Abuse & Brand Protection Trends in African TLDs

From my post on the iQ blog:

We’re all back from our summer vacations and once again busy producing new video interviews and podcasts with a variety of industry experts for your viewing and listening pleasure in the upcoming weeks and months!

To that end, I spoke recently with Daniel Greenberg, who is the Director, CEO, and Founder of Lexsynergy, a UK-based domain management and online brand protection specialist registrar with additional offices in Ireland, the USA, South Africa, and Australia. Some in our industry refer to such registrars as “corporate registrars.”

I’ve known Daniel and his company for several years, and from conversations at various industry events was aware of their particular expertise in dealing with African TLDs. (e.g. .ml – Mali; .ga – Gabon). As we are receiving abuse reports from our sources for a select group of African TLDs, I thought it would be a good time to catch up with Daniel and get his take on the latest concerning Internet usage, brand and IP protection issues, and abuse in African TLDs.

Just want to listen? Here’s the podcast version:

Update on Spamhaus, botnet C&C, & criminal domain name usage trends | Guest: Carel Bitter iQ Global Podcast

EPISODE 17: Pinky Brand, SVP at iQ, speaks with Carel Bitter, Head of Data at Spamhaus, about the latest in cyber threats that they track, regulatory interest observations, and related reports on domain abuse. We learn about criminal domain name usage trends that propagate phishing, malware, and botnets. We also discuss the issues of trust, authenticating users, how botnet command and control points work, and potential threats due to the war in Ukraine. This interview was recorded live in person on 9 May 2022 during Nordic Domain Days in Stockholm, Sweden.https://iq.global/
  1. Update on Spamhaus, botnet C&C, & criminal domain name usage trends | Guest: Carel Bitter
  2. DNS Abuse Institute & NetBeacon | Guest: Graeme Bunton
  3. Industry Chat | Guest: Michele Neylon
  4. A Female Perspective on the Domain Industry | Guest: Mou Mukherjee
  5. What's new with Abuse Manager v2.0 | Guest: LG Forsberg

Premium Domain Names | A .cloud & European perspective

I had the pleasure of speaking recently with Shaun Wilkinson, who is an industry friend and a customer (.cloud is a customer of iQ) regarding the development and brokering of premium domain name inventory from a registry operator point of view, specifically his experience as Head of Premium Names at .cloud, and how the pandemic and cloud computing sector is affecting naming trends.

Until we connected for this interview, I didn’t realize that Shaun speaks six languages! He is from England, lived in Italy, and now resides in Germany, and thus brings a European perspective to the new gTLD market.

Another interesting tidbit about Shaun: He founded and runs an official charity, the Hope Children’s Center, which supports and maintains schools in poor areas of Kenya. If you’ve attended domain or hosting industry events you’ve probably heard about it. However, in case you haven’t, we spend the last five minutes learning more about this wonderful cause.

Just want to listen? Here’s the podcast version:

https://podcast.iq.global/episode/premium-domain-names-a-cloud-european-perspective-guest-shaun-wilkinson

I&JPN Toolkit: DNS Level Action to Address Abuses

In this video interview and podcast for iQ, I spoke with Elizabeth Behsudi about the recently published I&JPN Toolkit on Domain Name System (DNS) Level Action to Address Abuses.

This new resource intends to support domain name system operators in the design of their DNS abuse-related activities, notifiers in the detection and reporting of problematic activity within the DNS, as well as legislators, and law enforcement to determine procedures for dealing with different types of DNS Abuse.

I had the opportunity to learn more about all of this by speaking with Elizabeth Behsudi, who is the Director of the Domains & Jurisdiction Program, and Secretariat at the I&JPN. Please have a watch or a listen!

Just want to listen? Here’s the podcast version:

https://podcast.iq.global/episode/ijpn-toolkit-dns-level-action-to-address-abuses-guest-elizabeth-behsudi

iQ Abuse Report Overview & AbuseStats.com

One of the brains behind iQ’s brand new and free iQ Abuse Report service is my good colleague LG Forsberg, our CTO at iQ.  I put him in the spotlight for this discussion, and LG provided an overview of this service that is designed to allow anyone to gain daily insight into whether you or someone else has a problem with domain name abuse.

Just want to listen? Here’s the podcast version:

https://podcast.iq.global/episode/iq-abuse-report-overview-abusestats-com-guest-lg-forsberg

How Spamhaus addresses DNS abuse

In this latest segment of the iQ video blog series, I conducted a wide ranging discussion with Carel Bitter, the Head of Data at Spamhaus. Carel is is part of the very fabric of The Spamhaus Project, having been with the organization for over a decade.

Topics include:

  • How is the Spamhaus Domain Block List (DBL) used?
  • How is the list compiled? How do you calculate it?
  • Comments on real data vs. fake data use trends.
  • Comments on measuring the effect of price vs. measuring # of abuse reports in new gTLDs vs. ccTLDs and legacy TLDs.
  • How can a TLD or registrar get off the “bad list”?
  • How can a registry, registrar, or registrant remove a specific name or bulk list of names from the DBL?
  • What about domains in the DBL where no evidence of spam is actually detected?
  • Any systematic way to provide a real time feedback loop on takedowns/serverHolds?
  • Why do some TLD or registrars suddendly appear and then disappear from the bad lists?
  • What about providing evidence? Is it possible to get email headers or other evidence with your reports?
  • What are some new attack vectors you are observing these days? What’s a “phishing rod” threat vs. a “phishing” threat?

