Original URL: http://www.theregister.co.uk/2007/07/17/domain_name_scam/

Domain name scammers target uk.biz

Warning over 'gazzumping' ruse

By John Leyden

Posted in CIO, 17th July 2007 14:40 GMT

Domain name scammers are once again targeting UK firms.

Typically, the scam, which is still under investigation, starts with calls to domain owners warning them that a variant of the domain they own has been bought by a third party. Prospective marks are invited to outbid these third parties by placing higher bids with domain registration entities that falsely claim to be partners with Nominet, the UK registrar.

Mullard Space Science Laboratory, part of University College London, has been targeted by variants of the scam twice by different entities (both of whom made false claims) over recent weeks. "A heads-up story about the activity might be in order," writes Alan Brown, our source in the lab. Brown said some of his peers had been subjected to similar approaches. He has contacted Nominet in the hopes that it might be persuaded to compile information on the scams for a possible trading standards or OFT (Office of Fair Trading) investigation.

Tim Dalby, of Nominet's legal team, told El Reg it was looking into the latest example of possible fraud reported by Brown earlier this month to see "if there is anything further that we can do".

"We get periodic complaints about various business practices relating to domain names sales, including the pressure selling of domain name registrations," he said. "We are genuinely concerned with such cases and where possible we take action."

A page in Nominet's website details various sharp practices around domain name sales and the steps concerned punters can take if they become recipients of unwanted, and possibly fraudulent, approaches.

Fraud targeting domain name holders are far from new. In February 2001, the Federal Trade Commission (FTC) went to court to stop a scam that attempted to trick potential marks into registering variations of their existing domain names. At least 27,000 website owners were victims of that scam, the US consumer watchdog estimated.

More recently, jailed UK spammer Peter Francis-Macrae (AKA Weaselboy) used data from Nominet's Whois database to mount a bogus domain re-registration scam. ®