Private WHOIS Domain Registration is NOT Enough | Protect Yourself & Double Bag It

I'm going to assume this has been mentioned in past threads, but I've been reading a number of posts recently where an affiliate using 'questionable' tactics is contacted via phone, email, or snail mail by a supposed attorney, or a pissed of e-whore victim with blue balls.

The story goes... YOU were auto email responding to your list of 10k from your domain - or you were directing people to an offer or landing page on your domain that is somewhat deceptive.

You piss off the wrong guy who feels like a dipshit for believing you were a nubile 18 year virgin who wanted you to take her innocence... so he enters his credit card information for an age verification site that leaves him short $80 bones and now he's raging.

This poor bastard flashes a WHOIS on your domain - Your dumbass doesn't turn on private registration, because...well, you're a dumbass - and next thing you know he's threatening to file a suit, calling your house, flirting with your wife, she falls in love with him and starts webcam modeling in his studio apartment for heroin. All because you didn't turn on your WHOIS guard private registration.

This post isn't about reminding you to turn on your private domain registration. This post is a warning that turning on private WHOIS registration is simply NOT enough if you really want to cover your ass.

Condoms Break - The Pill only has an effectiveness of 99% - and WHOIS Guard can be broken as well.

If your registrar receives complaints from individuals claiming that your domain is being used to SPAM or conduct illegal activity - that private registration switch comes right OFF, and if you've registered your domain with your true blue name, phone, and address then get ready for a bunch of pissed off dudes with hardons and blue balls to come knocking on your door.

I had to learn this the hard way.

The point is - You've got to double bag it. If you're going to send emails from your domain, or do anything on that domain that could remotely piss someone off (and you know you're going to) - create an account with your domain registrar that does NOT have your personal information IN THE EVENT that the WHOIS guard wall comes down.

After that point, if a pissed off blueballer wants to come after you they're going to have to go directly to the authorities to do any kind of meaningful IP tracking.

'Excuse me officer, I was trying to solicit sex on craigslist and some douche bag totally took me for a ride, I didn't read the fine print and now I'm out a hundred bucks. Can you help me puhlleezzze?'

There should not be another instance of someone getting caught with their pants down and having their personal information made public.

If you're busting some dirty marketing on a domain that is registered with your home address and phone number on the WHOIS reg - Go Change That Shit NOW.

 

actually a very good tip, i thought private registrars do not give out your info unless there is some kind of legal action involved ...

 

Right. Like I said - I had to learn the hard way.

All of my personal info was out there and it was a HUGE bitch to try and get the registrar to even change the contact information listed on the WHOIS database.

Even after they agreed to make the change, it takes a while for it to propagate through the interwebs which is more than enough time for some hate mail.

 

The lesson for today is: always go double dutch
if you don't know what double dutch means here is a pic.

HTML:

http://www.sexwoordenboek.nl/assets/active/doubledutch_c.gif

 

Great post. You've very eloquently captured what I said in this BHW thread: http://www.blackhatworld.com/blackh...rivate-domain-registration-important-all.html (my entry is toward the bottom of the thread).

There's an old saying, "Three people can keep a secret if two of them are dead."

WHOIS information is the same thing as a secret (keep it to yourself).

PS. Congrats on hitting your 100th post (at the time of this reply).

 

So just putting fake info when registering a domain is what you are saying?

Any consequences to that? I switched all my stuff to fake when I started doing a bit more BH on a few of my sites.

 

Well if it's a domain that you're using to primarily drive BH traffic to, I can't imagine why you would want to be anchored to it. Other than if someone tries to contact you for the purpose of purchasing the domain.

I personally have the 'ninja' email that I use on the WHOIS registration forward to one of my primary email addresses just to keep tabs on it.

Thanks!

 

Thanks for the useful information. I'll be sure to keep this in mind for my future BH dealings.. I always wondered exactly how secure the WHOIS information was, even if it was set to private.

 

I have always registered my domains at one of the big registrars using fake details and turn on privacy guard for whois

Just changed my name a bit and used a near by town and fake address and never had problems even if it says you are meant to use 100% real id for icann reg when you purchase a new domain.........

Probably been lucky that no one has ever tried to actually track me now and found out or been a dispute on a domain name as then i would be screwed

 

1. use real info for domains of value, white hat business, offline business, brands etc as you can lose it should a legal dispute occur and you cannot prove you identity.

2. use LLC as owner to further protect your identity when you are thinking long term.

3. use fake name, prepay cards etc when spamming et al.

nobody will bother you about a fake name unless you're doing child pornography or drop-shipping cocaine (and either one will get you f*cked)

 

Had my domain registrar contact me about one of my redirect domains, said it will be canceled if I don't reply proving it wasn't me. Will they mess with my other domains if I just let it die?

 

In those cases there is the need for anonymous domains. katzglobal.com provides such

 

LMAO .... I just spit my coffee on my monitor

 

Definitely use an email that is monitored from time to time for the sites though. I had a person contact me last month, and as me if she could place a link on a PR2 site. The only way she got the email address was from the whois.

Anyway, she paid $60/year for the one link, and also added another link for another $60.

So, she contacted me and paid me for $120 for 2 links on an autoblog. In this case, it paid, literally, to have a viewable email address.

 

So, what company you suggest to go to register a domain, that no complains will make to take down or give my personal info out (if my info is real that is)? Primary traffic is e-whoreing so complains may come as soon as i launch

 

LMAO, that's awesome. Definitely an outcome you want to avoid.

Not only that, but if you know ur gonna make a spam something you can save money by using fake info right from the start, so u don't have to pay for private reg.

 

In theory, you could technically lose your domain for registering with fake info, but I've never actually come across anyone who says this has happened to them.

 

If it's a legal issue (subpoena, investigation...etc), that's one thing. If it's just a guy being a pain in the ass because he got duped by you ewhoring him, that's another. In that case I'd give him the "buddy I have no idea what you're talking about, I'm just a web designer and built that site for a client of mine. "Part of my services that my customers appreciate is my respect for confidentiality. Because of that I can't/won't give you his name unless you have a legal justification."

They'll still think you're a sell-out for working with scumbags like that but at least they won't be waiting in your driveway or crank calling your house.

 

Always wondered about private whois...i accidently left on off one time and almost shit myself when i noticed...
Anyways, good info

 

great advice, also wondering if a domain was in your name and you change to private, if its possible for someone to track you down somehow through some kind of whois archive? Anyone happen to know?