New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Phish-Friendly Domain Registry “.top” Put on Notice
NewbieInTraining
Member
The Chinese company in charge of handing out domain names ending in “.top” has been given until mid-August 2024 to show that it has put in place systems for managing phishing reports and suspending abusive domains, or else forfeit its license to sell domains. The warning comes amid the release of new findings that .top was the most common suffix in phishing websites over the past year, second only to domains ending in “.com.”
Full Article: https://krebsonsecurity.com/2024/07/phish-friendly-domain-registry-top-put-on-notice/
https://news.urlabuse.com/ICANN-Issued-Breach-Notice-to-TOP-Registry-After-URLAbuse-Complaint
Comments
ICANN is great. ICANN does NOT have too much power. You should keep giving your money to ICANN.
If they only consider phishing.. For other types of fraudulent activity, there are other TLDs that are other TLDs near the top.
.link .click .ooo .icu are among other phishing spammy tlds...
Piscitello, a former vice president of security at ICANN, said nearly all breach notices sent out while he was at ICANN were because the registrar owed money. “I think the rest is just lipstick to suggest that ICANN’s on top of DNS Abuse,” Piscitello said.
Investigation has stated as one of the issues: Non-Payment of Fees: The operator failed to pay due fees on time as required by the agreement.
I believe ICANN simply wants its money to be paid.
"greed" is the word.
If icann actually care, they wouldn't even allow verisign yearly hike. Hosting a few kbs zonefile shouldn't need $1 yearly inflation.
Hiring competent engineers costs a fuck lot more than the hardware. How poor are you?
We are broke.
We have to skip a coffee every year, to afford the increases on our five domains.
What competent engineer needed for fucking dns? They're not using rocket science to reinvent the wheel.
What we could or couldn't afford is out of context, unnecessary inflation is the point.
When was the last time you wrote infrastructure for an entire fucking TLD. Globally load balanced, DDoS protected, synchronized and cache consistent infrastructure?
I'm not saying that Verisign's prices are reasonable, but writing internet critical infrastructure is HARD.
Basically never but thats still not rocket science reinvent the wheel when its already being done since the dawn of the internet. I'm not saying its easy enough since i've never done robust worldwide dns host for the global internet myself but its still shouldn't warrant a 10% yearly inflation since they're not reinventing the wheel to hire competent dev left and right.
At my email system,all sender ends with .top or email content that has .top domain will go to junk,same as .xyz .icu .bar .bid .bond .buzz .cfd .click .fun .ink .tk .space .sbs .pw .rest .men .life .guru .cyou and etc
They don't have fixed costs that just require adjustments for inflation. Things get bigger, more complex and more expensive over time. I'm sure annual budget looks much different from year 1 vs today.