Page 1 of 3 123 LastLast
Results 1 to 25 of 54
  1. #1
    Join Date
    May 2009
    Posts
    80

    Unhappy What should I do if my client build a phishing website?

    Hi everyone,
    I am a domain reseller.One of my client registered 1 domain name,and use it build a phishing website.
    I am sure it is a phishing website,just copy a large,well-known website and then say "You won the prize!!!" and before you get it,you need send the tax to ....

    Now what should I do?

    PS:the site is not hosting with me,just the domain.

    Thank you for any advice!

  2. #2
    Join Date
    Jul 2005
    Posts
    447
    You need to ask?

  3. #3
    Join Date
    May 2009
    Posts
    80
    Quote Originally Posted by RedRat-Chris View Post
    You need to ask?
    Sorry if you think I am stupid.
    I am new in this business.

  4. #4
    You close the domain and say that running a phishing site is against the TOS.

  5. #5
    Join Date
    May 2009
    Posts
    80
    Quote Originally Posted by coax View Post
    You close the domain and say that running a phishing site is against the TOS.
    When you say "close",do you mean suspend and let it expire?
    Or delete the domain because the domain is new and can be deleted?

    Thank you!

  6. #6
    I think that's up to you and your TOS.
    You can also ask your registrar what they do in these positions.

    I say delete the domain, because the user who did this probably isn't interested at all in changing his behavior (hence a warning is useless.)

    All you can do is prevent your business from being known as accepting criminal activity on your domains, and thus you need to take action (imo)

  7. #7
    Join Date
    May 2009
    Posts
    80
    Quote Originally Posted by coax View Post
    I think that's up to you and your TOS.
    You can also ask your registrar what they do in these positions.

    I say delete the domain, because the user who did this probably isn't interested at all in changing his behavior (hence a warning is useless.)

    All you can do is prevent your business from being known as accepting criminal activity on your domains, and thus you need to take action (imo)
    Thank you very much for your help!

  8. #8
    Join Date
    Jul 2005
    Posts
    447
    No. You first of all lock the domain so that it cannot be transferred and then you suspend it. If you don't lock it first the owner will simply move it somewhere else and carry on. For the take down to be effective you need to prevent that.

    Be sure to retain copies of all evidence and notifications. They should be emailed automatically once they are suspended. Don't enter into any further correspondence with them until you are certain you know what to say in response should they contact you after getting the suspension email.

    Best wishes.

  9. #9
    Join Date
    May 2009
    Posts
    80
    Quote Originally Posted by RedRat-Chris View Post
    No. You first of all lock the domain so that it cannot be transferred and then you suspend it. If you don't lock it first the owner will simply move it somewhere else and carry on. For the take down to be effective you need to prevent that.

    Be sure to retain copies of all evidence and notifications. They should be emailed automatically once they are suspended. Don't enter into any further correspondence with them until you are certain you know what to say in response should they contact you after getting the suspension email.

    Best wishes.
    Thank you!

  10. #10
    Yeah that may be all good in theory, but the sad truth is domains are really cheap and he will just get a new one elsewhere anyway.
    But I guess for public image it's best to prevent the specific domain to be used immediately.

  11. #11
    Join Date
    May 2009
    Posts
    80
    Quote Originally Posted by coax View Post
    Yeah that may be all good in theory, but the sad truth is domains are really cheap and he will just get a new one elsewhere anyway.
    But I guess for public image it's best to prevent the specific domain to be used immediately.
    Year,I think so.They can just get a similar doamin and start again.
    I have suspended his domain and it should stop working very soon.
    Thank you.

  12. #12
    Join Date
    Jan 2005
    Location
    Chicago
    Posts
    199
    You suspend the domain, make sure to keep record of the actual infraction. send them a notice. You do not have to renew the domain since it was used for illegal activities. I update the dns to non working domain servers.
    Mariehosting - Wordpress hosting Experts web hosting Get a website you will love. Affordable Wordpress web design

  13. #13
    Join Date
    Jul 2009
    Location
    Sweden
    Posts
    30
    Don't forget to prevent future registrations from that IP-adress if possible!

