliance Problems &lt;complaint-followup@icann.org>
Reply-To: complaint-followup@icann.org
To: <removed>

We appreciate you taking the time to complete a InterNic Complaint Report. Your complaint, however, references inaccurate Whois data, which is handled through a separate complaint system. These complaints are not handled through the InterNic Complaint System and do not get referred.

Your Whois data accuracy complaints should be filed using the Whois Data Problem Report System, located online at http://wdprs.internic.net/. These complaints are referred directly to the registrar for review and are also analyzed and used to enforce registrar obligations in accordance with ICANN policy.

For further information on what is required of the registrars upon notification of an inaccuracy in Whois data you may wish to view the ICANN Advisory located online at http://www.icann.org/announcements/advisory-03apr03.htm.

Kind regards,

ICANN Services

Ticket Details
===================
Ticket ID: BYN-565546
Department: Whois
Priority: High
Status: Closed

In this instance many ignored WDPRS reports were shown in the report, where Godaddy simply ignored the reports. Apparently their abuse procedures require different steps than ICANN’s RAA!

The result is here for all to see:

http://abukmail.info/natwestsecuret/ – note the email address used in this scam – customerservice@nwplcdirect.net, then read here: http://blog.aa419.org/?p=90

http://abukmail.info/natwsecplc/ – once again, note the address, then customerservice@natwestplconline.net. Here Enom excelled in stopping the scammer (the anti-abuse movement tips the hat)

However, this issue was taken up by ICANN’s compliance department!

ICANN, right now criminals are running circles around the domain registrars and the registration systems. The ability to stop these domains from harming the public is imperative to the safety of the internet user.

However, it clearly seems that ICANN does not really enforce the RAA that theoretically gives the ordinary internet user the tools to stop abuse. However ICANN is supposed to enforce the RAA.

Why does ICANN not do this?

The issue of domains with fake whois being used to target the public is by no means new. In fact as far back as 2005, we find Commisioner Jon Leibowitz of the FTC asking Dr Paul Twomey to address this issue: http://icann.org/correspondence/leibowitz-to-twomey-09feb05.pdf

In 2006 we find this: http://www.icann.org/presentations/leibowitz-mar-26jun06.pdf

These are by no means isolated incidents where the authorities makes ICANN aware of the harm being done by domains with fake registration details. In fact they have asked ICANN’s assitance to stop this abusive practice.

Yet mentioned scams to anybody at ICANN and the ICANN staff are fast to point the user at the authorities.

Roll forward to 2009 and we blanket private registrations with even domain proxy service provider having fake whois details and having criminal records. As such just more of the same, just more sophisticated and more deadly. However the orginal issues remains, worse than before.

I find it ironical that ICANN is not enforcing published policies such as the RAA, allow criminals to flourish, yet are quick to pass the buck to the authorities when issues surrounding domains with bogus registration details arise! Ditto Godaddy and numerous registrars.

If ICANN is not willing to enforce the RAA, we would have to lookat alternate solutions to the issue of domains with fake whois being used to prey on the public. Some suggestions could be:

a) A set fee included in the price of each new domain registration. This money would be used to buy insurance for the general internet user, allowing him to claim from this fund when he is defrauded by a domain with fake details.

b) Increase the price of a domain, allocalting the extra funds to a dedicated independant anti-abuse team that investigates fake whois details for domains reported to be trying to defraud the public. They should have direct access to registries, bypassing fraud tolerant registrars.

c) Increase American taxpayer’s money to investigate domain issues. The Internet Crime Complaint Center is American. That will satisfy the court order for fake whois demands of the likes such as Godaddy.

d) ….

I could come up with even more ridiculous suggestions that will simply punish innocent parties

Ideally we could hold registrars that violate the RAA, allowing criminals to flourish, accountable? No there is an idea! Xin Net?

The acceptable answer to this would be to simply enforce the RAA.

Where domains with bogus whois are reported and they clearly are used to target the public, these domains should be the subject of prompt action – as pointed out in ICANN advisory dated 3 April 2003. We, the general internet population are asking nothing radical. However this is not happening. How can we the trust you with new gTLD’s?

There also appears to be a general lack of interest from ICANN in investigating these, despite a lot of lip service. Some domains with bogus whois details are harmless, sadly many are not! The devastating effect of a handful of fraudulent domains out of the millions of domains legitimately registered cannot be disregarded. Sadly we have more than a handful!

See: http://db.aa419.org – and these people specialize in only certain types of scams.

Add malware, add phrama spam, add Ponzi scams, add ….

Domains used to target the public is big business and sub-economies exists around this very concept.

This is a reality that ICANN needs to acknowledge. By simply enforcing the RAA, ICANN will empower the public to stand up for themselves!

However, ICANN has failed to date – ask the coachaddict6’s, the Boohoo1234567’s …and many other silent victims we will never know of. However, even searching for known victims portrays a frightening picture!

ICANN, if the staff are willing to make an honest attempt at cleaning up on abusive domain registrations, they will find a whole internet community willing to assist in pointing out fake domain registrations.

However, the complainants are given placebos currently.

/Update: We have been made aware of this article on UK Data LTD:

Look at the contact details page for safe-wayonline.com again:

“Licensed and bond under no. 05094815 at UK Data LTD”

So the very company that is supposed to be licensing and bonding safe-way-online.com is in fact calling these websites fraudulent and in fact even mentions jewelry as being the target in many instances. Sound familiar?

ICANN, Rome is burning …