bankofscorland.co.uk > BankOrfScortland.co.uk
A novel idea to incorporate accents into web addresses.
Once had someone write a cheque out to me for "one handered pounds", which is exactly what his accent sounded like.
HM Revenue and Customs (HMRC) has insisted on having a Panama company trading as the “Whois Foundation” formally stripped of a handful of dodgy web domains, even though the firm instantly offered to hand them over when challenged. The sites, hmrc-onlines.co.uk, hmrc-tax.co.uk, hdmrc.co.uk and hmrcsubmitareturn.co.uk, were …
The formal route makes sense. Everything is more open and could be used to show that it was done "by the book" insofar as that is possible.
Also exposes the firm to further outside scrutiny and (unwelcome) publicity. Their MO may be to typo-squat and milk any benefits that accrue then if challenged give up domain without any fight to avoid exposure.
And the alternative of accepting the transfer without using the process could lay HMRC open to public though unwarranted claims of strong-arming the firm into giving up the domain names.
What exactly is the point of typo-squatting, if you're going to give up the domain without any fight the moment you're asked anyway?
"Benefits that may accrue" - sure, but there's no suggestion anyone was using the domains to, e.g., phish or grab information improperly. I feel sure HMRC's press department would have mentioned it if they were.
Becasue they don't want a legal ruling against them, but you can bet if it was not the government going after them they would have a different attitude.
By doing it this wat the UK government gets a legal ruling which can become the basis for future cases.
What exactly is the point of typo-squatting, if you're going to give up the domain without any fight the moment you're asked anyway? because they knowlingly created the domain name close to an offical organisation in the hope of selling the name to someone who wanted it for impersonation.
On the one hahd they registering it thus prevented tany imposters from doing their scam on the cheap but if the have passed on any registrations that later were used in scams I would class them as an accessory
"What exactly is the point of typo-squatting, if you're going to give up the domain without any fight the moment you're asked anyway?"
I've just had a bill from a company trying it on with excessive charges.
From previous experience, they'll say "Oops sorry, we'll drop those charges".
I'd much rather take it to court and bring their dodgy dealings to the attention of the authorities.
I wonder if the blighters reclaimed the the domain fee vat as a non-uk trading company albeit trading on uk names?
This squatting is getting rather more dangerous these days as many phone/tablet browsers effectively hide the address bar after typing so you can't spot your typos or the certificate but may get a page that looks familiar and reassuring with a nice fat button bigger than even the Orange One's.
...well not really - you have to ask WHO might they sell the domain to? And for what purpose?
It sounds like all the domains held by this outfit ought to be examined and removed from their control - what possible legitimate reason could they have for wanting to hang on to them?
It sounds like all the domains held by this outfit ought to be examined and removed from their control - what possible legitimate reason could they have for wanting to hang on to them?
I think that is another reason HMRC insisted on using the fully public approach. By doing everything in public they encourage both user organisations to look up the Whois Foundation and domain registrars to do some research - since they can see the real details behind the "private" registrations. What is not being said and thus needs others to look at, is whether the 53,954 .uk domains represents the entire extent of the domain names held, or whether there are tens of thousands of domains in other local domains, including .com.
Also by winning their case, they have made it significantly easier for other domain owners suffering from typo-squatting to use DRS to take control of such domains.
Interestingly, HMRC also puts ICANN on the spot, as can it really continue to permit the Whois Foundation to continue portraying themselves as being associated with the ICANN Whois service.
This post has been deleted by its author
"The four sites were stripped from the Whois Foundation and transferred to HMRC by order of the DRS."
Anyone what to buy a domain?!
http://whois.domaintools.com/hmrc-onlines.co.uk - Domain is available at $10.99
http://whois.domaintools.com/hmrc-tax.co.uk - Whilst this claims the name is for sale, the name is not available for registration; however, hmrctaxes.co.uk and 83 other variations are, starting from $10.99...
http://whois.domaintools.com/hmrcsubmitareturn.co.uk - Still registered to Whois Foundation, but can be yours for $799.
http://whois.domaintools.com/hdmrc.co.uk - Still registered to Whois Foundation, but can be yours for $799.
It does seem we haven't heard the last of typo-squatting, I suspect HMRC, having got a favourable DRS ruling, will now begin leaning on ICANN to make it easier to protect the 'unique' subdomain elements; potentially, making it harder to register hmrc-tax.com.ru.
piqued by the first 'whois' reference I wondered who registered hmrc-online.co.uk (ie correct spelling) and was a bit surprised to find it is demys.com which is an Edinburgh based Intellectual Property firm. Made me wonder how costly is the contract with them for "monitoring" such matters. I wonder if someone has the enthusiasm for an FoI enquiry ?
Made me wonder why the GOV.UK staff aren't doing this, along with fixing wrong phone numbers found via Google Maps (and others) where scumbags have used 084x and 087x numbers to give themselves some income at the expense of the public wanting to contact HMRC... (and no doubt other departments like DWP, DVLA, etc). A solicitor on behalf of HMRC confirmed they were going to sort out the numbers used for HMRC offices (as found on Google maps, Bing, and so on) but that I would need to contact other departments. Talk about un-joined up government when it's so clear one body within needs to look into all such scams, but they cannot get away from walling themselves off from others within Govt.
What were the typosquatters actually doing with the domains?
Low-grade ads and link farming would be basically harmless: would Nominet necessarily rule for HMRC? Obviously certain other plausible scenarios could be a lot more problematic, and a no-brainer for Nominet.
Under the Nominet DRS procedures ... a persistent abusive registrant counts as a strike agaisnt, even before the matter goes before an expert. I think it was 3 counts in 5 years was the level at which it becomes a problem. If they think they will lose, they usually give up the name, because if it is found to be an abusive registration, it will hurt their argument in marginal cases. In effect it serves as a "presumption of guilt" so they usually try to avoid it, good on HMRC for sticking with it.
"nhs.uk, police.uk and mod.uk are also government sites."
No they're not. nhs.uk is the NHS, police.uk are the police, and mod.uk are the MOD. And Parliament made a very strong case that Parliament is ***NOT*** government, so shouldn't have a gov domain. Legally and constitutionally, Government is a committee of Parliament, Parliament is not a subset of Government.
Date: Fri, 7 Apr 2017 15:33:48 +0000
From: Abuse-Nominet <abuse@nominet.org.uk>
To: <ME>
Subject: Re: Criminal activity.
Received-SPF: pass (Mechanism 'mx' matched) mail6: (nominet.org.uk: 213.248.242.48 is authorized to use 'abuse@nominet.org.uk' in 'mfrom' identity (mechanism 'mx' matched))
Received-SPF: None (protection.outlook.com: nominet.org.uk does not designate permitted sender hosts) [I left that in just to show that Microsoft is stupid]
... As my colleague James advised in his response to your last email, Nominet isn’t in a position to suspend or block domains for illegal use unless we receive a request from a law enforcement agency. We haven’t yet received notification from an LEA about the amzon.co.uk but will act upon it if we do. ...
Paul Wray
Customer Resolution Team
I have a question. Nominet states: "If you are an organisation or a business you will not be able to opt out of showing your address in the WHOIS". However some registrars (e.g. 123reg) offer "domain privacy" for around £5 a year meaning we can't find the owner using whois. Surely this breaches Nominet's requirement and makes identifying abusive typosquatters, as in this story, impossible - unless the domain privacy can be circumvented in which case what are you getting for your £5?