SIDN, the registry operator for .nl, has announced the introduction of a new service for its registrars. The new phishing alert service harnesses data provided by Netcraft and will automatically email the registrar of record of any .nl domain name that is flagged as being used in a phishing attack.
Every five minutes or so, SIDN checks Netcraft’s suspect URL database,
which is constantly being updated. Every time a .nl URL is added to the
database, an e-mail message is automatically sent to the relevant
registrar’s administrative contact e-mail address. In other words, the
system does not rely on periodic reporting, but on almost immediate
individualised e-mail contact. It therefore provides a basis for very
rapid intervention. The service is due to enter use on February 15,
2010.Message content
The e-mail sent to draw a registrar’s attention to the fact that a
client is running a website that may be fraudulent will include the
following information:– Suspected phishing site URL
– Host: the IP address of the system running the website
– Country: the country of origin of the IP address
– Date: the date and time that the suspect site was detected
– Target: the name of the company that seems to be targeted
SIDN are conscious of the danger of such a service and warn registrars that there may be false alarms.
It will be interesting to see how registrars and the wider internet community react to the introduction of this service.