how-to block ads
|
|
Uniqs:
1007 |
Share Topic
 |
 |
|
|
| reply to Jason Levine
Re: Phishing part not needed; but domain registration needs chgs said by Jason Levine:Exactly. If I were the member of an online criminal group and suddenly I was required to put my real name/address on a domain, I'd find someone else's name/address to use. Probably something from identity theft. Well, under the rules, as they should be setup, they wouldn't get a domain name. Because no one would get a domain name until they replied to a registered letter from the address they used. No PO boxes, no 3rd party register companies, etc.
If you want a domain name you need a real street address and you must reply to a letter sent to that address. It would cost more. But that would be OK to, as it would keep all those buying domain names just on speculation out of the game.
--
My BLOG .. .. Internet News .. .. My Web Page | |
| That would make buying a domain name much more complex and it still wouldn't stop criminals.
Suppose a criminal overseas wants to buy merchandise using a stolen credit card. The website might realize that shipping that DVD player to Africa is a bad idea when the card is registered to someone in Florida. So the criminal dupes another victim.
This victim is convinced that he is helping out a small company overseas import goods from America. The details change from case to case. Sometimes the victim is wooed until they think they are engaged to the criminal. Sometimes they are mere business partners. In any case, the victim gets these boxes of goods and dutifully mails them back off to the criminal. (Or to someone else who mails them to someone else, etc until they reach the criminal.)
In the case of a registered letter domain name, the criminal would register a series of domain names in the victim's name and have them respond to the registered letters (with a pre-written response). The domains would be approved and the criminal would then open their phishing/cracking/whatever site. When one domain is closed, another would be activated. If all of the domains are closed, then the criminals would open others. If the person gets blacklisted, they criminals would move on to another sucker.
Meanwhile, I would be forced to put my real name/address/phone number for my domain name and would need to wait for the registered letter, respond to it, and wait for the approval every time I wanted a new website set up. It would be a huge pain for legal businesses/individuals and a minor speed bump for criminals.
--
-Jason Levine
Support a children's charity. Buy a calendar. Shooting For A Cause
Jason's Toolbox | PCQandA.com | |
 swhx7Premium
join:2006-07-23
Elbonia | reply to NetFixer
said by NetFixer:said by youngmoore:You don't see the CEO's of ATT or Comcast personal info up on who-is but your expecting anyone even personal website owners to have their full Name/Address/Phone numbers. Come on man get serious. Actually you picked a couple of bad examples to make your point. The domains comcast.com, comcast.net, att,com and att.net all have adequate published whois information (shown below) to allow anyone with a problem with their networks to be able to contact someone for help. The stealh domain registrations provide no such information without at least a court order.
This is just incorrect.
I just checked one of mine to be sure. I have one registered via a proxy company, and it gives physical address for that organization and email addresses (administrative, technical) that get forwarded to me.
I believe other proxy domains are like this too - you can always see an email address to complain to. And if that doesn't work, you can always go to the hosting company. The only thing you need a court order for is getting personal information on individuals, and you don't need that to contact someone about anything being done on the domain.
If we can't have proxy registrations for individuals, then the only other way to make the business and individual registrations comparable would be to require the names and physical home addresses of the executives, board members and major stockholders on any corporate registration. I would support that. | |
|
