fraud

The return, with increasing frequency, of internet domain name fraud, is usually at least accompanied by a form of what the fraudster hopes is a sufficient disclaimer to prevent prosecution. The latest iteration omits even that and resorts to blatant threats. Also, it seems that the criminals have obtained access to the domain sevenresortsnet.com to send mail and to present a landing page for those who click to respond to the demand.

The flood of sextortion e-mails demanding payment in bitcoin continues. However, while the body of the mails is increasingly standardised, the anti-avoidance methods used by the criminals is mutating, analysis of reports at GlobalKYC.com indicates.

Fraud is cyclical. Historically, frauds would lie dormant for, perhaps, five years then come back. But the cycle has become much shorter, often only two or three months. Some frauds have become perpetual, aided by e-mail that hits so many prospective targets at such a low marginal cost. Others have a few days in the light before disappearing into relative darkness for a matter of weeks, perhaps because the targets are sorted by e.g. alphabetical order, into batches. One such is fraud relating to domain names. They take several forms but the same basic structure. The fraudster hints that, if you don't pay up, your domain name will stop working. Here's the anatomy of one such fraudulent mail that has reached us multiple times in the past several days.

It's not rocket science. Ever since (I think) 1998 when the BBC's lawyers blocked an explanation I gave to BBC TV on how the nature of HTML facilitates on-line fraud (the feared that it would increase the number of criminals using it) criminals have, indeed, used certain features of HTML to hide what they are up to and ordinary people have lost many millions of dollars and have suffered innumerable attacks on their computers simply because of one, very simple, trick, writes Nigel Morris-Cotterill