Four letter domain name subject to cybersquatting complaint.
A UDRP cybersquatting complaint has been filed against the domain name USSA.com.
The filing was made at National Arbitration Forum, which does not disclose the name of the complainant until a decision is rendered. However, there’s a good chance it was filed by USAA, a financial services firm serving military and veteran families.
USSA.com was the domain name used in a recent phishing attack that Joseph Peterson (a veteran of the Navy) wrote about.
It’s not clear if the sender’s email address was spoofed, as it often is in phishing attempts, but it would be odd to spoof a typo rather than the target’s actual domain name. [Update: the whois has been unmasked and I really think the address was spoofed.]
At the same time, it’s rare that a good domain name is used in a phishing attack. Normally perpetrators use throwaway domain names, not four letter .coms.
Steven says
I think it’s way more likely the ‘from’ address was spoofed and either the scammer made a typo or intentionally said ussa to reduce odds of being redirected to spam folder (spam filters are weird and gaming them is complicated), than the actual owner of a very valuable 4l trying to make a quick buck illegally. We’ll see I guess.
Steven says
Why didn’t you look at the whois / history before publishing this story? I just checked and ussa.com is owned by a well-known domain investor and has been parked at InternetTraffic for over 6 months. No way the spam was sent by him through Frank’s parking servers. USSA.com owner is an innocent victim that got attention drawn to his domain because of a spammer, and is now facing a udrp probably because of the spammer’s actions and perhaps Joseph’s post saying “I hope USAA files a complaint and takes possession of USSA.com. Given the phishing email being sent out, the case ought to be a slam dunk.” Shame on DNW for these posts.
Xavier.xyz says
Another wierd trend is phishing scams sent from well known and legit .gov.uk domains… mostly paypal scams..
Sandy says
Spammers look for domains that don’t have an SPF record. Ussa,com does not have one, so it is an easy target.
Andrew Allemann says
Got it. So maybe they looked for a similar domain to usaa.com that didn’t have an spf record and chose this one. How can you tell if an email you receive is spoofed?