  14. #14
    Join Date
    May 2009
    Posts
    80
    Thank you for all your help!
    I have suspended the domain and it's not working now.
    I send the client an email and he replid,"why other domain at godaddy is fine?I can not trust you anymore..."
    Lol,hope he leave and never back!

  15. #15
    Join Date
    Jan 2005
    Location
    Chicago
    Posts
    199
    Good luck with that they are usually using multiple ip ranges. I send them all through maxmind regardless.
    Mariehosting - Wordpress hosting Experts web hosting Get a website you will love. Affordable Wordpress web design

  16. #16
    Join Date
    Jul 2009
    Location
    Sweden
    Posts
    30
    Seems like this guy is pretty fresh, since he even bothered to respond to the suspension email.. and just because Godaddy hasn't suspended his other domain, doesn't mean they won't do it if they receive complaints!

    Good job likerise!

  17. #17
    Join Date
    Mar 2009
    Location
    Here Today - Gone to Maui
    Posts
    9,966
    Quote Originally Posted by likerise View Post
    Hi everyone,
    I am a domain reseller.One of my client registered 1 domain name,and use it build a phishing website.
    I am sure it is a phishing website,just copy a large,well-known website and then say "You won the prize!!!" and before you get it,you need send the tax to ....

    Now what should I do?

    PS:the site is not hosting with me,just the domain.

    Thank you for any advice!
    Kudos to you, likrise for doing the right thing.
    ProlimeHost - Dedicated Server Hosting & KVM SSD VPS
    Three Datacenter Locations: Los Angeles, Denver & Singapore
    SuperMicro Hardware | Multiple Bandwidth Providers | 24/7 On-site Engineers

  18. #18
    Join Date
    May 2009
    Posts
    80
    Quote Originally Posted by FH-Andreas View Post
    Good job likerise!
    Thank you!

    Quote Originally Posted by Steve-********* View Post
    Kudos to you, likrise for doing the right thing.
    Thank you!

  19. #19
    Join Date
    Jul 2002
    Location
    Toronto
    Posts
    3,797
    Quote Originally Posted by RedRat-Chris View Post
    You need to ask?
    I do NOT think it's THAT simple or straighforward.

    Quote Originally Posted by RedRat-Chris View Post
    No. You first of all lock the domain so that it cannot be transferred and then you suspend it. If you don't lock it first the owner will simply move it somewhere else and carry on. For the take down to be effective you need to prevent that.
    I guess this is exactly what differentiates a good registrar and someone who thinks he can save the world. As a registrar (or a reseller of a registrar), the most (mind you, NOT the least) you should do is to make sure that illegal activities (such as phishing) are not involved in any of your business. Whether they are effectively taken down is NONE OF YOUR BUSINESS. It's business after all, not DC comics.

    If you ask me, I wouldn't take ANY action until at least a formal complaint is received, if not a court order.
    Co-Founder @HostHideout. Profoundly influenced by #Bauhaus, @Nameslave unrepentantly embraces #Minimalism with a bias for functionality, color theory and pixel precision: a #multimedia messenger in the McLuhan sense. His totally irrelevant M.Ed. dissertation examines Organizational Culture and Change Management. He also likes Patrik Ervell, Wong Kar-wai and IKEA.

  20. #20
    Join Date
    Sep 2007
    Location
    Planet Earth
    Posts
    154

    Um - Duh

    Quote Originally Posted by likerise View Post
    What should I do if my client builds a phishing website?
    If it is in your TOS or AUP as a violation. Shut it down

    Otherwise you have to wait for a complaint.

    -Chris
    Professional Plesk Webhosting.
    No overselling.
    Always available for you.
    http://www.64bithost.com - 1-352-3164619

  21. #21
    Join Date
    May 2009
    Posts
    80
    Quote Originally Posted by 64bithost View Post
    If it is in your TOS or AUP as a violation. Shut it down

    Otherwise you have to wait for a complaint.

    -Chris
    Yes,it violate both my TOS and AUP.

