Many Domains Registered With False Data

bakotaco writes "According to research carried out by the US Government Accountability Office (GAO) many domain owners are hiding their true identity. The findings could mean that many websites are fronts for spammers, phishing gangs and other net criminals. The report also found that measures to improve information about domain owners were not proving effective." From the article: "The GAO took 300 random domain names from each of the .com, .org and .net registries and looked up the centrally held information about their owners. Any user can look up this data via one of the many whois sites on the net. The report found that owner data for 5.14% of the domains it looked at was clearly fake as it used phone numbers such as (999) 999-9999; listed nonsense addresses such as 'asdasdasd' or used invalid zip codes such as 'XXXXX'. In a further 3.65% of domain owner records data was missing or incomplete in one or more fields."

And then there's outdated data

[Kelson]

I work at an ISP. We've had customers in the past whose domain names expired because they didn't update their address and phone number with their registrar, the person whose email address was on the record left the company, and they didn't get the renewal notice.

It doesn't happen as often now as it used to. Either businesses are getting better at remembering that their domain names need to be updated along with everything else, or the registrars are better at finding other ways to notify them of renewals.

But I ran into one case (with Network Solutions, IIRC -- it was a few years ago) where I personally updated the contact information associated with a role account and discovered, a year or two later, that the registrar had somehow resurrected the old, deleted contact info.

Re:And then there's outdated data

[bcrowell]

I did run into an interesting case recently where the domain owner's info was fake, and it was clearly because he was a crook. This was someone who had plagiarized a bunch of information from a copylefted physics book I wrote, posted it on his own web page without the copyright, licensing, or authorship info, and was using it as a way to lure web surfers to his site, which had some very scary looking obfuscated javascript on it -- presumably it was designed to exploit some security flaw in IE. The contact info was bogus, although not obviously so (nonexistent street in Atlanta, phone number not connected). I contacted his webhost, who are a bunch of Russian guys living in London... draw your own conclusions :-)

The article doesn't make much sense to me for several reasons: (1) it assumes anonymity on the internet is a bad thing, (2) it assumes the federal government should be getting involved in people's free speech activities, (3) as a gazillion slashdotters have noted, it ignores the legitimate reasons for doing this kind of stuff.

Personally, I use a single-purpose hotmail address for my domains, and I have a note on my calendar to log into that hotmail account once in a while so the account doesn't get canceled. It's a hassle, but it saves me the money of paying my registrar for privacy.

here's where to report domains with bad info:

[artifex2004]

http://wdprs.internic.net/

Note that complete and accurate whois information is a prerequisite for maintaining a domain registration.

All accredited registrars have agreed with ICANN to obtain contact information from registrants, to provide it publicly by a Whois service, and to investigate and correct any reported inaccuracies in contact information for domain names registered through them.