Private whois records hide spammers and help bring down a registrar


I’ve talked in the past about how many spam filters, ISPs and blocklists treat domains that are registered behind privacy protection. I’ve written about how many commercial domains behind privacy protection are used for fraud. I’ve written about multiple legal cases where the courts ruled against companies using privacy protected domains in email. I’ve even gone so far as to claim hiding domains behind privacy protection is what spammers do.
Legitimate email marketers do not hide their domains behind privacy protection services.
Spammers absolutely do hide behind privacy protection services. And because of how privacy protection works, we really don’t know which domains are used by one spammer versus another spammer. ICANN gave us a little bit of insight into just how many domains a spammer registers when they terminated Dynamic Dolphin (pdf link). This is a situation that has been brewing for most of 2013. I wrote about the notice of contract breach back in October. This morning Brian Krebs wrote a blog post saying that ICANN had terminated the agreement with Dynamic Dolphin for failing to cure the breach as noticed back in October.
If you read through the timeline, ICANN has some interesting information about privacy protected domains at Dynamic Dolphin. Data about privacy protected domains was requested from the very beginning.

June 17, 2013: ICANN sends registrar a follow up to third compliance notice […] requesting proof that Dynamic Dolphin received payment from its customers for the registration of the domain names identified in the first compliance notice. ICANN requested registrar to provide further information regarding the domain names registered by the three customers using the registrar’s privacy service…

July 1, 2013: Registrar replies to the follow up to third compliance notice and stated that it had 13,280 domain names registered behind its privacy service, of which 9,933 were with three named beneficial users.

Nearly 3/4 of the domains registered behind Dynamic Dolphin’s privacy service belonged to three “beneficial users”. As far back as 2008, Dynamic Dolphin had a reputation for being a haven for spammers. I don’t think it’s necessarily a haven for spammers, rather a haven for a few spammers.
ICANN started this action because Dynamic Dolphin was publishing inconsistent and incorrect information. But during the course of the investigation they discovered that the president, CEO and sole shareholder of Dynamic Dolphin was convicted of a finance related felony. Because the initial application for accreditation did not accurately describe the ownership of Dynamic Dolphin nor the owner’s previous felony conviction, ICANN revoked the agreement.

About the author

1 comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  • Go daddy aka domains by proxy is definitely harboring many online merchants that appeared to have opened right before Christmas . They are ripping my off using many different sctions. Either they don’t send the product ordered or they send junk. One guy ordered a projector and got a piece of wood and a magnifier sheet! Another one was sent a case. If you look up a particular projector you will get about 6 sites showing the projector images and description and in no way is there anything else in the description to make one believe they were getting something other than the projector.listed. They are strictly in the business to steal people’s money. And GoDaddy along with like companies like shopify known it. And forget returning anything because it will just cost more money. You will never get a refund. And opening at Christmas was a clever idea because that is when people are looking for the best deals. It is purely theft by proxy.

By laura

Recent Posts


Follow Us