It is to be fair, incredibly simple to find out most of the information regarding the allocation of a domain. Just go to the main DomaiNZ page: www.domainz.net.nz and enter your (NZ) domain name into the search box on the left. After selecting OK, then a warning about not being able to use this information for any other purpose appears - and this warning automatically disappears after a few seconds anyway. After this, then all of the details for the queried domain appear! As the warning message automatically disappears, then the content of the warning is probably not legally enforceable anyway - you could have been looking away from your screen at that point! They should have a "Yes I've read the above agreement" checkbox before you can proceed... Possible ways that the scam has found out the contact info: - if you knew enough about HTML, ASP and VB, it would be simple enough to write a program that once every five seconds sent a request to the DomaiNZ webserver starting at "a.co.nz" and finishing at "zzzzzzz999.net.nz", to find out the information for the various domains - it would take a while though; - you could use an 'electronic dictionary' of words in order to cut down on the unlikely examples; - there is also probably an online listing somewhere, of all of the currently active companies in New Zealand, you could then just try "<company name>.co.nz" and "<company name>.net.nz". There are far too many ways that people could have done it. I'm not condoning what has happened and have not done so myself, I'm just trying to explain how easy it is to do so. I was hit with three renewals too... Paul Adshead Network and Systems Manager OTL Software Ltd www.otl.co.nz -----Original Message----- From: Juha Saarinen [mailto:juha(a)saarinen.org] Sent: Friday, 8 August 2003 13:04 To: PhoneNet Cc: nznog(a)list.waikato.ac.nz Subject: Re: [nznog] Re:Domain Name Scams On Fri, 8 Aug 2003, PhoneNet wrote:

I have today received 5 letters from The Domain Registry of America, Melbourne (posted in UK) asking me to re-register some of my domains as they are due to expire - so they are at it also.

Got one here as well, and what bothers me is that although the domain in question is registered under my own name, the letter was addressed to my company, which doesn't appear in whois data anywhere. Somebody's been trawling... -- Juha Saarinen _______________________________________________ Nznog mailing list Nznog(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog