Domain Registry of America Suspended By ICANN

First time accepted submitter EpicMaxGuy writes ICANN has suspended Domain Registry of America aka Brandon Gray Internet Services aka NameJuice. The registrar is forbidden from registering any new domain names or accepting any inbound transfers until 17 October 2014. The announcement was posted on the ICANN website and will probably be welcomed in many circles."

From TFA

[morethanapapercert]

What happened exactly?

ICANN posted two letters regarding Brandon Gray today. One is the suspension notice, while the other is a detailed breach notice which explains it all.

Essentially Brandon Gray got finally caught out by a couple of clauses in the 2013 registrar contract with ICANN (RAA):

Brandon Gray’s resellers subjecting Registered Name Holders to false advertising, deceptive practices, or deceptive notices, pursuant to Section 3.12.7 of the RAA and Section 3 of Domain Name Registrants’ Rights of the Registrants’ Benefits and Responsibilities Specification (“RBRS”).

ICANN would also like to know how they managed to mine whois data to send out all the letters to registrants without falling foul of the section 3.3.5 of the RAA, which states:

3.3.5 In providing query-based public access to registration data as required by Subsections 3.3.1 and 3.3.4, Registrar shall not impose terms and conditions on use of the data provided, except as permitted by any Specification or Policy established by ICANN. Unless and until ICANN establishes a different Consensus Policy, Registrar shall permit use of data it provides in response to queries for any lawful purposes except to: (a) allow, enable, or otherwise support the transmission by e-mail, telephone, postal mail, facsimile or other means of mass unsolicited, commercial advertising or solicitations to entities other than the data recipient’s own existing customers; or (b) enable high volume, automated, electronic processes that send queries or data to the systems of any Registry Operator or ICANN-Accredited registrar, except as reasonably necessary to register domain names or modify existing registrations.

For the rest of the article, including images of the actual letters, follow the link in the summary.

Re:From TFA

[jopsen]

Brandon Gray’s resellers subjecting Registered Name Holders to false advertising, deceptive practices, or deceptive notices, pursuant to Section 3.12.7 of the RAA and Section 3 of Domain Name Registrants’ Rights of the Registrants’ Benefits and Responsibilities Specification (“RBRS”). >

Sure you can treat that as a contract breach, but it seems more like a criminal matter to me... Why do you even put that in the contract, it's needless to say that criminal conduct will not be tolerated.

Re:From TFA

Brandon Gray’s resellers subjecting Registered Name Holders to false advertising, deceptive practices, or deceptive notices, pursuant to Section 3.12.7 of the RAA and Section 3 of Domain Name Registrants’ Rights of the Registrants’ Benefits and Responsibilities Specification (“RBRS”). >

Sure you can treat that as a contract breach, but it seems more like a criminal matter to me... Why do you even put that in the contract, it's needless to say that criminal conduct will not be tolerated.

Because a contract breach is much easier to deal with than a criminal prosecution, as the former can be based on determining only what is likely to be true, whereas the latter requires proof that there was actually criminal intent, which is much, much harder to achieve.

Re:From TFA

[Artifakt]

It's not needless to say, unfortunately:

(Start of facts) Right now, there's a dispute developing in New York state, over whether McDonalds should have their contracts with franchisees set up so if those franchisees are caught violating state labor laws McDonalds will terminate their franchise rights. Some of the violations at issue include what are definitely felonies (i.e. extortion, threats of death or physical injury). Others are sometimes just misdemeanors (theft of wages, if under a certain amount), but are still criminal. This is an example where a very large employer isn't treating certain areas of criminality as criminal at all. McDonalds has their contracts written to address those crimes they want to include, and these sections are not on the parent corp's lists.

  That much is fact (i'm expecting somebody to try to pick that section apart, before I even offer the my opinion section, so I'm trying to make that line very clear). As opinion, things such as that need to be in contracts because we let corporations form under limited liability rules, and if they are willing to keep doing business with known criminal franchisees who are also incorporated, those multiple corporate veils make it fantastically more difficult to fix. I don't think limited liability ought to extend to cases where somebody hired a hit man to kill a union organizer, and that's proved, but we can't look into whether anybody in particular knew, or passed money about or did other favors to make the hit happen. In the non-corporate world, if you're continuing to associate with a bunch of people you know are felons, and the courts have proved are felons, exchanging money with them and contracting with them is plenty of grounds for an investigation, but this looks like it comes with a clause saying 'unless that trail passes into another corporation'. To fix this, just one of the steps is we evidently do need to get corporations to say explicitly that all relevant criminal conduct will not be tolerated, or at least the New York state prosecutor's office is of that opinion.

