[lac-discuss-es] [lac-discuss-en] Scope and Distribution of Phishing - InterIsle 2023 Report
apisan at unam.mx
apisan at unam.mx
Tue Sep 5 21:46:00 UTC 2023
[[-- Translated text (en -> es) --]]
Hola,
entonces, analizando mucho para discernir un núcleo de significado, usted denuncia el ciclo de especulación y extorsión que impulsa parte del mercado de nombres de dominio (¡excepto Anguila, por supuesto!, donde se registran nombres .ai a 180 USD cada uno + 250 anuales). renovación) y piensa que sólo las personas que han sido examinadas por sus buenas intenciones deberían registrar nombres de dominio?
¿Me estoy perdiendo de algo? He tratado de expresar esto de una manera que se pueda traducir al español para ayudar a los lectores.
¿Y no es de eso de lo que se tratan las iniciativas KYC (Conozca a su cliente) que circulan por ahí?
Mientras tanto - y es un momento muy malo - ¿se opone usted realmente a la eliminación de nombres de dominio registrados masivamente, cuando estos registros están destinados "específicamente a cometer un acto delictivo"? ¿A quién sirve esa oposición?
Alejandro Pisanty
________________________________
De: lac-discuss-en <lac-discuss-en-bounces en atlarge-lists.icann.org> en nombre de Carlton Samuels <carlton.samuels en gmail.com>
Enviado: martes, 5 de septiembre de 2023 10:05 a. m.
Para: LAC-Discuss-en
Asunto: [lac-discuss-en] Scope and Distribution of Phishing - InterIsle 2023 Report
Here it is: https://interisle.net/PhishingLandscape2023.html
So the reporter makes this key acknowledgement:
"Two-thirds of domain names reported for phishing across all TLDs were registered
specifically to carry out a criminal act. Preventing the registration of these
domains, and taking them down quickly, should be a priority for the domain name
industry."
Due process aside, no it is not priority!
DNS expansion is predicated on more domain names for rent. Year after year, these reports have been telling us that domain names utilised in these scams are acquired just as the business model and market practice intended.
So a 'stop the steal' response at the acquisition stage is likely a non-starter. At least I don't discern an appetite for remediation by going to the root of this in the entire value chain, ICANN to the registry.
Preventive action would require a zero trust procedure that lumps together before the fact criminals with legitimate acquirers, same process for all. Seems to me the first step of this would be establishing identity, closely followed by a regime involving the acquirer declaring a reason for the acquisition with enforceability attached. Will not fly, reasons more than you can count.
So one is left to catch the miscreants after the fact, which requires establishing territoriality of injury and then collaboration with the regular terrestrial law enforcement. Therein lies the greater challenge to remediation.
Carlton
==============================
Carlton A Samuels
Mobile: 876-818-1799
Strategy, Process, Governance, Assessment & Turnaround
=============================
---------- Forwarded message ---------
From: Justine Chew via CPWG <cpwg en icann.org<mailto:cpwg en icann.org>>
Date: Mon, 4 Sept 2023 at 18:21
Subject: [CPWG] Interisle's Phishing Landscape 2023: An Annual Study of the Scope and Distribution of Phishing
To: CPWG <cpwg en icann.org<mailto:cpwg en icann.org>>
https://interisle.net/PhishingLandscape2023.html
https://circleid.com/posts/20230903-phishing-attacks-surge-despite-increased-awareness-new-strategies-needed
_______________________________________________
CPWG mailing list
CPWG en icann.org<mailto:CPWG en icann.org>
https://mm.icann.org/mailman/listinfo/cpwg
More information about the lac-discuss-es
mailing list