IT.COM

domains Why is dot US Being Used to Phish So Many of Us?

Spaceship Spaceship
Watch
Lox

Lox

____Top Member
VIP
Impact
12,436
Domain names ending in “.US” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. This is noteworthy because .US is overseen by the U.S. government, which is frequently the target of phishing domains ending in .US. Also, .US domains are only supposed to be available to U.S. citizens and to those who can demonstrate that they have a physical presence in the United States.

.US is the “country code top-level domain” or ccTLD of the United States. Most countries have their own ccTLDs: .MX for Mexico, for example, or .CA for Canada. But few other major countries in the world have anywhere near as many phishing domains each year as .US.

That’s according to The Interisle Consulting Group, which gathers phishing data from multiple industry sources and publishes an annual report on the latest trends. Interisle’s newest study examined six million phishing reports between May 1, 2022 and April 30, 2023, and found 30,000 .US phishing domains
Click to expand...

read more (krabs)
 
Click to expand...
Reply
2
2 Thanks
0 Like
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
Sort by date Sort by points
I've complained about similar issues to the usTLD Stakeholder Council. They have no verification for registering a domain and if you file a complaint, the rules are so lax that they rarely take action.

I tried to buy a .us domain. The owner is a known cyber squatter with multiple UDRP losses. The owner isn't a US citizen or resident. The domain forwards to a parking company that's apparently distributing malware, according to my security software. We agreed on a price, then he more than 10x'ed the price. I filed a complaint stating he was a cyber squatter, listed the UDRP cases, apparently had no legitimate connection to the USA, and the domain was distributing malware. They didn't do anything.

Someone from the Stakeholder Council did say they would discuss my complaint at the next meeting. So hopefully they'll revise and enforce their policies.
 
Last edited:
Click to expand...
Reply
2
1 Thanks
0 Like
•••
SC will do nothing … but the drp money-making machine can do something about: usDRP pdf’

Usdot.png



Complainant form via AdrForum / more info


Regards
 
Click to expand...
Reply
1
1 Thanks
0 Like
•••
draco said:
I've complained about similar issues to the usTLD Stakeholder Council. They have no verification for registering a domain and if you file a complaint, the rules are so lax that they rarely take action.

I tried to buy a .us domain. The owner is a known cyber squatter with multiple UDRP losses. The owner isn't a US citizen or resident. The domain forwards to a parking company that's apparently distributing malware, according to my security software. We agreed on a price, then he more than 10x'ed the price. I filed a complaint stating he was a cyber squatter, listed the UDRP cases, apparently had no legitimate connection to the USA, and the domain was distributing malware. They didn't do anything.

Someone from the Stakeholder Council did say they would discuss my complaint at the next meeting. So hopefully they'll revise and enforce their policies.
Click to expand...

Is not mandatory to be citizen or resident to own .US
Must have a connection with a entity ( person or company ) , make a business with that person or can be a relative
Of course if you can't provide this when get a complain...
 
Click to expand...
Reply
0
0 Like
0 Thanks
•••
Armageddon said:
Is not mandatory to be citizen or resident to own .US
Must have a connection with a entity ( person or company ) , make a business with that person or can be a relative
Of course if you can't provide this when get a complain...
Click to expand...

I realize that. My point to them was their requirements are so lax, basically anyone can register and keep a .us domain, even if challenged. It's one thing for a company to have a legitimate business connection to the USA. IMHO, it's something totally different if their 'business' is registering .us domains to resell them and their connection to the USA was making a fake sales invoice showing they sold their cousin a domain.
 
Click to expand...
Reply
1
1 Thanks
0 Like
•••
draco said:
I realize that. My point to them was their requirements are so lax, basically anyone can register and keep a .us domain, even if challenged. It's one thing for a company to have a legitimate business connection to the USA. IMHO, it's something totally different if their 'business' is registering .us domains to resell them and their connection to the USA was making a fake sales invoice showing they sold their cousin a domain.
Click to expand...

The only problem is that can't provide a fake sale
They verify if is legit or not , sales or connection

Hmmm i think i know what domain want to buy from that person 😁 but also maybe i am wrong 🤷
 
Last edited:
Click to expand...
Reply
0
0 Like
0 Thanks
•••
Log in or sign up to reply here.

Similar threads

News
news 56% of the top 3 positions held in Google are ccTLD's
0 replies
266 views
News
News
makki
domains Internet trends may come and go but AI continues to impact the internet, including the domain name ecosystem :
0 replies
433 views
makki
makki
Lox
domains Record Number of Domain Name Cases filed with WIPO in 2023
1 reply
452 views
pb
pb
News
news 1 Million .Music Domain Names are Being Given away to the Music Industry for FREE
0 replies
499 views
News
News
Lox
domains Shadowy Link Shortening Service Enables Cybercrime
0 replies
404 views
Lox
Lox

We're social

Latest news

Escrow.com

New posts

Auction activity

Domain Recover

What non .com extensions have you sold in 2024?

Polls of interest

Popular this week

Catchy

Community favorite

Popular this month

Blog favorites

  • The sidebar remains visible by scrolling at a speed relative to the page’s height.
Back