.au Security is Job#1 at Afilias: Abuse Detection & Mitigation

This AUsome! blog addresses the technical portion of the .au Registry Transformation Project. In today’s post, we describe how Afilias plans to employ abuse protection to keep spammers and other criminals out of .au.

One of the biggest problems on the internet is SPAM—unsolicited, unwanted emails that clog our inboxes with risky material. Other common problems are phishing (e.g. emails pretending to be e.g. your bank), malware (unwanted software that loads itself onto your computer to perpetrate crimes) and botnets (networks of robots, or “bots” that recruit your computer to participate in DDoS attacks or other crimes).

A key enhancement Afilias will activate when the .au domain transitions onto its systems in July is an extensive array of anti-abuse measures designed to implement the anti-abuse part of auDA’s .au Registry Transformation project.   We expect to immediately begin reducing the incidence of SPAM, malware and other evils being perpetrated on any name ending in .au. You will still get SPAM (no one has solved that problem yet!), but you should get a LOT less from addresses ending in .au. Overall, then, the .au domain should be more trustworthy.

Afilias developed and launched the domain industry’s first registry anti-abuse program in 2008. Beginning in July, Afilias will conduct daily technical analyses of newly registered names to assess the threat potential along with analyzing threats on existing domains. We’ve analyzed millions of names from dozens of TLDs all over the world for over a decade, so we know who the spammers are and how they conduct business. When we find names registered by spammers, we work with registrars and de-activate them so they cannot be used.

The Afilias Security Team knows how to identify names likely to be used for abuse in various categories like spam, pharming, phishing, malware, fast-flux and botnets. Some of the tools/methods used are:

  • Review of external abuse detection services
  • Deployment of our own internally-developed tools for early detection
  • Analysis of Registry and DNS data to identify malicious behavior
  • Abuse reports from third-parties
  • Coordination with local and global law enforcement and security agencies

Since 2011, Afilias has enabled the take-down of over 1.8 million domain names in TLDs that we support—an effort that is unmatched in the entire industry.

Afilias is working closely with auDA and Australian registrars to couple our global security capabilities with knowledge of specific threats in Australia.   Our Melbourne-based team includes two full time domain security professionals who are linked to our global capabilities. With this world class team protecting .au names, the Australian internet community can be assured that the abuse protection will be very effective.

Have a question or want to suggest a topic for us to cover? Email us at transformationblog@afilias.com.au.

More information on Afilias plc is located at www.afilias.info.