ICANN Takes Action Against Spam Havens

The organization that oversees administration of the Internet last week reported that it has sent enforcement notices to a handful of domain registrars identified as having registered the names of the majority of illicit Web sites using spam to generate traffic.

According to a study presented last week by KnujOn to the High Technology Crime Investigation Association, 90 percent of these illicit Web sites are clustered on just 20 registrars. That represents only 2.5 percent of the 800 registrars accredited by Internet Corporation for Assigned Names and Numbers (ICANN).

ICANN responded by sending notices to the top 10 offenders on the list, the agency announced on Friday.

"More than half of those registrars named had already been contacted by ICANN prior to publication of KnujOn's report, and the remainder have since been notified following an analysis of other sources of data, including ICANN's internal database," the organization said in a statement.

ICANN is chartered to handle much of the international administration of the Internet under an agreement with the Commerce Department. Among its duties is the accreditation of registrars that register the domains in URLs used to identify Web sites and enforcement of the contractual requirements of registrars, which include providing accurate information about the owners of domains and ensuring that domain names do not infringe on one another.

Phishers, data thieves and assorted scammers often use Web sites, sometimes masquerading as belonging to well-known organizations, as bases for gathering information, distributing malware and conducting illegal or questionable business. They often lure visitors to these sites with spam -- unsolicited e-mail often generated by networks of compromised computers called botnets -- containing a link to the site. The volume of spam and the threats these sites represent have become significant problems for Internet users, but legal enforcement can be difficult because of the internationally distributed networks being used.

KnujOn founder Garth Bruen focuses on the concentration of sites processing illicit transactions as a way of making the spam problem manageable. KnujOn -- that's "no junk" spelled backward -- is an online subscription service where users can send their spam and other unwanted e-mail, which it uses to take the offending sites off-line. It takes advantage of the policies of service providers and site hosts that prohibit spam and deceptive practices. It uses a policy enforcement engine with forensics tools to sort through thousands of samples of unwanted e-mail to profile fraud operations so they can be shared with law enforcement agencies, financial institutions and service providers.

ICANN is one of those enforcement agencies.

"With tens of millions of domain names in existence and tens of thousands changing hands each day, ICANN relies upon the wider Internet community to report and review what it believes to be inaccurate registration data for individual domains," ICANN said. It developed the Whois Data Problem Report System (WDPRS) in 2002 to receive and track complains.

Problems reported through WDPRS are referred to registrars for action, and ICANN follows up in 45 days requesting information on disposition of the complaint.

"ICANN sends, on average, over 75 enforcement notices per month following complaints from the community," said Stacy Burnette, ICANN's director of compliance. "We also conduct compliance audits to determine whether accredited registrars and registries are adhering to their contractual obligations. Infringing domain names are locked and Web sites removed every week through this system."

Activity on WDPRS has been well above average lately. ICANN reported that the system was overwhelmed in February and temporarily out of service when its database reached its capacity. The capacity has been increased, and the system will be redesigned in the coming year. ICANN sent out 1,102 enforcement notices in January, 215 in February and 590 in March.

In a worst-case scenario, ICANN can revoke the accreditation of a registrar that does not comply with rules for fairly maintaining domains.

About the Author

William Jackson is the senior writer for Government Computer News (


comments powered by Disqus

Subscribe on YouTube