Decoding the new economy

Forget the domain name hype

New top level domains won’t change things for most businesses

Last week the proposal to allow a new breed of internet domains triggered talk of another “internet gold rush”. I’m not sure this is going to happen, however it is a timely reminder of the importance of protecting your own business name.

The Global Top Level Domains (gLTDs) are the suffixes such as .com and .net at the end of internet addresses. There are 22 of these and they are controlled by the Internet Corporation for Assigned Names and Numbers (ICANN) which is chaired by an Australian, Dr Paul Twomey.

ICANN has proposed to make new gLTDs available to anyone who makes a suitable application. So somebody can apply to create a .smartcompany or .australia domain to replace the boring old .com or .com.au.

I have to admit my first reaction was “this was just a revenue grab” by ICANN but Twomey, in an interview on ABC Local Radio last Friday morning, stated the expected “low six figure sum” for registering a gTLD will only recover ICANN’s costs.

Those costs are going to be substantial as the ICANN announcement indicates there is going to be quite a rigorous evaluation before any are approved.

The cost and evaluation process means we won’t get a repeat of the mess we have seen in spaces like the .com domain where the low cost and ease of obtaining an address has meant many opportunistic registrations.

Because of this, I doubt there will be a “gold rush” as the barriers for entry are too high. The business model of registering hundreds or thousands of potentially valuable names in the hope someone will offer big dollars for a few of them doesn’t work when each registration costs over a hundred thousand dollars.

I also suspect the branding aspect is overplayed. The cost and time of buying, setting up and establishing the new top level domains will put even some of the bigger brands off unless there’s a compelling business case for doing so. Many will simply defend their brands through the disputes system.

In his interview on ABC Radio, Twomey indicated this will probably be a similar process to the existing domain dispute mechanism – which only makes the risks for cybersquatters even greater.

At the moment, it’s cheap to register a name but expensive to dispute it. This works to the cybersquatters’ advantage as most business owners will pay $10,000 to buy the domain rather than $25,000 in legal costs to dispute the ownership.

Under the ICANN proposal, the legal costs will still be high, but not as high as the cost of registration. This means speculating on global Top Level Domains becomes a very risky proposition and probably beyond the resources of most speculators.

Another aspect working against a gold rush are the popularity of the current suffixes. Of the 21 existing gTLDs most haven’t worked; when was the last time you saw a .coop, .pro or .jobs internet address?

If you did see one of these addresses, did you automatically type .com or .com.au the first time you tried to use it?

This is the big problem for any new domain; internet users are already conditioned to identify .com, .com.au and similar suffixes as internet addresses. So any new domain owner is going to have to spend a lot of money and time convincing the community to use the new address.

Long time Crikey subscribers will remember Stephen Mayne’s struggle to remind radio interviewers to include the .au at the end of the Crikey web address. All too often it was back announced as crikey.com which sent potential subscribers to the personal website of a Seattle based British expat.

To overcome this confusion I suspect brands that do grab their own gTLD will also retain the equivalent .com addresses and point those to their new domains. So for instance were Gucci to obtain the .gucci domain they would arrange that when customers type in gucci.com it automatically resolves to the .gucci address.

Where I think the new names will be successful is in large corporations where it’s relatively easy for the system administrators to setup the entire company’s computer network to use the domain.

For instance Telstra would get the .telstra domain then have internal addresses like sales.mobiles.telstra or servicecentre.ballarat.telstra. These addresses could be exposed to the wider public internet when necessary.

Most businesses though will find these domains have limited effect. It may be that buying a new address on a domain like .shop or .sunshinecoast will be worthwhile, but registering your own global Top Level Domain is overkill and beyond the means for all but the biggest corporations.

Where business may be affected by this is with trademark infringements. So this is another reminder to protect your enterprise’s most import asset; its name.

For the moment, it’s not worth worrying about the new names, especially given they won’t be around until at least the end of 2009. In the meantime, stick with your existing internet addresses and make sure you are protecting your brand names.

