Registrars not verifying contact information on domains?



According to a GAO report one of the reasons that phishing and scam websites are because of a lack of enforcement and policing by registrars of accurate contact information. According to their study over 5% of sites had been registered with false data. ~2.5% had been registered with incomplete information. These findings come from a random sample of 300 domain names that they then did lookups on the domains.


Brian at the SecurityFix suggests that the estimates may be low, because many scam/phishing sites may use registration data of identity theft victims and those may not show up as incomplete or false data (in other words, the name/address/phone checks out as valid, not necessarily indicating that THEY were involved in registering the domain.) That’s a good point. I suspect that if the registrars don’t get serious about making sure information is correct, then we might see other approaches. It would be nice if the registrars could regulate themselves in this matter.

One thing they could do is for the first 30 days of a domains life have a probationary period, send a postal letter to the address of the person registering and require them to enter a pin number (much the way Google verifies adsense participants…. sign up, get a postcard, go to website and enter pin number.) You certainly have to go through the ringer to prove you are authorized to deal with a domain to move it to another registrar….. (At least in my experience that’s been the case, especially if the company has changed hands.)

Related Posts

Blog Traffic Exchange Related Posts
  • Bad week for Cisco, security headaches For starters, there was this advisory last week in response to a planned talk at a hacker convention on the possibility of a cisco router ipv6 exploit. The advisory detailed a LOCAL exploit and not the remote exploit that the talk was centered around. There was legal action against the......
  • Network Security guide for the home or small business network - Part 7 - Wireless Networking OK - the last couple of entries got into some heavy lifting and some real learning on your part. Learning about what software needs to run, what services are running, updating them to keep current on security patches. We even talked about securing services listening for outside connections and limiting......
  • How to Remove Win Security 360 | Win Security 360 Removal Guide Win Security 360 is a rogue antivirus application that is promoted through the use of trojans and other malware as well as sites that claim to do malware scans of your computer. Among the things that it will do is schedule itself to run when the system boots and it......
Blog Traffic Exchange Related Websites
  • The Concept Of Using More Than One Domains It's typical to use multiple domains for a website that must be referenced by more than a single domain name. Usually, several domains are created to reference a site's index page and deliver the same results for people searching online. With multiple domains, you pay a single fee but have......
  • Need A Good Domain Name - But Which One? Do you need an ideal domain name? Are you looking for a good domain name? Well then, here are a couple of the top tips you can use to find the domain name that's best suited for your marketing purposes. Here we go. A common question regarding domain name buying......
  • Your Site, What The Whole World Should See You've got your Web site up and running and it's just what you wanted. You now concern yourself with getting visitors to the site. Employing other methods to increase the number of visits to your site other than optimization is possible. These are simple ways, but they can increase your......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site