The acronym UBU stands for “Unauthorised Business Use”. This is where overseas scammers use someone else’s identity and ABN to buy .au domain names that have just expired. More details on this type of activity can be found in this article I wrote previously.
This practise continues virtually unabated. It seems as soon as auDA takes down some sites and deletes domains, the scammers simply repeat the process. We’re not talking just hundreds of UBU’s – we are talking many thousands!
For example, yesterday I had a quick look at the current “Policy Delete” list, and saw that there are just over 2000 UBU’s about to be deleted.
Here is just one example of fake details on the WhoIs (poor old Swinburne!):
These scammers wouldn’t keep doing this unless they were making money – it’s as simple as that.
auDA is supposed to protect the integrity of the domain name system in Australia. In a recent speech on 31st July, this is what the auDA CEO (Cameron Boardman) said in relation to “cyber security” and domain names:
“It is the simple premise that if any consumer goes to a dot au website, they can have confidence that that dot au website represents exactly what it should be. That the policy settings; that the adherence to policy; that the relationship with the registry and registrars is absolutely correct and robust; that we are maintaining stability, integrity and trust in the domain name system”.
Listen to the 41 second audio here:
The Facts
By my simple estimate, there are potentially in excess of 20,000 UBU’s registered this year. That is not a misprint. Have a look at this slide from the auDA CEO’s recent presentation:
Wiser people than me tell me that the number is actually far higher than this – we are dealing with the tip of the iceberg.
Who Loses From UBU’s?
♦ The Australian consumer who tries to buy something from one of these fake sites. If they get any product at all, it will invariably be a “knock off”. They’ll never see a refund, and their credit card details are compromised.
♦ The poor Aussie business or organisation who unwittingly has their ABN used by a scammer to register a domain (reputational damage).
♦ The original registrant who for whatever reason had the domain name expire.
Who Wins From UBU’s?
♦ The scammers.
♦ The registrars who allow the domains to get registered in the first place. They get a fee for every domain registered – and re-registered.
♦ AusRegistry – every time a domain gets registered, as the “wholesaler” they effectively get around $14 per domain.
♦ auDA – as the regulator, they get $3.50 per domain.
Do the maths on 20,000 domains. UBU’s are great for cash flow!
What’s The Solution?
In the past, auDA have been quick to ping certain registrars for infractions of their rules and policies. Think Bottle, Netfleet, Crazy Domains, and Enetica.
The question that a lot of people are asking is why has auDA not suspended the .au accreditation of Public Domain Registry and Tucows (until they sort the problem out within their own systems i.e. certain resellers)? They seem to be the common denominator when it comes to the registration of UBU’s.
If this was done today, I believe you’d see a major impact on UBU registrations.
Ned O’Meara – 23 August 2017
Disclaimer
“Everyday Australian’s” are now coming across these sites selling counterfeit shoes quite regularly because most of the domains owned by closed business are being snapped up. UBU’s must surely represent a large chunk of new registrations given the numbers.
Why is AUDA unwilling to act against these two overseas registrars?
Once again can we all seemingly “Follow the Money” to understand why Ausregistry and auDA seem to be lax in their management of this problem?
” Who Wins From UBU’s?
♦ The registrars who allow the domains to get registered in the first place. They get a fee for every domain registered – and re-registered.
♦ AusRegistry – every time a domain gets registered, as the “wholesaler” they effectively get around $14 per domain.
♦ auDA – as the regulator, they get $3.50 per domain.
Do the maths on 20,000 domains. UBU’s are great for cash flow!”
Regarding AUDA their revenue is $4.85 per registration,
$3.50 AUDA Domain Name Fee fee +$1.10 AUDA Registry Fee + $0.25 AUDA Foundation Payment.
@Snoopy – I’m not saying you’re wrong, but this is what auDA tells prospective registrars on their website.
That is just one fee Ned, the $3.50 AUDA Domain name fee (+35 cents GST equals the $3.85 on that link).
Ausregistry collect the other 2 fees for them.
The other party that benefits from UBU’s is the ATO!
Regardless of how it is split up, let’s assume there is $19.25 inclusive of GST x around 20,000 UBU domains this year (the ones we know about). Almost $400k!
Rinse and repeat – cash cow.
Yes it is a significant amount of money Ned, and as you say that is just the ones we know about, what is the real number including the whole of the ice berg? I suspect a lot of these names are also being deleted a reregistered, little doubt the registrant gets no refund and AUDA gets multiple payments on the same name.
Regarding AUDA fees, the CEO broke it down at the SGM,
https://www.auda.org.au/assets/pdf/SGM/auDA-SGM-presentation-website.pdf
I’ve submitted multiple domains that are UBU’s to auDA with zero response.
If you have a recommended process for having them actioned with auDA would you mind sharing it?
@Joel – as I wrote in this article, I contact Mark at auDA. He seems very much on the ball.
Or I’m happy to do it for you.
Thanks for the link Ned 🙂
Would .au growth rate be 0% or less without UBU’s? If you look at the graph it was heading that way until mid 2016, the growth rate had been mostly declining for 9 years, then strangely the growth rate started climbing again,
(.au domains under management chart)
https://www.ausregistry.com.au/wp-content/uploads/2017/08/BTD_Issue_12.pdf
Have made a chart of what I think is probably happening here (you likely need to be logged in to see the chart)
https://www.dntrade.com.au/threads/is-auda-competent-to-run-the-registry.11501/#post-87979
I think pushing back onto the registrars will help. Surely if multiple UBU’s are paid for by the same credit card then bingo, ban that account.
These guys need to think smarter, find the commonalities and close them down.
It’s such a mess. As Sean said on DNT, it hurts the security and reputation of our beloved .au space, and protecting that should be one of auDA’s main objectives.
Personally I don’t believe for a second that auDA would be turning a blind eye because of the extra revenue UBU domains bring. I can’t accept that would be the case.
But ultimately, the UBU domains are bringing in hundreds of thousands of dollars in extra revenue for multiple parties, and this needs to stop.
Maybe you will find out if/ when you get on the auDA Board. Please let us all know the answer..
“FOLLOW THE MONEY” auDA CEO Cameron Boardman and several auDA Directors have told me relating to many questions I have asked.
FOLLOW THE MONEY seems to lead to those who make money from it.. auDA, Ausregistry, the scammers, the involved registrars??
Consumers should not have to work to safeguard the very product or service they are buying from a market.
What if, ACCC decided auDA is breaching consumer safeguards under auDA / ICANN sponsorship agreement. The shit would hit the fan?