Re:From TFA

[jopsen]

Hmm, that's interesting... I would think that if ICANN knowingly continues to conduct business with a partner known to employ fraud then ICANN is a co-conspirator to fraud.
Hence, it would be illegal for ICANN to honor its contract, forcing them to terminate it. Regardless, of what the contract states.

I mean, no judge in his right mind will convict ICANN of contract breach, if the other party is abusing the powers delegated to them for criminal activities.
At least that was my two cents (I'm just applying common sense here)...

Re:From TFA

[pegdhcp]

First of all IANAL,
2nd of all, I will state Turkish practice, which was shaped on European (Swiss and German in this case) law. keeping those in mind:

In a commercial relation/contract, there are certain obligations, where illegal activity of one party becomes a joint responsibility of other, like obligations toward employees and most importantly consumers' rights issues. So the stronger partners in a contract (ICAAN for example) usually put in protective measures against illegal (or just shady) activities of the other party to the contract. This usually in the form of (you must report your activities related to such legal obligations/regulations. Failing to do so, or upon discovery of any misconduct related to such regulations, we can and will reflect possible penalties and liabilities to your account and we will have right to immediate optional termination)... (My translation might be sucking a little)
If such a clause exist in a contract, you can claim in the court that you acted to the best of your ability to prevent any such misconduct by other party, even if you had not acted upon these conditions (if you can prove you were unaware of such misconduct...).

Re: From TFA

[qbanbpc]

Also, just because it's illegal here doesn't mean it's not in, let's say Russia

Re:From TFA

[jandersen]

Sure you can treat that as a contract breach, but it seems more like a criminal matter to me... Why do you even put that in the contract, it's needless to say that criminal conduct will not be tolerated.

Because, in the criminal court, you are innocent until proven guilty, whereas in the civil court, the standard of proof is much more relaxed. So, in terms of stopping unwanted activity, putting it in the contract like this, is much more efficient.

Re:From TFA

Anything and everything should always be listed - ignorance should never be a line of defence!

Only took 10 years

These guys have been slime since they started business. Why did it take so long to shut them done?

Re:Only took 10 years

damn typo. "done" should have been "down".

Re:Only took 10 years

You see, even with regulations in place the consumer gets screwed. Now imagine the self-regulatory fantasy some folk have, that would sure be good to society.

Re:Only took 10 years

In a self-regulating fantasy, nobody would stop others from killing him, thus solving the problem.

Re:Only took 10 years

I like that idea.

Re:Only took 10 years

Because we're splitting hairs between them and domain racketeering sites like godaddy which will put holds on domain names you search for so you can't purchase them elsewhere, then immediately auction them to squatters so is essentially saying, "That's a nice domain name you found there, be terrible if something happened to it. Better buy it before it gets fed to the wolves who will sell it back to you at a higher price because they know you're interested."

Personally, when it comes to criminality I don't really see the distinction in terms of "false advertizing" vs "racketeering" or deceptive practices, etc. most registrars are equally disgusting.

Re:Only took 10 years

[Noishe]

Fuck go daddy for that practice. I lost a good domain name and have been bad mouthing them for over a decade because of it.

Re:Only took 10 years

[LordLimecat]

Not to pull this down to a political argument, but just on a logical reasoning level, this is the WORST argument I've heard regarding regulation.
Regulation is working badly! Clearly we're better off with regulation than no regulation!

Anyways, ICANN is not government regulation in the sense of "US Government". Its an organization that has rules, and noone is arguing that "rules" are, as a whole, a dumb idea-- except maybe anarchists, and there are precious few true anarchists out there.

Re:Only took 10 years

AC because GoDaddy developer here.

I don't know about all time, but at least for the past few years, I've looked for and never seen anything of the sort. I'm told the company does not automatically register domain names. Additionally, employees with access to the system are restricted in purchasing domain names, and are barred entirely from reselling.

See also this comment by Blake Irving

I don't know about other registrars, of course. Be careful.

Re:Only took 10 years

Something like that is certainly happening. I've put a "domain backorder" on a domain for the last 8 years or so, and the domain has been transferred to godaddy but never to me, and then winds up in the hands of yet another domain squatter for a another year. Just what the hell is going on.

Re:Only took 10 years

[Raenex]

You'd think you learn your lesson. The best way to get a domain that is being squatted without paying a ransom is to not show any interest. It used to be domains could be held indefinitely, but ICANN closed that loophole a long time ago, so now it costs money to sit on it.

