What do you mean Enetica has exposed a gaping hole? Was the problem with their database or audas? It has been fixed now regardless. I would say that DNA are undoubtedly being helped by some registrar. Whether it is just turning a blind eye knowing full well that if DNA get shut down they score by default a large number of clients. DNA don't care they will just pop up under some new name. John -----Original Message----- From: Phil Wright [mailto:newsstuff§network.au.com] Sent: Friday, 25 July 2003 10:36 AM To: dns§lists.auda.org.au Subject: [DNS] Gaping security flaw that may have helped domain name scammers Enetica, one of Australia's largest auDA accredited Registrars, has exposed a gaping security flaw that may have helped domain name scammers. Domain name scammers that have plagued the industry for years use domain name expiry dates to send fake invoices for domain renewals to unaware consumers in an attempt to solicit overly expensive domain name renewals. By visiting <https://www.enetica.com.au/register.cgi?action=renew> https://www.enetica.com.au/register.cgi?action=renew, you can enter any domain name administered by Enetica and have returned the expiry date. Domain name scammers, like Domain Names Australia would find it very easy to query 1,000's of domain names against this webpage and acquire domain expiry dates for their dubious business. An example domain name you can query is "enetica.com.au" or "hiltonsydney.com.au" Domain name owners whose names are administered by Enetica or their resellers should be doubly vigilant about such domain renewal scams. An example of the results of such a query are: Error: Domain is not due for renewal. Thank-you for choosing to renew/transfer your domain name(s). However, the domain 'hiltonsydney.com.au' does not expire until 18/06/2005. As '.au' domains cannot be renewed prior to 90 days before their expiration date, we cannot process a renewal for this domain at this time. Please try again in 607 days (a renewal notice will be sent to the admin contact for this domain when it is due for renewal) If you have other domains to renew/transfer, please press the back button on your browser and edit the details on that page. Take a look at the screenshots http://www.atlanticportfolio.com/enetica/enetica/ Instead of chasing tigers' tails and wasting industry development monies on trivial legal pursuits, how about auDA put money and effort into ensuring our privacy as consumers is protected and let the likes of the legislative bodies like ACCC handle the scammers after all they actually have a jurisdiction? Cheers Phil WrightReceived on Fri Oct 03 2003 - 00:00:00 UTC
This archive was generated by hypermail 2.3.0 : Sat Sep 09 2017 - 22:00:07 UTC