I hope you find the inteview helpful to your operation. We all must continue to cooperate and share knowledge in the effort to fight DNS abuse.

Managing Domain Name Abuse

For episode #4 of the iQ video blog series, we took a deeper dive into the world of managing domain name abuse with iQ’s resident expert and czar of managing domain name abuse for a variety of iQ clients, Mr. Steinar Grøtterød, officially Director of Registry Operations & Compliance at iQ.

I had the opportunity to get Steinar’s opinions on such matters as:

  • How can a registry or registrar reduce the amount of duplicative and non-actionable abuse reports?
  • How do you get off a blacklist or bad list?
  • Should there be evidence standards from the reputation/blacklist providers?
  • What’s up with ccTLDs and abuse?
  • Why do European ccTLD operators, registrars, and resellers need to start paying attention to the NIS2 Directive?

A conversation with MrPremium.com

This marked my third interview conducted for the iQ video blog series. For this episode we took the subject matter in a different direction, posting my conversation with a rising businessperson in the domain name industry aftermarket segment, Mr. Mark Ghoriafi, who is the founder of MrPremium.com.

It’s no surprise that buying and selling premium domain names (via EPP or direct) represents a significant revenue opportunity for many registry operators, registrars, resellers, aftermarket sites, auction houses and third party brokers such as MrPremium.com.

Mark shares a few stories about his unusual entry experience into the domain name industry, and how he uses data and other assets to help him sell premium domain names. He also shares tips on which web tools and techniques he finds useful in his day to day outbound sales operation along with thoughts about social audio platforms’ (e.g. Clubhouse) impact on the industry to date.

Cleaning Up The Internet

My interview with Jorij Abraham, director of Scamadviser.com. This video was published along with a blog post over at iQ on March 2, 2021.

Amsterdam, March 2nd, 2021.

iQ Abuse Manager & Scamadviser.com Clean Up the Internet
By allowing Internet Infrastructure providers to act faster, more effectively and efficiently against scams.

Every day more than 15,000 new malicious websites pop-up on the web. They exploit the infrastructure of the Internet, causing $43 billion in damages to consumers, business, and service providers.

To help registrars, registries and hosting companies identify online scams faster IQ Abuse Manager and Scamadviser have joined forces.

Scamadviser.com checks 50,000 new domain names every day to determine the likelihood of being either legit or a possible scam. iQ Abuse Manager has integrated Scamadviser’s data into its abuse feed to make identification of malicious websites, faster, easier and facilitate take down processes more efficiently.

LG Forsberg, CTO of iQ explains why the cooperation with Scamadviser is unique: “Our abuse feed already includes a multitude of sources reporting on many types of malicious behaviour like phishing, malware, botnets and spam. However, the number of scams where consumers and businesses lose money to actors not delivering products or services or in other ways scam consumers of data or money is growing at an exponential rate. Scamadviser’s data is unique in that it can identify these kinds of cybercrime.”

Jorij Abraham, director of Scamadviser elaborates: “We are incredibly happy that iQ has integrated our data into its feed and abuse manager platform, helping more than 150 Internet infrastructure providers to keep the Internet safe. In this way our mission to protect consumers from being scammed is taking the next big step.”.

###

About iQ

iQ is a SaaS, software, and consulting service provider for the domain name industry, working with over 150 different top-level domain names and domain name registrars, bringing them intelligence, automation, and access to expertise and experience. iQ Abuse Manager is a CRM-like abuse management system primarily for top-level domain name registries, registrars, and hosting companies. Every day the service performs more than 60 million scans to combat domain name abuse.  

For questions regarding iQ and iQ Abuse Manager you can contact lg@iq.global

About Scamadviser.com

Scamadviser.com is used by over 2.5 million consumers every month to determine if a website is legitimate or a scam. Scamadviser’s data is also used by law enforcement, brand protection agencies, social media networks and security companies to fight online fraud. Scamadviser is an initiative of the Ecommerce Foundation.

For questions you can contact: jorij.abraham@ecommercefoundation.org, +31 6 52840039.

A conversation with “LG” Forsberg

This first week of February 2021 marks the beginning of a video blog series I’ll be producing for our company, iQ. We plan to feature experts sharing their stories and insight on relevant topics that many of us deal with in our day-to-tasks along with overarching topics facing the domain industry. And maybe we’ll share a refreshing beverage or two while we talk. Who knows where the conversation will go!

This first episode features a 20 minute interview with iQ’s CTO, Mr. “LG” Forsberg. If you’ve ever attended or wanted to attend Nordic Domain Days (LG’s the founder); want to hear what he has to say about challenges in trying to tackle domain name abuse and how iQ decides which abuse feeds/reputation block lists to integrate, then you may want to check out this video.

This is a work in progress so feedback is welcome. We expect to refine and improve it over time!