Re:Only took 10 years

Not to pull this down to a political argument,

"I can't resist banging my political drum, but I don't want to hear any response."

Regulation is working badly! Clearly we're better off with regulation than no regulation!

The argument was that the regulation was insufficient. Compare: "The maximum permitted concentration of this toxin in the water supply is too high." Solutions:
i) Reduce the maximum permitted;
ii) Conclude, "Regulation doesn't work!" and allow drinking water to have any old shit in it.

except maybe anarchists, and there are precious few true anarchists out there.

Eh, they call themselves "Libertarians" these days.

Re:Only took 10 years

Eh, they call themselves "Libertarians" these days.

Not anymore we don't. We used to call ourselves libertarians until those right-wing nuts stole the term from us. Ask any anarchist and we'll tell you that capitalism is and always was incompatible with anarchism.

Re:Only took 10 years

[LordLimecat]

Yea, thats not what I said. My comment was apolitical; it was a comment on a poor line of reasoning. Any political angle you read into that is created wholly in your imagination.

Re:Only took 10 years

Government regulation = politics.

That's your angle.

I know it's hard for statists to be intellectually honest, but please make a token effort.

For those that don't know:

[slashdice]

They snail mail "renewal bills" for your domains (registered elsewhere). I hope most of slashdot would recognize it for what it is. But I'm sure a lot of sheeple accidentally transferred.

Re:For those that don't know:

[LordKaT]

Oh! THOSE guys.

Yeah, fuck these assholes.

Re:For those that don't know:

[sjwest]

We got one once, the paper envelope was then returned with lots of junk paper [reply paid by droa] and we never got another.

Wow Icann did something.

Re:For those that don't know:

That's a wonderful idea. They also seem to be pretty buddy buddy with my registrar, as they send me renewal notices for domains ordered from them. Domains registered on our other registrar did not receive such notices. Perhaps the DRA is using customer information to send unsolicited emails?

But overall yes, shock that ICANN is actually acting. Is it still run by a usa-based organization? If this is the first move of the new international ICANN, I welcome our new overlords.

Re:For those that don't know:

[Sandman1971]

The Domain Registry of Canada has been doing this scam for years, sending false renewal bills for my .net and .org domains. I wish ICANN and CIRA would suspend their operations as well.
http://www.domainpeople.com/al...

Re:For those that don't know:

[bill_mcgonigle]

Also, for those that don't know, they've been doing this for ten years and ICANN bothered to do something about it a decade or so after their peak.

Up to you whether you think this is good governance or not.

Re:For those that don't know:

should have glued the return mailer to a cinderblock.

Re:For those that don't know:

[mysidia]

Up to you whether you think this is good governance or not.

ICANN always argued that regulation / enforcement / policing of the registrars was not their job in response to complaints about many registrar's activities --- such as GoDaddy's onerous "60 day hold/no registrar transfer period" after you renew your domain or change the name of any of your WHOIS contacts.

Re:For those that don't know:

How is that in any way a scam? They say, right there in big block bold letters "THIS IS A SOLICITATION FOR THE ORDER OF SERVICES NOT A BILL OR INVOICE" and "You're not obligated to renew with either your existing provider or us, review our prices and decide for yourself" as well as making it perfectly clear several times that if you accept their offer, you'll be switching to using them.

If you consider that a scam, then you're evidently just an incredibly thick person. They're competing for business in a free market.

Re:For those that don't know:

[Qzukk]

If you believe that's not a scam then boy do I have a deal for you! One bridge*, slightly used!

Re:For those that don't know:

They're sending solicitations that are specifically designed to look like bills.

Re:For those that don't know:

[bill_mcgonigle]

ICANN always argued that regulation / enforcement / policing of the registrars was not their job in response to complaints about many registrar's activities

Even if the activities are illegal (statute or Common Law)? If not ICANN, than who else? This is one of the problems with giving ICANN a monopoly.

"60 day hold/no registrar transfer period" after you renew your domain or change the name of any of your WHOIS contacts

Is that not disclosed in their Terms of Service or is it more like, "big boobs on TV so I didn't bother to read the agreement"?

Not saying it's not scummy, but scummy and fraud are different. If it's not in their ToS but they do it anyway, it's probably illegal as unlawful holding of property (some courts in some jurisdictions have recognized domains as property). Regardless, experienced ski instructors usually advise you're gonna have a bad time if you register with GoDaddy.

Re:For those that don't know:

We got them all the time. They got returned with some toilet tissue that had had a teaspoon of instant coffee wetted and then smudged with the back of a spoon. It looks like a crappy skidmark (try it!). I'd love to have seen their faces opening them.

