I checked the whois of several domains that I recorded hitting us with spam last week. I reported this to the registrar, Enom, Inc.
As of today all the domains that that I checked had their owner changed to N4S GROUP COMMUNICATION (N4SGROUPCOMM.COM). So it seems something caused a change at Enom. However, N4SGROUPCOMM.COM, when visited, runs a set of java scripts that eventually redirect one to a site that is blocked by Mozilla as a web forgery. It is also listed as untrustworthy by WOT. That site's true ownership is masked by a Go Daddy service called DOMAINSBYPROXY.COM. However, the domain N4SGROUPCOMM.COM is 'privacy protected' by our friends at moniker, the same people that 'protected' the identity of the original registered owner, VVSDATABASEREL.COM I was at a loss to explain this. On the one hand the original owner has been changed since my complaint; whether coincidentally or not. On the other the site owner has been changed to an even more unsavoury entity. >From following the contact information I discovered that some of the domains used in the spam attack last week redirect one to http://www.whoisprivacyprotect.com which WOT lists as a known malware watering hole. WOT also has comments stating that whoisprivacyprotect.com is a subsidiary of Enom itself. This, as it turns out, is correct as shown at http://www.enom.com/privacy-protection/ which advertises the fact. Regardless of Enom's purported size, what does this say about the registrar's ethics and the domains it hosts? Should such companies and their clients be boycotted and thereby coerced into dealing with these frauds? -- *** E-Mail is NOT a SECURE channel *** James B. Byrne mailto:byrn...@harte-lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3