Just one example of spam based on whois records.
We all know that people mine whois databases to sell stuff. It’s incredibly cheap and easy to do these days: compare the zone files, get the new registrations, and then run whois lookups. There are even people selling the entire .com whois database for a few hundred bucks.
This makes it easy for people to spam new domain name registrants and sell them services they don’t need, like search engine submission.
Last week I registered a handful of .com domain names at Uniregistry. Shortly thereafter I received this email:
The email was sent through Amazon.com’s Simple Email Service from firstname.lastname@example.org. Although one of the links in the email is masked as DomainServicesOnline.org, clicking any link sends you first through SearchRankingTools.net and then to DomainServicesOnline.org.
Once you land at DomainServicesOnline.org, you’re asked to pay to get your new site submitted to search engines. (Search engine submission is unnecessary and is essentially a scam at this point.)
If you call the phone number on DomainServicesOnline.org, a voice recording tells you to email @domainservices.org, which appears to be an identical site.
All three of the domain names I’ve mentioned use whois privacy.
However, SearchRankingTools.net has a nameserver of NS1.NATIONALWEBSERVICES.ORG. There are only five sites hosted on that nameserver, and the domain name itself doesn’t use whois privacy (although the phone number is invalid and the address matches a UPS store).
If you just type in SearchRankingTools.net without the referrer code in the email, if forwards you to SearchRankingTools.com, a domain name owned by Frank Schilling. I suspect the owner of the .net is doing this to cover his tracks.
On the one hand, this is an example of someone using whois privacy to cover bad behavior. On the other hand, if I were to use whois privacy on my domain registrations, this type of spam can be blocked at the whois privacy provider’s level.