And yeah - Icann did something!

Re:For those that don't know:

[mysidia]

Is that not disclosed in their Terms of Service or is it more like, "big boobs on TV so I didn't bother to read the agreement"?

Hi. Compliance with the accredited registrar policy is not optional; it is part of a signed agreement between the registrar and ICANN. ICANN posted an advisory clearly alerting registrars to their obligations: 1. Registrars are prohibited from denying a domain name transfer request based on non-payment of fees for pending or future registration periods during the Auto-Renew Grace Period; and 2. A registrant change to Whois information is not a valid basis for denying a transfer request.

GoDaddy adopted practices that were directly contrary to the ICANN policy.

It doesn't matter if GoDaddy disclosed it in the terms of service, the ICANN terms have priority: the practice was a violation of policies that accredited registrars have promised to adhere to, before being allowed to be accredited registrars, and before being able to maintain that status and any access to the registry database or the ability to be in the business of transferring or creating domain registrations.

Re:For those that don't know:

[Charliemopps]

How is that in any way a scam? They say, right there in big block bold letters "THIS IS A SOLICITATION FOR THE ORDER OF SERVICES NOT A BILL OR INVOICE" and "You're not obligated to renew with either your existing provider or us, review our prices and decide for yourself" as well as making it perfectly clear several times that if you accept their offer, you'll be switching to using them.

If you consider that a scam, then you're evidently just an incredibly thick person. They're competing for business in a free market.

Just because the only people you ripp off are stupid, doesn't make you any less of a con artist... it just makes you a shitty con artist.

Re:For those that don't know:

[sjames]

Probably a lot of people got scammed. In my capacity as 'that guy who does internet stuff' I have explained to quite a few that the letter was a scam.

Re:For those that don't know:

It looks like a bill if you don't read the bit that says "THIS IS NOT A BILL"?

Well buddy, if you're in the habit of just randomly throwing your money at anyone who shoves a bit of paper in your face that has a few numbers written on it and hence 'looks like a bill', perhaps you deserve to lose it...

Re:For those that don't know:

[jopsen]

It looks like a bill if you don't read the bit that says "THIS IS NOT A BILL"?

So everybody agrees that they are deliberately trying to trick you; by giving their offer the graphical appearance of a bill. IMO that's fraud.
It's certainly not honest business conduct.

Well buddy, if you're in the habit of just randomly throwing your money at anyone who shoves a bit of paper in your face

I am in the that habit... In most cases the bill is probably legitimate, and it's a lot of work for me to validate that everything is correct. Even more work and cost, if I decide to fight a bill. Often the cheapest way out is to pay.
You right that failure to pay a "fake" bill, like have no consequences, but failure to pay a legitimate bill on time, because I could validate it, will cost me late payment fee, etc...

Re: For those that don't know:

[Bender+Unit+22]

They have been sending them all over the world. Not everyone are used to that type of wording in English, they just see their domain name and something that looks like a bill.

Re:For those that don't know:

[theskipper]

I doubt a registrar would sell their internal customer billing database to an entity whose sole purpose is to take their business away. If you want to speculate, try this. When DROA scraped whois for targets, they filtered by Godaddy customers instead of Fabulous or Moniker. The thought being that more average Joes use GD and therefore easier to fool.

On the other hand it doesn't mean they didn't target the lesser known registrars. I've gotten plenty of DROA scam letters targeted toward my domains in the small registrars.

IOW, I don't think you can draw a conclusion that they filtered by registrar. If they did target, it would make sense to blanket those whois records with an organization name (i.e. formal businesses). And the bigger the better so it has a chance of hitting AP in accounting. Getting a $500 renewal on 5 years is much more likely to happen in that scenario.

Re:For those that don't know:

[gweihir]

Ah. I think I threw away a few of those as well. But there must be more scum playing that game, as I got several of these via email.

Re: For those that don't know:

The breach says the mailers were allowed under the old registrar agreement but not the new one. That might explain why ICANN could only do something now.

Re:For those that don't know:

It looks like a bill if you don't read the bit that says "THIS IS NOT A BILL"?

So everybody agrees that they are deliberately trying to trick you; by giving their offer the graphical appearance of a bill.

Only if you don't look at it, otherwise you'd see, in big, bold letters, "THIS IS NOT A BILL".

Re:For those that don't know:

And by big and bold you mean font size 4 at the bottom buried in a large paragraph of legalese.

Re:For those that don't know:

[LordLimecat]

Disclaimers dont magically make liability for fraud disappear.

