Here is an interesting case on how far some of these thiefs go to obtain valuable domains. https://domaingang.com/domain-crime/warning-tilt-com-is-currently-a-stolen-d... Also demonstrates having data public can be dangerous for your opsec. Best, Theo On Wed, Nov 24, 2021, at 10:38 AM, John McCormac via CPWG wrote:
On 24/11/2021 05:34, Alan Greenberg via CPWG wrote:
In our discussions related to the Transfer Policy PDP, the issue of domain hyjacking and other nefarious actions has come up often, with some people claiming it is a major issue and others that it is not. I just cam across an interesting tidbit.
If you register a domain with GoDaddy, one of the things that pops up (encouraging you to purchase a service from them) is the attached image.
I have no idea where the statistic of 170,000 attempted domain thefts per year comes from.
It may be based on Godaddy's experience, Alan, It is the largest gTLD registrar on the web and owns a number of other registrars, brand protection registrars and ccTLD registrars. Like most of the larger registrar operators, it is a bit of an iceberg with a recognisable large brand on many other brands acquired through takeovers of other registrars and businesses over the years.
Some of the mentions of stolen domain names that appear on the various domainer fora mention that their registrant's logins were compromised as part of the theft. This is often down to phishing e-mails sent to the registrant purporting to be from the registrar.
High profile brand domain names are often on brand protection registrars and it is typically ordinary registrants and SMEs that are targeted. These are the people that the the 60 day transfer lock manages to protect.
The ordinary registrant may not even know that ICANN exists or the process for reversing a domain theft.
Some of the arguments on getting rid of the 60 day lock and the opt-in proposals on the Zoom meetings can only have come from being unaware of the issue domain name thefts.
The registrants of domain names that are unused as e-mail domain names or developed websites may even be unaware that their domain name has been stolen until it is too late. Most of the time, the targets are high value domain names (short, keyword, short numerical and brand) that can be converted to cash by a quick resale on domain name auction/sales sites. By the time that the domain name has been resold, it can have moved through a number of registrars.
The gTLD market may be more affected by domain name theft due to global market for most domain names and the ease with which the stolen domain name can be converted to cash. The ccTLD markets are much smaller in scale and some have a more complex transfer process with a pro-active single registry being the final authority. With ccTLDs, cybersquatting and trademark infringement may be larger problems.
The worst case scenario is when a gTLD registrar gets compromised. As the Epik data breach demonstrated, this happens and there is often a scramble to secure affected domain names before they are transferred out. That 60 day lock is a failsafe.
Regards...jmcc -- ********************************************************** John McCormac * e-mail: jmcc@hosterstats.com MC2 * web: http://www.hosterstats.com/ 22 Viewmount * Domain Registrations Statistics Waterford * Domnomics - the business of domain names Ireland * https://amzn.to/2OPtEIO IE * Skype: hosterstats.com **********************************************************
-- This email has been checked for viruses by AVG. https://www.avg.com
_______________________________________________ CPWG mailing list CPWG@icann.org https://mm.icann.org/mailman/listinfo/cpwg
_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.