ICANN Takes Action Against Spam Havens
- By William Jackson
- May 28, 2008
The organization that oversees administration of the Internet last week reported
that it has sent enforcement notices to a handful of domain registrars identified
as having registered the names of the majority of illicit Web sites using spam
to generate traffic.
According to a study
presented last week by KnujOn to the High
Technology Crime Investigation Association, 90 percent of these illicit Web
sites are clustered on just 20 registrars. That represents only 2.5 percent
of the 800 registrars accredited by Internet Corporation for Assigned Names
and Numbers (ICANN).
ICANN responded by sending notices to the top 10 offenders on the list, the
agency announced on Friday.
"More than half of those registrars named had already been contacted
by ICANN prior to publication of KnujOn's report, and the remainder have
since been notified following an analysis of other sources of data, including
ICANN's internal database," the organization said in a statement.
ICANN is chartered to handle much of the international administration of the
Internet under an agreement with the Commerce Department. Among its duties is
the accreditation of registrars that register the domains in URLs used to identify
Web sites and enforcement of the contractual requirements of registrars, which
include providing accurate information about the owners of domains and ensuring
that domain names do not infringe on one another.
Phishers, data thieves and assorted scammers often use Web sites, sometimes
masquerading as belonging to well-known organizations, as bases for gathering
information, distributing malware and conducting illegal or questionable business.
They often lure visitors to these sites with spam -- unsolicited e-mail
often generated by networks of compromised computers called botnets --
containing a link to the site. The volume of spam and the threats these sites
represent have become significant problems for Internet users, but legal enforcement
can be difficult because of the internationally distributed networks being used.
KnujOn founder Garth Bruen focuses on the concentration of sites processing
illicit transactions as a way of making the spam problem manageable. KnujOn
-- that's "no junk" spelled backward -- is an online
subscription service where users can send their spam and other unwanted e-mail,
which it uses to take the offending sites off-line. It takes advantage of the
policies of service providers and site hosts that prohibit spam and deceptive
practices. It uses a policy enforcement engine with forensics tools to sort
through thousands of samples of unwanted e-mail to profile fraud operations
so they can be shared with law enforcement agencies, financial institutions
and service providers.
ICANN is one of those enforcement agencies.
"With tens of millions of domain names in existence and tens of thousands
changing hands each day, ICANN relies upon the wider Internet community to report
and review what it believes to be inaccurate registration data for individual
domains," ICANN said. It developed
the Whois Data Problem Report System (WDPRS) in 2002 to receive and track complains.
Problems reported through WDPRS are referred to registrars for action, and
ICANN follows up in 45 days requesting information on disposition of the complaint.
"ICANN sends, on average, over 75 enforcement notices per month following
complaints from the community," said Stacy Burnette, ICANN's director
of compliance. "We also conduct compliance audits to determine whether
accredited registrars and registries are adhering to their contractual obligations.
Infringing domain names are locked and Web sites removed every week through
Activity on WDPRS has been well above average lately. ICANN reported that the
system was overwhelmed in February and temporarily out of service when its database
reached its capacity. The capacity has been increased, and the system will be
redesigned in the coming year. ICANN sent out 1,102 enforcement notices in January,
215 in February and 590 in March.
In a worst-case scenario, ICANN can revoke the accreditation of a registrar
that does not comply with rules for fairly maintaining domains.
William Jackson is the senior writer for Government Computer News (GCN.com).