Re:For those that don't know:

[BronsCon]

You'd be surprised (most of us already understand, since these things don't fascinate the average human) how many people don't want to spend any more time on their finances than actually necessary. Those people typically just look at the name and total to write on the check, the address to write on the envelope, and the due date to make sure they get it in the mail in time. Those are the people that get caught my this.

And I'll admit to being in that group for bills, and things that look like bills, in the name (and letterhead) of a company I know I owe money to, beyond the first couple of invoices. The net result, for me, has been positive; much less information to remember and associate; just a name and total; so I can quickly and easily catch discrepancies and know which invoices actually require further investigation. The billing address from the first invoice goes in my address book (or I pay online, via a bookmark), so the worst case scenario is I overpay one of my accounts one month because someone sent a fake invoice. Just recently, I did receive a legitimate invoice from my ISP that included a billing error; I have autopay through them, so the payment was automatic, but the refund was also issued within minutes of calling them about it when I saw the abnormally large charge on my credit card. This event prompted an investigation on my end, wherein I verified the amounts billed by my utility and service providers over the preceding years, and matched up each payment sent (or appearing to be sent) to any of them with the payment information on file for each; my findings were positive, one billing error (easily corrected) in one year, across all of them. And I'm sure if I went back farther, that's all I'd find.

If you know who you do and don't owe money to, the "just write the check" method actually works quite well.

Re:For those that don't know:

[BronsCon]

It wasn't a violation of ICANN regulations until they were updated late last year. This is the 3rd violation, first suspension, since then.

Re:For those that don't know:

[LostOne]

CIRA de-certified Brandon Gray years ago, actually.

Re:For those that don't know:

[lonecrow]

While this may not be *technically* a scam, any business model based on tricking customers is pathetic and the work of a sociopath. So ya fuck them and yank there license.

And in case you didn't RTFA or RTFS the terms of use say you can't harvest whois for mass marketing purposes. Clearly this is what they are doing so again, fuck them and yank their license.

Its a giant pain in the ass when a client calls and gets mad at me because their website and email is down only to find out that they received one of these letters and accidentally transferred their domain.

"Businesses" like this are a menace and should be shut down.

tl;dr: DRA smacked for domain transfer fraud

[Snowhare]

Domain Registry of America has made a business out of sending deceptive letters to domain owners using other registrars asking them to "renew" their domain registration with DRA. The letters are cleverly written to make it unobvious so that people who think they are just renewing their domain actually have their domain registry transfered from their current registrar to DRA.

Ok, but

[hcs_$reboot]

ICANN has suspended Domain Registry of America

"First time accepted submitter EpicMaxGuy" didn't even bother to tell us the reason why it was suspended... So for one

Brandon Gray’s resellers subjecting Registered Name Holders to false advertising, deceptive practices, or deceptive notices

and also the article mentions that

mining your competitors’ data to send unsolicited and misleading marketing messages isn’t allowed

.

Re:Ok, but

[AK+Marc]

Also, what connection is there between Brandon Gray’s resellers and Domain Registry of America?

It requires research to figure out what the summary means. That means it's a bad summary

Re:Ok, but

To summarize the summary of the summary: People are a problem.

Hijacking

[EmagGeek]

I get hijack letters from them all the goddamn time. I have about a dozen domains and I constantly get "expiration" notices that are really transfer authorizations in the fine print. It's sleazy and deceitful, and they deserve to be shut down.

I can't imagine how many suckers fall for it and end up paying $40 or more for domain registration... does DRA even allow outbound transfers?

Re:Hijacking

[GoodNewsJimDotCom]

They're 100% scam artists. They just send snail mail "bills" to everyone who registers a domain. They expect people to fall for it and I'm sure many people do which is why they can afford the postage stamps and keep sending them out.

Re: Hijacking

[Scoth]

They do allow outbound transfers (it's a requirement of being an accredited registrar) but it's a giant pain in the ass. I used to do customer domain management for my company and getting the auth code and domain unlocked from these guys was an exercise in frustration. Took several calls and emails to "authorize". This was several years ago; maybe they have an online portal now.

Re: Hijacking

[mysidia]

They do allow outbound transfers (it's a requirement of being an accredited registrar) but it's a giant pain in the ass. I used to do customer domain management for my company and getting the auth code and domain unlocked from these guys was an exercise in frustration.

Considering their "piece of paper" form that they send out is enough to get a transfer to other registrars: I do believe they must honor the same process. If a written form is presented to them, they must take it as authorization for the transfer, otherwise the other domain registrars who are harmed by it would have fought this practice away a long time ago.

