.XYZ Suspends 24 Domains Of Website Cloaking Fraudsters

Written by Brad Hayes:

After we posted this most recent article exposing how 24 .XYZ domains were being used by fraudsters allegedly operating out of China and India, the .XYZ registry suspended the 23 domains that were still in operation. According to Shayan Rostam, Global Director of Registry Operation, they suspended the original site that we noticed last week, Baseball-Reference.xyz that same day we reported on it. This time however, after reading our article that detailed the remaining 23 domains registered to the same person, they suspended them within 90 minutes. That’s impressive and we commend .XYZ for acting so quickly to prevent consumers from being duped by the fraudsters responsible.

Per the email that we received today from Shayan,

“Also wanted to make you aware that all of the domains you highlighted in yesterday’s article were suspended less than 90 minutes after the story was published.”



Photo Above: TVRage.XYZ no longer resolves.

We are also going to communicate with the .XYZ Registry further to find out what they’re going to do to possibly detect this kind of activity before it gets to a point like this.

We should note that this type of fraud does happen with .Com domains, as well as many others, including many of the new .GTLD domains.  Is there a higher probability of it happening with URLs that are very low cost, yes, there is. Years ago the domain of choice for anyone committing domain related fraud of any kind, from Adsense ad slamming, to identity theft by cloaking a site, were .INFO domains. The reason was simple, they were incredibly cheap, as in less than $3.00 each. If you’re committing fraud, and expecting to get caught within a short period of time, it makes sense to use the most cost efficient domain available.

Is There An Opportunity For Someone To Create A Technology Solution To Really Help Combat GTLD Fraud?

The answer is absolutely, there are many possibilities. Instead of spending hours thinking up the various ways, we’ll just give you the most obvious one. There should be a service that does the following:

1. If you have a website, be it a .Com or a .whatever, when a domain that matches yours exactly is registered after the date of your original registration, you get notified.

2. The service should include a screen shot of what’s on the domain.

3. It should also include the whois information associated with that domain.

4. It should also look for any digital fingerprints that might connect it back to any other sites who might be committing some kind of fraud. (Google Analytics code, and or any of the dozens of ad networks ad tags)

There’s a few other features we can think of but we’ll call it a day for now.

Again Kudos to the .XYZ registry for taking down this harmful network of sites so quickly. We have no doubt that other companies might not have reacted so quickly in order to protect consumers based on what we have observed in the past.