auDA asks registrar to delete 1025 .au domain names

Domains linked to fraudulent activity, .au administrator says

auDA — the administrator of the .au domain — has requested a domain name registrar place into policy delete more than 1000 domains it says were used to impersonate Australian businesses.

auDA announced in September that it was conducting an unauthorised business name audit.

“As the policy authority of the .au domain name space, auDA initiated an audit of the .au domain names registered by the reseller of an accredited registrar,” the organisation said in a statement. “We acknowledge the registrar of record’s co-operation in identifying a reseller who appears to be behaving in this manner.”

During the audit, domain name registrant details and screenshots of associated websites were scrutinised by auDA.

“Each domain name and associated screenshot was then manually checked to see if it satisfied our assessment criteria,” auDA said.

“If the domain name matched all or most of the criteria, it was put on a list for deletion. If it matched some of the criteria, but there was still doubt about the registration, then it was put on a list for a standard investigation. If it matched none of the criteria, it was not considered.”

“Whilst a number of these registrations appear to be selling goods mainly sourced from China, it is not definitive that all the domain name registrations are occurring from that country alone,” the organisation said.

“In our investigations, we have identified sources from Eastern Europe, North America as well as the Central, Eastern and South-Eastern Asian regions that are behind these UBU [Unauthorised Business Use] domain name registrations.”

Following the process, auDA requested the domains be placed in policy delete — a process that sees the domains removed from the Domain Name System and eventually purged entirely from the registry.

“Our work continues in this area, for the good of the Australian digital community,” auDA said.

In 2013, an attempt by the Australian Securities and Investments Commission to crack down on online fraud targeting Australians backfired spectacularly after ASIC sought to have Internet service providers block access to scam-linked websites.

ASIC employed a controversial legal mechanism — Section 313 of the Telecommunications Act 1997 — to compel ISPs' cooperation with the website blocks. After the organisation sought an IP-based rather than domain-based block, it erroneously blocked access to a substantial number of unrelated websites.

In response to an inquiry into the use of s313, the government has sought to develop guidelines on use of the mechanism, which is available to a large array of state and federal agencies.

The government issued draft guidelines and launched a public consultation in April. Submissions to that consultation, which ended in late May, remain under review.