Slashdot Mirror
ICANN Investigates Insider Domain Name Snatching
Tech.Luver sends us word that, hot on the heels of reports that Verisign may be planning to sell DNS root server lookup data, ICANN has opened an investigation into a suspected practice by registrars it calls "domain name front running." The suspicion is that insiders at some registrars are using information from whois searches to snatch up desirable domain names before interested customers can register them. Here is ICANN's announcement of the investigation (PDF). ICANN asks that anyone who suspects they have been victimized by domain name front running to email them with details.
I have proof of this happening and I'm sure others do too. We have two different customers that looked up domains to see if they were available, asked us to register them and before we could register them, they were already registered by places in China and the Carribian. Both domains where somewhat obscure and I didn't see any reason why they should have normally been bought. In both cases, the domain was released after the 5 day period that ICANN allows (which I think was a mistake on ICANN's part to have that policy). But in some cases it might not be released if it turns out to be popular. As I said about the Verisign thing, this is an invasion of privacy.
One of our customers (who allowed me to mention in this post that his domain in question was psysci.net) that had this happen said that he only used the command line whois and networksolutions.com to lookup the domain, so it might not just be small registrars involved in this scam. But that's a pretty serious accusation to bring against Network Solutions so take that with a grain of salt. THe company that tasted psysci.net had a name of Wan-Fu China, Ltd. The company that tasted the other domain had a name of (MAISON TROPICALE S.A.), which you can find a little more information about here
When a domain is snatched, usually it doesn't matter if the original owner gets it back or not. That's not the point, in most cases. Thieves will use the domain to drive traffic to their astroturfing/spam network and drive their PR up in the process. That stays in memory indefinitely and has a beneficial impact on any site like that.
If the owner gets their network back, they still have the stigma of the bad activity associated with the domain.
Preventing domain theft is going to only get increasingly more difficult as technology becomes more complicated.
The dangers of knowledge trigger emotional distress in human beings.
One of the provisions of the ICANN Registrar Agreement is this:
So ICANN has the authority to insist that registrars get out of the domain speculation business. They don't have to ask the registrars; they can simply order it.
Currently, most of the "registrars" are fronts for domain speculators. Take a look at the list. There are whole families of phony registrars (Enom1, Inc., Enom2, Inc., Enom3, Inc., ... Enom371, Inc., ... Enom469, Inc.) There are ones who admit they're domain speculators (NameJumper.com, Inc., "!!BBB Bulk Inc"). There are ones that are fronts for "Club Drop".
Most of these "registrars" are so phony they don't even have a business address.
This registrar information is useful for filtering junk sites. If a site is registered with one of the bogus registrars, it's probably desirable to block its e-mail (which is probably spam), and throw it out of search engines.
What do you mean, extremely unlikely?
The first one is obviously used by The King of Siam's Major Order of Worried Lemurs Acting Perfectly or Xylophone Needing Vampires Being Wheedled Like Queens of Another Nice Monarchy In Utah's Tasteless Kingdom, Looking at Everyone's Hiney
The other two are equally obvious
Interested in a Flash-based MAME front end? Visit mame.danzbb.com
So I checked via godaddy.com, and it was available, but I didn't purchase it because my checking account was overdrawn. A while later(2 weeks to a month), I went to buy it, and it was taken. Whois said it was taken shortly after my availability check, by a company in Maine. It was cash-parked at Network Solutions.
Anyway, a few months later(the dates are vague, I didn't mark my calender) I checked it to see what the people from Maine were doing with the title of my life's work. It was still just cash-parked at Network Solutions. So I checked WHOIS again, to refresh my memory about the name of the company, and it was now owned by an individual in Maryland instead of a company in Maine, but here's the scariest part: the registration date had *magically* moved backwards to 2005!
I had personal reasons to remember very specifically that the location of the owner was in Maine. I didn't remember the company name, but I definitely remembered that the date of registration was just after I had checked it.
And it's still just cash-parked. When it first happened, because of "Maine" and some personal events, I suspected a certain person I knew from certain forums had taken it for basically spiteful reasons. But when the date was altered, I was mystified and paranoid. "Why would the CIA and time-traveling lizard-people from Sirius conspire to keep me from doing my little project under that name?" Now, I'm relieved to find a more plausible explanation. A scammer or scammers with access to official registration data. Makes sense, I also own several other domains, so I might pop up as a high-probability purchaser. But I never contacted the owner, and in the intervening time I've reworked things to release soon under another name that I've owned for years.
I did, however, pop off an email to ICANN detailing the events.
Let me reiterate what's been said by others on this thread: don't check a domain unless you're ready to purchase it immediately.