>How, precisely, could they 'notice'? By trawling whois, like slammers? 
Sorry - I forgot that monitoring in .au is not possible, in the same way as it is for other domain spaces. I should therefore withdraw my first comment. 

This example does however provide a strong justification for the need for some degree of brand monitoring within .au. Perhaps we should be considering something along the lines of Nominet's PRSS, which allows brand owners and their agents to perform a degree of monitoring, but stops well short of being a full reverse whois service. With such a system in place, Westpac or their agents could easily have identified this registration many months ago. 

> So registrars no longer have ANY responsibility to verify registrants, 
>under their licence to print money? 
I accept that the registrar, in this instance, should probably have picked up this name as potentially dodgy - on the basis of the brands involved, that is. It is not, however, the registrar's duty to protect the intellectual property of third party companies. 

As Josh has correctly pointed out, there is not necessarily any connection between the registration of the domain name in question and the individuals behind the phishing email you received. It is even possible that the domain name was pre-emptively registered by Westpac themselves, under a new and deliberately anonymous ACN. 

jon 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cynosure.com.au/mailman/private/dns/attachments/20081027/2e83725a/attachment.htm>