Sorry Ade, but you may have missed the main point here, the domain is 9 days (yes nine) old, it is under the 15 day 2013 RAA Verification for email or telephone confirmation, whereby if not confirmed it is suspended. The address could be correct (well it is lets be honest) and the telephone number could be correct (it is per facebook,com). The registrar within the first 15 days has to have a positive feedback only, thus if a link is clicked (by accident) or an SMS at time of registration and the code entered on a webpage later - this is confirmation. If nothing received - on day 16 (so 15 full days) the domain should be suspended. Kind regards, Chris From: "Ade Cheek" <ade.cheek@legitscript.com> To: "Susan Kawaguchi" <susank@fb.com> Cc: gnso-rds-pdp-wg@icann.org Sent: Monday, 1 August, 2016 19:36:44 Subject: Re: [gnso-rds-pdp-wg] Use Case - False registration data to appear as Facebook owned domain name Onlinenic - No comment Anyway, the address is valid, as in actually exists, hence the initial "validation". You don't need me to tell you that a large number of registrars simply automate the address check process and when complaints arise, they can claim that they had conducted validation checks. More often than not (in my experience) the complaint is then dropped by ICANN. As silly as this sounds, if the sender address is not monitored, then the reply that it's not valid will simply not be read. I also see that they ask you to " contact your domain name Service Provider for direct assistance" if you need to correct any information. Again, don't contact us, it's not our problem. On Mon, Aug 1, 2016 at 11:24 AM, Susan Kawaguchi < susank@fb.com > wrote: We received a WDRP notice as you can see below. No way to validate the information and I responded that it is NOT valid… Completely out of compliance in my opinion. From: " No-Reply@onlinenic.com " < No-Reply@onlinenic.com > Date: Thursday, July 28, 2016 at 9:43 PM To: domain < domain@fb.com > Subject: [domain] Whois Data Reminder - login-account.net Dear Domain Registrant, This e-mail is a reminder for you to review and correct any inaccurate Whois information associated with your domain registration on login-account.net . Our records include the following information. [whois info] Domain: login-account.net Registrar Name: ONLINENIC, INC. Registrant: Name: Domain Administrator Address: 1601 Willow Road, City: Menlo Park State/Province: CA Country: US Postal Code: 94025 Administrative Contact: Name: Domain Administrator Address: 1601 Willow Road, City: Menlo Park State/Province: CA Country: US Postal Code: 94025 Phone: +1.6505434800 Fax: +1.6505434800 Email: domain@fb.com Technical Contact: Name: Domain Administrator Address: 1601 Willow Road, City: Menlo Park State/Province: CA Country: US Postal Code: 94025 Phone: +1.6505434800 Fax: +1.6505434800 Email: domain@fb.com Original Creation Date: 07/24/2016 Expiration Date: 07/24/2017 Nameserver Information: Nameserver: ns1.dns-diy.net Nameserver: ns2.dns-diy.net Under ICANN rules at http://www.icann.org/whois/wdrp-registrant-faq.htm , domain name registrants are obligated to review the contact information associated with their domain names and make corrections whenever necessary. The provision of false Whois information can be grounds for cancellation of your domain name registration. If you confirm the current whois information is full and accurate, you could simply ignore this notification. If you need to update whois information, please contact your domain name Service Provider for direct assistance. Regards. Susan Kawaguchi Domain Name Manager Facebook Legal Dept. From: " benny@nordreg.se " < benny@nordreg.se > Date: Monday, August 1, 2016 at 10:30 AM To: Ade Cheek < ade.cheek@legitscript.com >, Susan kawaguchi < susank@fb.com > Cc: " gnso-rds-pdp-wg@icann.org " < gnso-rds-pdp-wg@icann.org > Subject: Re: [gnso-rds-pdp-wg] Use Case - False registration data to appear as Facebook owned domain name Please point me to the section where that are in compliance with RAA 2 013 The only occurance occurrance of getting a domain as OK without validation are if the Registrant ID are validated from before and no changes are done. In that case it indicates FB have validated the info -- Med vänliga hälsningar / Kind Regards / Med vennlig hilsen Benny Samuelsen Registry Manager - Domainexpert Nordreg AB - ICANN accredited registrar IANA-ID: 638 Phone: +46.42197080 Direct: +47.32260201 Mobile: +47.40410200 From: Ade Cheek < ade.cheek@legitscript.com > Date: Monday 1 August 2016 at 19:13 To: Susan Kawaguchi < susank@fb.com > Cc: Benny Samuelsen < benny@nordreg.se >, " gnso-rds-pdp-wg@icann.org " < gnso-rds-pdp-wg@icann.org > Subject: Re: [gnso-rds-pdp-wg] Use Case - False registration data to appear as Facebook owned domain name Benny, If the information provided ticks the boxes then it's validated. Most checks are retrospective as this takes time and time is money... On Mon, Aug 1, 2016 at 10:11 AM, Ade Cheek < ade.cheek@legitscript.com > wrote: BQ_BEGIN As Susan mentions, all they need is a few days. At least the registrar actually conducted validation checks, many don't. On Mon, Aug 1, 2016 at 10:04 AM, Susan Kawaguchi < susank@fb.com > wrote: BQ_BEGIN The registrar sent an email to Domain@fb.com which I received but I immediately responded it was not a valid registration and asked for transfer. No word yet. All phishers need is a few days to use the domain name. Susan Kawaguchi Domain Name Manager Facebook Legal Dept. From: " benny@nordreg.se " < benny@nordreg.se > Date: Monday, August 1, 2016 at 10:01 AM To: Susan kawaguchi < susank@fb.com >, " gnso-rds-pdp-wg@icann.org " < gnso-rds-pdp-wg@icann.org > Subject: Re: [gnso-rds-pdp-wg] Use Case - False registration data to appear as Facebook owned domain name Curious, how did it get validated? -- Med vänliga hälsningar / Kind Regards / Med vennlig hilsen Benny Samuelsen Registry Manager - Domainexpert Nordreg AB - ICANN accredited registrar IANA-ID: 638 Phone: +46.42197080 Direct: +47.32260201 Mobile: +47.40410200 From: < gnso-rds-pdp-wg-bounces@icann.org > on behalf of Susan Kawaguchi < susank@fb.com > Date: Monday 1 August 2016 at 17:17 To: " gnso-rds-pdp-wg@icann.org " < gnso-rds-pdp-wg@icann.org > Subject: [gnso-rds-pdp-wg] Use Case - False registration data to appear as Facebook owned domain name Hello All, Attached is a use case we run into frequently, bad actors will use valid Facebook information in the registration data to make the registration to appear authentic. Best regards, Susan Kawaguchi Domain Name Manager Facebook Legal Dept. _______________________________________________ gnso-rds-pdp-wg mailing list gnso-rds-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg -- Adrian Cheek Director of Global Partnerships BQ_END -- Adrian Cheek Director of Global Partnerships BQ_END -- Adrian Cheek Director of Global Partnerships _______________________________________________ gnso-rds-pdp-wg mailing list gnso-rds-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg