Some Web Hosting Firms Overwhelmed by Scam Domains
January 27, 2017
An article at Softpedia should be a wakeup call to anyone who takes the issue of online security lightly—“One Crook Running Over 120 Tech Support Scam Domains on GoDaddy.” Writer Catalin Cimpanu explains:
A crook running several tech support scam operations has managed to register 135 domains, most of which are used in his criminal activities, without anybody preventing him from doing so, which shows the sad state of Web domain registrations today. His name and email address are tied to 135 domains, as MalwareHunterTeam told Softpedia. Over 120 of these domains are registered and hosted via GoDaddy and have been gradually registered across time.
The full list is available at the end of this article (text version here), but most of the domains look shady just based on their names. Really, how safe do you feel navigating to ‘security-update-needed-sys-filescorrupted-trojan-detected[.]info’? How about ‘personal-identity-theft-system-info-compromised[.]info’?
Those are ridiculously obvious, but it seems to be that GoDaddy’s abuse department is too swamped to flag and block even these flagrant examples. At least that hosting firm does have an abuse department; many, it seems, can only be reached through national CERT teams. Other hosting companies, though, respond with the proper urgency when abuse is reported—Cimpanu holds up Bluehost and PlanetHoster as examples. That is something to consider for anyone who thinks the choice of hosting firm is unimportant.
We are reminded that educating ourselves is the best protection. The article links to a valuable tech support scam guide provided by veteran Internet security firm Malwarebytes, and suggests studying the wikis or support pages of other security vendors.
Cynthia Murrell, January 27, 2017