[unisog] DNS fraud against the .edu TLD

Isac Balder piis8 at yahoo.com
Fri Mar 24 18:52:02 GMT 2006


This style of "marketing" has long been in the mix.  I
recall in the mid and late 90's when domain squatting
and "ransoming" where all the rage.  Mega-corporations
may have the resources and the extra cash to register
every url with the use of their name and / or one of
it's derivatives, some universities may not.

Is this sort of marketing fair or ethical, maybe not,
but at the same time it is a simple matter to call and
say hey take me off the list.  From the looks of it
they are at lest willing to oblige such requests
unlike the telemarketers that continue to call
regardless of my irritation, profanity, and the
National Registry.  If Vantage Media were unwilling to
remove names and references of schools then I would
say we have an issue.

--- David Bowie <david.bowie at bc.edu> wrote:
> I call upon EDUCAUSE to take this up with Vantage
> Media - this practice clearly

Good call.

> It is immaterial if folks _should_ know better. 

I have to disagree.  In today’s age with the media
coverage regarding identity theft why would you go
anywhere other than to duke.edu and submit personal
information to inquiry about Duke University.  However
users can not be sheltered from the realities of life
forever.  They need to realize that use of a service
in which they have to give information (in this case
merely and address and phone number) may result in
unfavorable use of that information, ie. Being
pestered by every college based advertiser and service
company.  It is the same as what we face every
semester with new students.  We can build mega
security systems and staff 100 people to try to
protect the users from every conceivable scam and
threat so that they can frolic through their cyber
life unhindered by such information while IT loses
their mind playing even more catch-up and
cat-an-mouse.  Or we can staff one person to maintain
an informational website and conduct reoccurring
informational forums and presentations to educate the
users.  Once the users have the ability to identify
the threat vector it does not matter how the actual
content is presented, they will know how to verify the
information or at least who to call to verify the
information.
 
> This would not stand if mil.com or gov.com were
> abused in this way, it should 
> not stand when edu.com is abused.  
> (BTW - mil.com and gov.com were registered in 1997
> and 1996 respectively with 
> contact pointers to uu.com - sounds proactive to
> me.)

I have to use whitehouse.com as an example here.  It
may not be exactly the same as whitehouse.gov.com but
it’s the same principle.  


It is unrealistic to think we can persue and safe
guard every use of key words because they may relate
to a corporation, public, or private entity.  If that
were the case we would quickly limit the already
stunted vocabulary of the general public.

As to the Phishing angle.  I don't call it Phishing
until it deals with non-public information.  I only
saw the site asking for address, phone, and email.

I.B.





--- David Bowie <david.bowie at bc.edu> wrote:

> With respect to Josh Ballard regarding the
> registration of the edu.com 
> domain and use to phish
> for potential students; his solution does not scale.
> 
>  From Josh:
>  > So I gave a heads up to my admissions folks and
> to our university 
> attorney's office
> 
> > A short while later, he called me back to inform
> me  
> > that he had spoken to a rep at the company and had
> informed them of  
> > his displeasure at our university being listed on
> their site and  
> > collecting information, and asked them to take us
> off.  At his  
> > request, it appears they have done so for the time
> being, and fairly  
> > quickly I might add.  So, my encouragement to all
> of you out there  
> > would be to pass this word onto your admissions
> folks and/or general  
> > counsel and have them make a phone call to have
> your university  
> > removed. 
> 
> This venture is a pure scam.  It infringes upon the
> .edu TLD and to require
> each school to "opt-out" is ludicrous.
> 
> I call upon EDUCAUSE to take this up with Vantage
> Media - this practice clearly
> falls within the realm of "domain dispute" at the
> highest level and the purpose
> is very clearly to confuse the end user and appear
> legitimate.  It is immaterial 
> if folks _should_ know better. 
> 
> This would not stand if mil.com or gov.com were
> abused in this way, it should 
> not stand when edu.com is abused.  
> (BTW - mil.com and gov.com were registered in 1997
> and 1996 respectively with 
> contact pointers to uu.com - sounds proactive to
> me.)
> 
> --djb
> 
> _______________________________________________
> unisog mailing list
> unisog at lists.sans.org
> http://www.dshield.org/mailman/listinfo/unisog
> 


I.B.

"Say hello to all the apples on the ground"

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 


More information about the unisog mailing list