[unisog] DNS fraud against the .edu TLD

Ryan Sumida rsumida at csulb.edu
Fri Mar 31 02:33:05 GMT 2006


Isac Balder <piis8 at yahoo.com> wrote on 03/24/2006 10:52:02 AM:
> 
> > This would not stand if mil.com or gov.com were
> > abused in this way, it should 
> > not stand when edu.com is abused. 
> > (BTW - mil.com and gov.com were registered in 1997
> > and 1996 respectively with 
> > contact pointers to uu.com - sounds proactive to
> > me.)
> 
> I have to use whitehouse.com as an example here.  It
> may not be exactly the same as whitehouse.gov.com but
> it?s the same principle. 

"whitehouse" is not a Top Level Domain.  Your example doesn't necessarily 
apply to this situation.  ICANN, with good reason, has specifically stated 
that edu shall not be reserved at the second level

> 
> It is unrealistic to think we can persue and safe
> guard every use of key words because they may relate
> to a corporation, public, or private entity.  If that
> were the case we would quickly limit the already
> stunted vocabulary of the general public.

Agreed, but the scope of this thread is limited only to the TLD "edu" 
being reserved at the second level.  The policy has already been set, it 
just needs to be enforced.

> 
> As to the Phishing angle.  I don't call it Phishing
> until it deals with non-public information.  I only
> saw the site asking for address, phone, and email.

Phishing or not, this site portrays affiliation with the university to 
collect personal contact information.  There may be a disclaimer in fine 
print at the bottom of the page but how many people do you know that 
actually read those.  Looks like fraud to me.

Ryan



> 
> I.B.
> 
> 
> 
> 
> 
> --- David Bowie <david.bowie at bc.edu> wrote:
> 
> > With respect to Josh Ballard regarding the
> > registration of the edu.com 
> > domain and use to phish
> > for potential students; his solution does not scale.
> > 
> >  From Josh:
> >  > So I gave a heads up to my admissions folks and
> > to our university 
> > attorney's office
> > 
> > > A short while later, he called me back to inform
> > me 
> > > that he had spoken to a rep at the company and had
> > informed them of 
> > > his displeasure at our university being listed on
> > their site and 
> > > collecting information, and asked them to take us
> > off.  At his 
> > > request, it appears they have done so for the time
> > being, and fairly 
> > > quickly I might add.  So, my encouragement to all
> > of you out there 
> > > would be to pass this word onto your admissions
> > folks and/or general 
> > > counsel and have them make a phone call to have
> > your university 
> > > removed. 
> > 
> > This venture is a pure scam.  It infringes upon the
> > .edu TLD and to require
> > each school to "opt-out" is ludicrous.
> > 
> > I call upon EDUCAUSE to take this up with Vantage
> > Media - this practice clearly
> > falls within the realm of "domain dispute" at the
> > highest level and the purpose
> > is very clearly to confuse the end user and appear
> > legitimate.  It is immaterial 
> > if folks _should_ know better. 
> > 
> > This would not stand if mil.com or gov.com were
> > abused in this way, it should 
> > not stand when edu.com is abused. 
> > (BTW - mil.com and gov.com were registered in 1997
> > and 1996 respectively with 
> > contact pointers to uu.com - sounds proactive to
> > me.)
> > 
> > --djb
> > 
> > _______________________________________________
> > unisog mailing list
> > unisog at lists.sans.org
> > http://www.dshield.org/mailman/listinfo/unisog
> > 
> 
> 
> I.B.
> 
> "Say hello to all the apples on the ground"
> 
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam protection around 
> http://mail.yahoo.com 
> _______________________________________________
> unisog mailing list
> unisog at lists.sans.org
> http://www.dshield.org/mailman/listinfo/unisog




More information about the unisog mailing list