Anatomy of an Internet scam

We talk a lot about Internet scams, here’s a first hand account of how they work.

A clever little scam fell into our laps tonight. It’s the typical sort of trick that can fool anyone with an Internet connection, in this case it used Skype, but it could have been an email, a pop ad or pretty well anything any computer encounters while on the net. So we decide to follow this one to see how it works.

This was done on an a fully patched Windows XP computer running in Limited User Mode with Mozilla Firefox as the web browser. This is our preferred configuration for safe surfing.

Despite this, the computer was still fully backed up and we ran regular spyware and virus scans between each step. We strongly recommend never to click on any link, email or adverts you think might be suspicious.

The trap

You’re sitting at your computer when you notice a strange icon in the corner of your screen. It’s Skype, the Internet phone program, telling you there’s a Skype Chat message for you. The message comes from Security Center ® (Offline) Skype™ Chat and it warns WINDOWS REQUIRES IMMEDIATE ATTENTION.

We should pause here to point out if you have Skype Chat enabled you will be getting messages popping up like this on a regular basis. We’ve discussed this problem on our July ABC Nightlife spot and we’ve added the solution to our IT Queries website. You should set Skype to only accept messages from your friends.

It’s also important to note here that this message looks official. Many people think that they are too clever to be caught by these scams. What they overlook is that while many scammers are dopes, some are very clever and this one will fool a lot of intelligent people.

Following the link

At the bottom of the message is a link directing you to “a patch” that will fix the problem. Click this and you are taken to a website called “Online Alert”

This website is allegedly owned by a Sergei Machorin of Moscow. We can safely bet that Sergei, if he exists, has no idea he’s the owner of this site.

Rather than downloading a patch, which would fix the problem, Online Alert starts a fake malware scan of the computer’s hard drive. After several minutes this will report your computer is infected with the following files.

Backdoor:Win32/NT Root
Backdoor: Win32/Sivuxa
Trojan.Caijing

All of these are fake. In fact, if you run the test on an Apple Mac you’ll get exactly the same result.It’ll even claim the c: drive is infected.

Of course, they aren’t telling you this for nothing, at the bottom of the page there is a button to “fix this problem”, so we clicked it.

The fix takes us to a page offering to download and install a cleaner program called Scan and Repair 2007 for a mere 19.95 USD. And here you are stuck.

If you choose just to close the screen you’ll find yourself locked in a loop where you can’t get out of the purchase screen until you kill the process or shut down Windows.

Naturally we didn’t pay the 19.95 and we just killed Firefox instead. Many people though would be worried about shutting down their computer with this thing still open.

The Result

This is a pretty garden variety scam and it could be a lot worse. This site could easily have tried to install something malicious. We tested this also on Internet Explorer and Firefox in a Limited User profile and there is no evidence of this scam trying to load spyware.

Overall it’s a fairly primitive little scam. The “online scan” is fairly simple. But to give credit to the scammers, the Skype warning, the webpages and the online scan are all quite convincing looking mock ups of a real thing.

Who falls for this?

Lots of people. The fact the warnings and websites look so convincing means that even experienced users can be fooled into clicking on links or thinking their computer is infected. There’s an idea that only stupid people fall for these tricks. This is not the case and even if it were, the numbers still make it attractive for the scammers.

Why do they do this?

The scammers receive a commission on every copy of Scan and Repair 2007 they sell. Given they’ve sent this warning out to millions of people they only need a tiny proportion to buy the product to make a tidy sum. It’s easy money for someone with the right skills.

The F-Prot’s Mikko Hypponen believes malware is the fastest growing sector of the IT industry. We agree and while this isn’t an example of true malware like a Trojan or virus, it still shows the profits that can be made with just a modest bit of effort.

We’ve found over the years that most people that fall for these scams are not stupid. The crooks who try this stuff are no fools and anyone who thinks they are smarter than the crooks is probably going to be caught out. All of us need to take care on the net.

Author: Paul Wallbank