December 1st was the first day that the new ICANN policy on domain name WHOIS changes was introduced and crazy things are happening already.
According to the new policy, a WHOIS change to the registrant (or simply a small change to the registrant’s name) or the email address in WHOIS, will trigger a 60 day lock period. This is similar to the 60 day lock period after a domain name is transferred between registrars.
When the whois change in initiated an email is sent out to the old and new contacts to authorize such changes or decline them. Some registrars are offering an opt-out of the 60-day lock. Registrant must opt-out before an authorization for the whois change is given.
Crazy things start happening…
So on the first day the new policy was activated I got an email with the subject “DOMAIN CONTACT UPDATE CONFIRMATION EMAIL (OLD REGISTRANT)” and then another one with the subject “DOMAIN CONTACT UPDATE CONFIRMATION EMAIL (NEW REGISTRANT)”. I didn’t make any whois changes so the first thing I would normally think is that my domain is being stolen.
But I have 2-factor authorization enabled on Fabulous so this is not very probable.
The main problem is the part of the email saying that the change of registrant contact details was completed: “The request to change registrant contact details has been completed.”
Then I got the same 2 email about a different domain name at Fabulous.
Here is the sample of the emails I received:
Subject: | DOMAIN CONTACT UPDATE CONFIRMATION EMAIL (OLD REGISTRANT) |
A description of the changes are below.
Old Registrant | New Registrant | |||
---|---|---|---|---|
Organization Name | Whois Privacy Services Pty Ltd | Organization Name | Whois Privacy Services Pty Ltd | |
First Name | Domain Hostmaster, | First Name | Domain Hostmaster, | |
Last Name | CustomerID : 3445985****** | Last Name | CustomerID : 3445985****** | |
Email Address | 3445985******-******@whoisprivacyservices.com.au | Email Address | 3445985******-******@whoisprivacyservices.com.au |
This change applies to the following domain(s):
Domain Name |
---|
******.com |
What is really happening?
So now we have to deal with this ICANN mess and deal with all the different implementations that each registrar is putting together.
I must note that the domain in question is using WHOIS privacy. Such domains were and still are a big question mark on how the new ICANN policy applies to them.
By examining the old and new registrant details in the email above I noticed that the only change was on the email address provided by the whois privacy forwarding service provided by Fabulous. It is almost certain that Fabulous is changing the email address on private domains regularly to deal with spam.
This domain was just registered 2 weeks ago so Fabulous is probably doing this email changes randomly. But with the new policy the domain must be locked for 60 days after a whois change unless the registrar offers an opt-out and the registrant chooses to opt-out.
The problem here is that I didn’t request a whois change and I certainly didn’t authorize the changes. I have contacted Fabulous support to see what has happened and how Fabulous is going to be treating both regular and private domains.
I have heard that Fabulous is providing an opt-out to the 60-day lock but I want to hear from them how they are treating all different problems here.
So now I have to deal with every registrar and registrars have to deal with all their clients asking questions and complaining about the new policy. What a mess!
It’s definitely a glitch at Fabulous. The good news: they update the obfuscated WHOIS regularly (I think once a month) so that any email addresses grabbed by spammers are unusable. The bad news: apparently that change triggers the WHOIS update system, which sends email notifications out. It’s also an indication of automatic opt-out, as far as I can tell.
The 60 days lock is good, this is to prevent domain theft
If it is a legit sales, then the seller can opt out the lock for that domain.
and whois should be accurate. Easier to track
Another thing is follow the money, whoever pays for the unauthorized transfer is usually the thieft.
There should be ways to prevent domain thefts.
For my domains, I will just wait…..no hurry.
I know who the thief is
http://domainbigdata.com/yinsibaohu.aliyun.com/mj/67kKIqIDUd9SoePU5R9o_Q
thieft=thief
The only great wall is your phone # besides your ss#
Now your phone# is your personal ID and it will be with your for the rest of your life.
Every new born will have a phone # number
When you want to withdraw money , they will send you the code or the bar code to your phone and you will use it to withdraw cash on the atm or to scan it as your id.
Wait till someone figures out how to clone your phone # or steal the text messages.
I’ve been inundated with hundreds of these over the past day. All with private whois. Some are domains I no longer have registered and a few are names where I was never the registrant. Not cool.
ICANN, REGISTRAR AND REGISTRY, should make domain SCUM and THIEF as their first priority; this is an ongoing issue that needed some serious attention. But if the thief are inside job, then there will be no solution; business as usual ?
I guess they were following the ICANN policy to a T and notified the registrants for a change in the whois privacy address, which they do automatically.