This surely is great news.

Laura Mather from the APWG (Anti-Phishing Working Group) declared that the DotAsia Organisation had agreed to a new policy, consisting of banning domains associated to phishing.

This new registry which has just launched the .asia gTLD (generic Top Level Domain) seems to be willing to close down the domains leading to phishing content.

We're glad to hear this, because registries usually set explicit policies restraining them to interfere in disputes regarding domain names. These policies are particularly driven by their need to protect themselves against legal issues and from overwhelming work.

But to shut down a fraudulent website using fast-flux botnet techniques, your only hope is going after the domain name, and so to contact the registrar. But at the registrar level, it takes often too much time to be really effective because of insufficient staff/process capacity or declared complaisance with fraudsters from some of these companies. (Who said Estdomains?)

Directly shutting down the domain has its advantages compared to remove the content on the hosting side, since there are a growing number of phishing campaigns using "fast flux"-like technology. It is not rare nowadays to see one campaign being hosted on twenty servers or more. Even if one is shut down, the others are still active. But in this case, there is often a single domain leading to all these hosts. Cutting this link is the only efficient way to stop this kind of phishing.

To have the registries getting involved in the fight against phishing would definitely be helpful, particularly if they put some effort (staff members, extended hours…) on the matter. On their side, DotAsia seems to want to rely on a few trusted sources that will send them verified information.

Let’s hope such willingness turn into reality and effective success, and give ideas to the other registries...