Everyone uses the Internet today, from governments and companies to average people. When encountering problems or trying to research suspicions, there is a distinct area that has a lot of information in it, but that information is hard to understand because it seems to use very specialized language. It is the type of information associated with the fake sites / fraudulent domains area. Let's try to make the things easier.
Any page on the Internet is considered a Web Page. The address of the web page is a URL, also called a link. URL is an abbreviation for Uniform Resource Locator.
A collection of associated web pages starting with the same address, is a website.
Each website is defined by a unique name - the domain name. The domain name is what appears at the start in the address bar when the site is accessed. Every time a site is visited, the domain name is translated to an IP address, much like a street address, defining the server address where that website is located - Domain Name System (DNS).
To register a domain name to be used online, the services of a specialized company, a Registrar has to be used. This can be either directly or via a reseller for the Registrar. The Registrar is an accredited company who has the authority to register domain names.
The person or company that registers a domain name is called a Registrant, also called a Registered Name Holder.
The supreme authority in the domain name area is ICANN (Internet Corporation For Assigned Names and Numbers), an 18 year old US-based non-profit organisation, that became a private entity on October 1, 2016. ICANN is the institution managing, among others, the IP address space allocation and the domain name system management.
Domains can be split into two groups, designated by the end of the domain name; generic top-level domains (gTLDs) and country-specific top-level domains (ccTLDs)
Ref:
https://en.wikipedia.org/wiki/Generic_top-level_domainICANN manages gTLDs directly, whereas they delegate control of the ccTLDs to the relevant country. Typically a ccTLD ends with a two letter country code.
To be active, any website needs a "house" called a host or hoster. This is a company providing space for the website's online presence.
Now - to keep things simple,
a fake site is created based on lies: a lie about who the entity owning that site is, a lie about what that site is doing, a lie about what that site asks for, and/or has to offer.From an official point of view, anyone registering a domain needs to provide truthful information about himself, for example: name, location, phone number, email address.
In theory, ICANN prohibits anybody registering a domain causing harm to a third party or lying in domain registration details. Likewise most hosters also prohibit this. Practice shows something else ...
Some registrars care about the content of the domains they allow to be active under their supervision and how they are used, some not.
Fake sites and domains come in all shapes and forms. Some are used in Advance Fee Fraud (AFF), some are mixing the AFF area with phishing, some are mixing AFF with spreading malware, some are used for Business Email Compromise (BEC).
To report a fake site, the most important part is the proof showing how that site is used in a fraud, phishing attempt, or malware distribution.
Like in other type of scams, lying about location (meaning fake WHOIS details) is a valid reason for suspending a domain.
Emails showing how the site is involved in a scam are important, including headers showing the domain email addresses being used in fraud.
If reported to us, everything is checked, documented and ends up as reports to registrars/hosts, called an abuse report, asking them to suspend the fake site and/or domain.
Reporting the fake site to their hoster might end with that fake site being suspended, but the hoster may notify the scammer about the problems on the site, giving him valuable information about what he was doing wrong and educating him to scam better with the next one. A suspended site at the host level can move without problems on another host and be used in frauds again without any problems, until someone reports it again. This is called host hopping.
Reporting the domain to the registrar is a perfect option, theoretically speaking - because if the registrar decides the domain is a fraudulent one, he will set that domain on hold and the scammer will be unable to move it somewhere else, because he is locked out of abusing it further.
Thinking logically, we would assume that once reported for being involved in a fraud, a fake domain name will be never online again. The practice shows otherwise. Suspended by a registrar, the very same domain can be reused after a while. In theory the regulators assume the domain name is used in a good faith, but let's be honest: how many real normal people have a legitimate reason to use a domain name similar to a bank name or their own FBI?
Killing fake sites is a highly specialized activity and is done in a certain way. However, for that, the basic details about each fake site's activities are vital. For this reason we strongly advise anyone posting here to include as much information as possible while reporting a scammer. If not posted in your post, please send the details to one of our staff members who will re-post the needed elements without exposing the person providing those details.
All the domain names / sites you find in this area are fraudulent. Anyone contacting you on their behalf or directing you to those sites is a scammer. If you were contacted by or directed to any of the fake sites reported in this area of our forum, please let us know.