The other day I received a phone call from an unknown 866 toll-free number. When I answered I was greeted with a recording that instructed me to visit myattpoints.com in order to save $200 off my AT&T wireless bill. Eager to save some of my hard-earned money, I did what any paranoid computer security professional would do…I did a whois lookup on myattpoints.com. As it turned out, the domain was registered to some guy in Sunnyvale, California. Interestingly enough, the registrar was Melbourne IT. This wasn’t some shady fly-by-night registrar; Melbourne IT is one of those premium registrars who provide all sorts of additional brand protection benefits. A quick visit to the website confirmed my suspicions; in order to save $200 I would need to enter my AT&T username and password. No thanks.
The next day, I noticed I had a voicemail from an unknown 800 number. This time I was told I could save $200 by visiting attdollarpoints.com. A quick whois lookup showed the domain was registered to that same guy in Sunnyvale, again through Melbourne IT. Visiting the site, I saw a Google “Phishing” warning.
This got me thinking…why on earth would Melbourne IT allow some random clown to register domains that were clearly meant to defraud people? Aren’t they supposed to be all about brand protection?
As I thought about this, I realized the problem. You couldn’t very well stop every new domain registration that contains the string “att”. You’d be crying wolf at mattjones.com, battlezone.cc, atthe50yardline.com, 100wattbulb.net,chatter.net, hyatt.com, etc.
So the moral of today’s story? It’s easier to protect the Verizon brand than it is to protect AT&T. Oh, and you might want to warn your friends and family, just in case they aren’t the type to do a whois lookup before visiting a website advertised by an unsolicited robo-dialer.