EnCirca finds that domains were used for nefarious purposes.
ICANN terminated the accreditation of domain name registrar ABSYSTEMS INC (dba yournamemonkey.com) in December for multiple contract breaches.
ICANN transferred the domain names to another registrar as ICANN does in cases of a de-accreditation. In this case, EnCirca was the (not so) lucky registrar.
EnCirca got more than it bargained for.
ICANN informed EnCirca that ABSYSTEMS had approximately 700-800 names, but some of the names had already been transferred away. It estimated that 30% of the names were registered to individuals and companies in the United States, and 70% of the names were registered through a privacy service in the Philippines. ICANN also said the latest escrow deposit information seemed to be okay.
When EnCirca received the data, even the US contacts looked suspicious, EnCirca President Thomas Barrett told Domain Name Wire.
Although not required for registrar transfers, Barrett decided to put all of the customers through email verification. 75% of the customer emails bounced and no customer verified their account.
So EnCirca compared the list of transferred domains to a list of unauthorized pharmacies listed at NABP.Net and there were over 110 matches.
Next, the registrar asked LegitScript to analyze the list of 750 domains. On its first pass, LegitScript flagged 96% of the domains as fraudulent. (LegistScript does this service free for registrars.)
As a result, EnCirca has suspended all of the domains that were migrated from ABSYSTEMS.
Some of the domains, including the registrar’s main domain, were transferred out to another ICANN registrar and are now under Whois privacy. The remaining domains will be allowed to expire and deleted per the normal schedule.
Although a bit of work for EnCirca, the net result is a rogue registrar has been put down and the internet is a little bit safer than before, Barrett noted.
Leave a Comment