Re:Hijacking

I'm legitimately surprised that any domain owner could fall for something like this. Presumably most domain owners have some technical savvy, no? I have gotten dozens of those letters and they went right in the shredder.

Though to operate as long as they have there must be a lot of idiots controlling domains out there.

Re:Hijacking

[Gavagai80]

If most domain owners were technical people, godaddy wouldn't exist.

Re:Hijacking

[Albanach]

Presumably most domain owners have some technical savvy, no? I have gotten dozens of those letters and they went right in the shredder.

And how many times do you think someone in a management position finds it lands on their desk and then, thinking it's a valid bill simply sends it on down to accounts for payment. Even if the folk doing the registration are typically tech savvy, that doesn't mean it will be a tech savvy person that receives the 'renewal notice'.

Then there are those that set up a website from one of the many one-click web presence builders. Folks like builders and plumbers who again may not be tech savvy. Perhaps their partner simply pays the bills as they come in, or they do it themselves in the evening. Never having owned a domain before, they see no reason to believe this isn't legit, so off goes the check.

Re:Hijacking

Don't underestimate the stupidity of the greater part of the world population.

Re:Hijacking

[AK+Marc]

I registered my domains at an address that's no longer valid (I moved, and it was "safer" to not give a proper forwarding address, and let some things lapse). I've never gotten any of the letters, but then, my official address is a place I haven't lived in years.

Re:Hijacking

[techno-vampire]

I like my system of avoiding this kind of scam better: my (vanity) domain is registered using my correct snail address, but I've told the registrar that I only want email from them, no paper. That means that if and when I get something in my mailbox claiming to be a bill for registration, I just throw it away unopened because I know it's not legit.

Re:Hijacking

[bloodhawk]

nowadays anyone from a home blogger to grandma's shop owns a domain name, it doesn't require any technical know how. Most of these people have no technical knowledge at all and barely understand what a domain name even is, all they know is they were told they needed one to put their web page up.

Re: Hijacking

[Ash-Fox]

I'm technical and I use Godaddy (just for domain registration).

Good!

[flightmaker]

It's always nice to get at least one item of good news in a day. I guess this is it.

I've also had the snail mailed fake invoices from them, which I can only suppose is an illegal use of the whois database. I guess their strategy is to land these on the desks of overworked administrators who are more likely than me to rubber stamp them and pass them along for payment. Me? I always put them in the shredder.

Why did it take so long? I really don't know. Why is it not a permanent shut down? Don't know that either, but at least they're shut down for now.

Re:Good!

[techno-vampire]

I've also had the snail mailed fake invoices from them, which I can only suppose is an illegal use of the whois database.

It's also Mail Fraud, and the owners should already be in prison for what they've been doing. Let's hope that the Feds get off their asses and earn their salaries.

Domain Registry of Canada

[future+assassin]

Not sure if they are connected but they used to send real mail to try and trap people into renewing/transferring with them. So it only takes 14+ years for ICANN to do something?

Re:Domain Registry of Canada

[exploder]

Not sure if they are connected but they used to send real mail to try and trap people into renewing/transferring with them. So it only takes 14+ years for ICANN to do something?

I know, motherfuckers act like they forgot about DRA.

Re:Domain Registry of Canada

I know, motherfuckers act like they forgot about DRA.

I award you over 9000 internets.

Re:Domain Registry of Canada

So it only takes 14+ years for ICANN to do something?

Making decisions to cut off your money supply (ICANN makes their money from the registrar fees) is only done for worst of the worst.

I am sure some of the tin foil hate crowd would say ICANN needs a few of these rouge registrars in order to be able to make the argument that ICANN is working well, and ICANN might even be secretly funding them.

Re:Domain Registry of Canada

[whoever57]

So it only takes 14+ years for ICANN to do something?

Perhaps DRA sent a letter to ICANN concerining renewal of icann.org?

Re:Domain Registry of Canada

Funny?

Re:Domain Registry of Canada

ROGUE, not rouge. Thanks.

Re:Domain Registry of Canada

It's just a bunch of gibberish.

Re:Domain Registry of Canada

[nwf]

So it only takes 14+ years for ICANN to do something?

Perhaps DRA sent a letter to ICANN concerining renewal of icann.org?

My guess is ICANN would pay it, too.

Now if only

[lukelarris]

Now if only they'd suspend HugeDomains as well, I'd be happy. They snatch up domains as soon as they expire, as well as alternate TLDs of a domain you just bought, and then they email you. They cybersquat and charge ridiculous prices for the domains they've acquired.