  22. #22
    Quote Originally Posted by nameslave View Post
    If you ask me, I wouldn't take ANY action until at least a formal complaint is received, if not a court order.
    But what's the point of that?
    Do you mean to say he should wait to suspend the domain even if he knows it is actively used for phishing?

  23. #23
    Join Date
    Jul 2002
    Location
    Toronto
    Posts
    3,797
    Quote Originally Posted by coax View Post
    But what's the point of that?
    Do you mean to say he should wait to suspend the domain even if he knows it is actively used for phishing?
    I guess the bottom line is, WHO is eligible to judge? Definitely not you and me.

    Perhaps we are overly used to summary judgment after 9/11 that we forget how important "innocent until proven guilty" is. Registrars (or resellers like many here) are in the business of domain registration (or web hosting), and NOT on a crusade to curb phishing or spamming. When Batman starts taking the law into his own hand, LAW itself FAILS.

    By the way, since when did registars or resellers start *monitoring* their clients' (registrants') CONTENT?
    Co-Founder @HostHideout. Profoundly influenced by #Bauhaus, @Nameslave unrepentantly embraces #Minimalism with a bias for functionality, color theory and pixel precision: a #multimedia messenger in the McLuhan sense. His totally irrelevant M.Ed. dissertation examines Organizational Culture and Change Management. He also likes Patrik Ervell, Wong Kar-wai and IKEA.

  24. #24
    Join Date
    Jul 2005
    Posts
    447
    @ nameslave Both of your contributions so far are extremely naive and irresponsible. I doubt anything that human beings value is safe as long as people with your selfish, pragmatic and greedy attitude remain in business.

    As with any common householders deciding who is allowed in their homes and what standards of behaviour are acceptable, Domain Registrars and web hosts have every right to decide who enters their service grid and what activities are conducted whilst in it.

    Is it possible to build a highly successful business on an ethical model? Of course it is!

    The op, likerise, has acted in an exemplary manner worthy of respect.

    Long may the doors that human beings walk through be closed to those who would destroy them or attempt to steal from them.

  25. #25
    Join Date
    Jul 2002
    Location
    Toronto
    Posts
    3,797
    Quote Originally Posted by RedRat-Chris View Post
    As with any common householders deciding who is allowed in their homes and what standards of behaviour are acceptable, Domain Registrars and web hosts have every right to decide who enters their service grid and what activities are conducted whilst in it.

    Is it possible to build a highly successful business on an ethical model? Of course it is!

    The op, likerise, has acted in an exemplary manner worthy of respect.
    I never said the OP did anything wrong. Like I said, it's okay (mind the italics) to suspend or even terminate a client who engages in suspicious activities which are contrary to most terms of service.

    I am criticizing the TOTALLY UNPROFESSIONAL suggestion to "effectively taking down" the *suspected* phishing operation BY ILLEGALLY LOCKING the domain IN AN ATTEMPT to prevent transfer.

    Ethical? Respect? Give me a break. This is not Guantanamo; we don't shoot first and investigate later.
    Co-Founder @HostHideout. Profoundly influenced by #Bauhaus, @Nameslave unrepentantly embraces #Minimalism with a bias for functionality, color theory and pixel precision: a #multimedia messenger in the McLuhan sense. His totally irrelevant M.Ed. dissertation examines Organizational Culture and Change Management. He also likes Patrik Ervell, Wong Kar-wai and IKEA.

Page 1 of 3 123 LastLast

Similar Threads

  1. Replies: 3
    Last Post: 03-06-2008, 11:35 PM
  2. IE 7 Phishing website warning?
    By voxio in forum Web Design and Content
    Replies: 5
    Last Post: 08-13-2005, 05:27 AM
  3. Build my website
    By SPLForums in forum Employment / Job Offers
    Replies: 6
    Last Post: 02-21-2005, 06:12 PM
  4. if you had $130 to build a client base -- how ?
    By meshfuse in forum Running a Web Hosting Business
    Replies: 22
    Last Post: 07-28-2004, 03:38 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •