Seven Days of Darkness


The Artists Against 419 has gone offline for at least seven days. Why?

Because this is our internet future, unless you the consumer, takes a stand. Dark.

Since 2004 the Artists Against 419 has tried fighting for and protecting you, the ordinary consumer. This is a fight we have been slowly losing. To understand why, we need to look at registrars, at ICANN and an internet ecosystem stacked against any decent legitimate consumer.

Approximately $10, or less if discounted, has become the price to deprive you of your privacy, your legal rights, your human rights.

You are affected each time you connect to the internet. How?

Let's consider this reply from ICANN Accredited Registar, Crazy Domains:

(removed) (Customer Care)

19 Oct., 9:00 am AWST

Hello XXX,

Thank you for your email.

Please be advised that we have received your report of illegal activity. As checked, only the domain names are registered with us. It is hosted with a different provider and that we do not have a control on it. 

In this case, you need to contact their hosting provider to shut the website down. You may refer to the whois information below:

IP Whois
NetRange: - 
NetHandle: NET-162-214-0-0-1
Parent: NET162 (NET-162-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS46606
Organization: Unified Layer (BLUEH-2)
RegDate: 2013-05-22 
Updated: 2013-12-19

OrgAbuseHandle: ABUSE3581-ARIN
OrgAbuseName: Abuse Department
OrgAbusePhone: +1-888-401-4678
Name Servers
Name Server 1:
Name Server 2:

Have a good day!



What was reported?


Hello Crazy Domains


These domain were registered by a party with fraudulent intent, is
being abused in a massive 419 nest for online 419 activities and also
has invalid registration details (fake whois data).

Much mitigation has already taken place. They were using (removed another registar name) for email which has been blocked.

Full details at http://(removed)

Details of usage in 419 nest, also showing the fake registration
details: http://(removed)

You are requested to immediately verify the registration details shown
and facts, then suspend the domains for violations of your AUP and in
line with ICANN Advisory
that allows you to do so immediately under these circumstances.

I further request you keep details of online resources shared at
http://(removed) confidential.

Please do not hesitate to contact me if you have any queries.

Thank you for your time.

Artists Against 419


The mentioned resources marked (removed) above, was shared with various trusted parties, however in a nusthell it showed how an advance fee fraud syndicate is registering domains across registrars, how one email address is linked to many telephone numbers, how that telephone number in turn links to many other emails, how these in turn these link to fake adresses and names. For the bulk, the details was self evident. Most registrars acted as expected given clear evidence, some not as can be seen above. Also read more about this nest here:

To give the reader an idea of a small portion of this mess proving fake identities and 63 domains targeting consumers:


Naturally bogus registration details should be of concern to any ICANN accredited registrar. After all, the agreement between ICANN, the party supposedly overseeing registars, has a whole section on registrant verification and the requirement for accurate domain registration details:

Further, in this agreement we find terms such as illegal and a definition of illegal, stating what should happen and how the registrar should respond to such reports. As such the above response from the registar Crazy domains is totally inappropriate.

Another interesting dimension to this problem is that these domains were registered from Africa. It's no coincidence that Africa rated rather low in a recent WHOIS accuracy study, despite obvious flaws in verifying the applicability of the details. It should have been lower, but a lot of scam shift was done between regions as Africa is a large user of domains (ask the Cameroon; the pet scammers, drug scammers and commodity scammers and their fake couriers, all with "valid" US details turning the USA consumer into their personal piggy bank. Ask Nigeria and West Africa about the Yahoo-bois, Sakawa). While many domains are legitimate being registered from Africa, there is an unusually high churn of domains abused in fraud and online scams:

At this stage the more knowledgeable tech-savvy readers would shout: Report your issue to ICANN compliance!

Well we did in the past. No banana.

In the next few days we will be looking at how ICANN fails to protect you. We will see what happens when deliberately supplied innacurate whois/registration data is ignored by a registrar. We will see what happens, or rather does not, in two seperate escalations to ICANN Compliance. We will see an esclation tot he ICANN Ombudsman. All issues in ICANN's remit. We will see how this resulted in two legitimate banks still merrily being spoofed, one the Reserve Bank of India , with fake registration data after ICANN Compliance closed the compliance tickets. These were spoofs with active content targeting consumers in 419 fraud, targeting you and me.

We will then also expose registars who are the biggest culprits in facilitating 419 fraud by turning a blind eye to legitimate abuse complaints, how certain registrars are willing to contemplate your rights as an occupational risk to profit and rather lawyer up, how $10 can move the protections you have and that of a fraudster in a jurisdictional issue to the consumer's detriment. We will see how one registrar games this jurisdictional issue. We will also see how a domain proxy, the business hiding the real identity of a domain owner, can be a threat to you, your mother, sister brother or your loved ones with zero accountability.

Much is being said about spam, phishing and privacy. Everybody is theorectically an anti-spam, anti-fraud champion in the industry. One registrar is even abusing privacy as their private marketing campaign while accepting no responsibility for privacy after receiving their $10 for the domain. Yet all the domains reported via AA419 is exactly aimed at defrauding you, aimed at spamming you with deceptive emails and offers, spoofing legitimate businesses, banks and even governments. With fake registration details for the bulk. Yet registrars under the banner of ICANN tries to surgically seperate abuse and registration issues. If abuse is even mentioned, it's game over for the abuse reporter. The new kid on the 419-block, BEC, was born out of the sense of empowerment 419-fraudsters obtained from targeting consumers, much like rabid dogs, while many registrars stand idly by self blinding. It's also no wonder advance fee frausters are entering the phishing domain more and more. Ever seen a university or even government sending out loan offers? Advance fee fraud detroys. It destroys consumers and small business. It's the breeding ground for the next big threat to business. It's growing $10 at a time at the cost of each consumer. In the silence the registrars doing the most to curb this issue, have negative marketing campaigns hurled at them from numerous quarters. Yet they are the true registrar champions. So we will let the numbers speak for themselves in this week of darkness.

A hint at what is coming; the prime source of West African Fraud attack domains are US based registrars. The numers prove it. One had the mentioned ICANN Compliance complaint lodged against it, yet the games continue.

In the meantime, here is some food for thought:

ICANN Fails Consumers (Again)


the Artists Against 419