Comments on fake renewal notice report
This report is deficient in several respects. It fails to describe the difference between a fake renewal notice, an advertising offer, and phishing attempts. Entities such as Domain Registry of America were hit with a complaint from the US FTC (see http://www.ftc.gov/opa/2003/12/domainreg.shtm). They have since changed their notices from a fake renewal notice to an advertising offer. Further, other types of fake renewal notices are sent as part of the phishing plan to get login credentials. These are different scenarios that need to be dealt with differently. The data used to create the notices is related to whois so this task force should be combined with the whois task force because the issues are interrelated. Right now registries and RIR's are making up all kinds of wild requirements that break the functionality of their services in failed attempts to curb "scraping" of the whois data by harvesters. Other companies, such as DomainTools.com, are taking the data without permission and then selling it. Thank You |