FINALLY!

[slashmydots]

It's about damn time! That asshole sends out fake domain registration renewal notices via mail and fax. So many businesses fall for it and at the same time basically put this company in charge of their domain. They should have arrested this asshole years ago! In fact, it sounds like he's not arrested, he's just banned from registrations.

So there goes any hope that Perion Network will be shut down. They're responsible for the vast majority of advertising malware infections and they're in a lovely looking building over in Redmond Washington. They use their Israel location to do most of their illegal stuff so it's all cool with the US gov apparently. By the way, they're responsible for everything related to Conduit Malware, Sweetpacks, Smilebox, and basically everything else you've ever seen on a stupid person's computer.

My story with those assholes...

A couple of years ago I wanted to register my family name as a domain.
I had no immediate plans for it, just wanted to claim it for possible future use.

Before registering my domain I checked whois to see if it was free. It was.

Phone goes, lengthy call, I get back to the computer 30 minutes later.
I try to register the domain and I see that the .com, .co.uk and .nl versions are all taken by RNA.
Eventually I registered the .info version, just to make sure they couldn't grab that too.

2 days later I start getting emails to the registration-address for the .info domain offering the .com, .co.uk and .nl names for sale.
At $10.000 a piece. I didn't bother replying.
After a week the emails went into "your last chance" mode and the price dropped to $5.000.
Another week later price went to $1.000 and after a month they started to offer the set of 3 domains for $1.000.
I still get a reminder every 3 months or so. Price was down to $ 500 the last time I bothered reading one of those emails.

It is about time ICANN does something about these jerks.
They have been running various scams since at least 2005.

Re:My story with those assholes...

[bswarm]

I use regtek http://www.registrationtek.com... They offer "private registration" service. For about 8 years I've never been spammed or snail-spammed by them.

Re:My story with those assholes...

[The+Cisco+Kid]

Avoid using whois on registrar sites to check availability. It's trivial for them to hijack that info and then allow someone else to see what domains people have been checking, so they can pre-emptively register them.

The best way is to check the TLD server directly, using "dig"

Failing that, use a real whois client (NOT anything web-based)

$ dig thisdomaindoesnotexist.com ns

; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> thisdomaindoesnotexist.com ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39567
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;thisdomaindoesnotexist.com. IN NS

;; AUTHORITY SECTION:

com. 899 IN SOA a.gtld-servers.net. nstld.verisign-grs.com. 1405884613 1800 900 604800 86400

;; Query time: 178 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Sun Jul 20 15:31:01 2014
;; MSG SIZE rcvd: 117

$ whois thisdomaindoesnotexist.com

Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net/
for detailed information.

No match for "THISDOMAINDOESNOTEXIST.COM".
>>> Last update of whois database: Sun, 20 Jul 2014 19:30:55 UTC <<<

Re:My story with those assholes...

I have run in to similar situations. My question is: How the fuck do these guys intercept whois queries?

Decades ago I learned to never query whois before registering a domain I might want... and I'm talking about the command line whois from my workstation, not some scam web-site. How do the scammers/squatters capture this?

Re:My story with those assholes...

All 3 domains for $1 dollar?! That's a steal!

Re:My story with those assholes...

I'm the original poster.
I know better now, in fact I knew it at the time too...
Just didn't think about it then and I just Googled for an online web-based whois service.

I just hope these jokers get shut down and ICANN liberates the domains.
(Given ICANN's track-record I'm not having much hope.
I might have more luck with the .NL registrar.
They have some rules for dealing with domain squatters.)

Re:My story with those assholes...

[Motard]

Avoid using whois on registrar sites to check availability. It's trivial for them to hijack that info and then allow someone else to see what domains people have been checking, so they can pre-emptively register them.

Seems like a pretty good argument to do *a lot* of bogus inquiries. Let them pre-emptively register to their heart's content.

Re:My story with those assholes...

[guruevi]

They don't hijack it, the whois providers are themselves the hijackers. In case of your command line utility, it is possible your ISP simply provides their own whois (there is no requirement for whois to query the 'official' databases and it is trivial to put your own 'cache' in).

And the best thing is that most of these 'hijacked' domains are never paid for, ICANN allows for ~$0.25 (refundable) to 'reserve' a domain name. Eg. an ISP or web service may do this as a 'service' so you're sure to have it when you pay for it (with them). Then if you don't pay for it, the domain is set up for expire and goes on a feed where decisions are made (most likely an algorithm based on keywords and name lists) and then registrars are bombarded for seconds leading up to the expiration time by requests to register the domain in a similar 'reservation' fashion.

