Chinese Domain Registration Scam
If you get an email from a Chinese domain registrar telling you that someone has applied to register your basic domain name–in my case “mooresoftwareservices”–it is almost certainly a scam where the domain registrar is trying to coerce you into buying the Chinese version of your domain name. Google “chinese domain registration scam” for a number of websites that describe the scam in detail, or read the Wikipedia article Domain name scams.
To get an idea of how common this is and when attacks are occurring in volume, Figure 1 shows Google Trends data for “domain registration scam”. Not that this embedded chart does not display in some browsers, and can be referenced directly via https://www.google.com/trends/explore#q=domain%20registration%20scam&cmpt=q&tz=.
DT World Service AKA www.dt-ws.org or www.dtts.org
whois dt-ws.org and
whois dtts.org shows that the domains were created on April 10, 2015 and March 21, 2015 respectively–about two months from this writing. The domain from which the email orginated,
applyreg.org was created on October 10, 2014.
(Since it is significant, forward the following E-mail to your CEO or relevant responsible person. Thanks) Dear CEO/Principal, We are the department of Asian Domain Registration Service in China. Here I have something to confirm with you. We formally received an application on May 12, 2015 that a company claimed "Prianting Company" were applying to register "mooresoftwareservices" as their Net Brand and some "mooresoftwareservices" Asian countries top-level domain names through our firm. Now we are handling this registration, and after our initial checking, we found the name were similar to your company's.Since now the cyber-squatting events and domain name abuse are very serious, in order to avoid such incidents cause unnecessary loss of benefits to your company, so we need to check with you whether your company has authorized that company to register these names. If you authorized this, we would finish the registration at once. If you did not authorize, please let us know within 7 workdays, so that we could handle this issue better. After the deadline we will unconditionally finish the registration for "Prianting Company" Looking forward to your prompt reply. Best Regards, Lena Zhang Senior Consultant Manager This e-mail and any attachments are confidential and may contain information that is exempt from disclosure by law and subject to copyright. If you have received this message in error, please let me know and delete it. P please consider the environment before printing this e-mail
The email is composed as a MIME object to get past spam filters:
Network Service Company
On May 5, 2014, I received the following from Tim Zhang at China Registry
(Please forward this to your CEO, because this is urgent. Thanks) We are a Network Service Company which is the domain name registration center in Shanghai, China. On May 5, 2014, we received an application from Huahui Holdings Ltd requested "mooresoftwareservices" as their internet keyword and China (CN) domain names. But after checking it, we find this name conflict with your company name or trademark. In order to deal with this matter better, it's necessary to send email to you and confirm whether this company is your distributor or business partner in China? Kind regards Tim Zhang General Manager China Registry (Headquarters) 3002, Nanhai Building, No. 854 Nandan Road, Xuhui District, Shanghai, China Tel: +86 21 6191 8696 Mobile: +86 182 2195 1605 Fax: +86 21 6191 8697 Web: www.chinaregistry.com.cn