Eh

He should have tried to register .Merica

Real Address?

[Rande]

What, you put your actual address in there? Why? No one I care about would use the Whois to contact me by snail mail. And if actual authorities need to find me, then they can subpoena my billing address (or maybe, y'know, just email me and set up an appointment?)
I think mine is currently set to some hotel in Uzbeckistan. Next renewal I think I'll set it to a Yurt in Mongolia.

Re:Real Address?

What, you put your actual address in there? Why?

Depending on the interpretation of certain ICANN rules, not having legitimate contact information available to the registrar can be cause for termination of the domain registration. Note that some registrars allow you to "hide" your actual contact information (WhoisGuard/Domains_by_proxy are a couple of examples), but the real information is available to the registrar of record. As required.

Re:Real Address?

[Geeky]

In the UK you can request your details are hidden from whois for any .co.uk domain if you're a personal user rather than a business. It shows up as follows:

Registrant's address: The registrant is a non-trading individual who has opted to have their address omitted from the WHOIS service.

This is to comply with UK data protection laws. I don't think it applies to international domains registered within the UK though. Obviously your registrar still has the details on record.

Read this, you naive fools.

The rotten and corrupt Domain Name System.

Re:Read this, you naive fools.

Sorry, but that's total BS.

Re:Now if only

[mysidia]

If you have evidence of it, please write to ICANN to complain about the obvious WHOIS data mining for marketing/e-mail spam purposes....

What, ICANN did something!?

That is the real news, actually.

Re:What, ICANN did something!?

[sjames]

Perhaps the resorts in Geneva were closed for renovation.

I'm so glad they got shut down

[General+Anders]

It makes me so happy that these guys got shut down. I really hope they could be shut down indefinitely. Working in tech support, I see these guys trying their deceptive practices and confusing so many people all the time.

same company, CIRA already cut him off

[raymorris]

I believe that's one of many names for the same company.

I noticed this a few years ago and wrote a script

[technosaurus]

I noticed this a few years ago and wrote a script that used curl and the wordnet dictionary to query every possible dictionary name + a random string and log the tried combinations.  Unfortunately the log ran me out of disk space before I could check to see if it worked, but hopefully it got them to register a few useless domains in the mean time.

OH MY FUCKING GOD...

[buckfeta2014]

ICANN actually did something for once.

*happy dance*

Fry in hell, "Domain Registry of Canada". I hope ICANN goes further and requires you to transfer the domains belonging all the people you've scammed to a legitimate registrar.

LOOOOOONG overdue

[WCMI92]

This bunch of assholes has been sending fake renew notices to my company and to my clients for years. I've of course caught them and prevented people I work for from falling for it.

They never should have been allowed to act as a registrar, and it shows the corruption of ICANN that they weren't kicked in the balls years ago.

Re:Now if only

Umm, how about don't let your domain expire? I mean, it's the same date every year, is it that hard to plan for it? It's the stupidity of people that allows this practice to be profitable.

And nothing of value was lost.

[Shag]

Like others, I've had to deal with these guys for ages. It was because of them that I put MY address on WHOIS records of domains I host for un-clued people (back when I was in hosting) - otherwise the domains would have gone their way.

Better things to do with these invoices

[Arker]

"I've also had the snail mailed fake invoices from them, which I can only suppose is an illegal use of the whois database. I guess their strategy is to land these on the desks of overworked administrators who are more likely than me to rubber stamp them and pass them along for payment. Me? I always put them in the shredder."

You are too kind.

At the very least you should return to sender.

But much better! Take it to your local postmaster general. Report it as mail fraud.

Misleading renewal notices

[kriston]

This is one of those companies that still sends misleading renewal notices even after all this time. At first they were told to make them not look like "renewal" notices from your current domain registrar. They were reworded and redesigned but still strongly imply that you need to "renew."

ICANN is not the police, prosecutor, judge or jury

[dutchwhizzman]

You'd have to wait for the government to declare Brandon Gray an illegal organization or punish them some other way if you want to rely on the criminal part of the law to deal with this. That is why you want obvious criminal actions to be named in your contract as a reason to suspend/stop delivering services or payments.

False advertising is not illegal

neither are deceptive practices & notices.

http://www.motherjones.com/tom-philpott/2013/01/coca-cola-vitamin-water-obesity

http://pocketnow.com/2012/09/05/is-nokia-marketing-misleading

These things should be illegal... but they arent.

Re:ICANN is not the police, prosecutor, judge or j

[Dan541]

FYI, your Goldie Wilson Hover Conversion System should be available next year.