A survey done by Danish consultancy firm EIT has shown that expired Danish domain names are systematically being purchased by individuals with a relation to China. Over the course of a few weeks in the fall of 2014, 354 out of 15.532 expired Danish domains were purchased by persons listing China as their country of residence. For comparison, only 238 were bought by residents of Denmark.
Further analysis of keywords and content on the relevant sites suggests that most of these re-registered domains may be used as dubious web-shops selling either non-existent goods or counterfeit copies of known brands. Typical characteristics of many of these sites are that they are obviously machine-translated, do not have a secure HTTPS connection, feature strangely odd prices and are lacking proper contact information.
The purpose of re-registering expired domains in order to set up potentially fraudulent web shops seems to be to exploit user trust in the domain as well as to benefit from any existing Google Pagerank.
A Data Analysis tool created by EIT automatically compares information about expired domains with registry information from Danish TLD administrator DK Hostmaster, making it possible to see when and from where an expired domain has been re-registered. The tool also crawls the web sites and analyses the use of keywords, trademarks and payment options. As such the tool can be used for fraud detection, assisting investigators of trademark infringements, cybercrime and counterfeit products.
The TLD administrator, DK Hostmaster, does not on its own account investigate whether a .DK domain name is being used for illegal purposes.
The actual Data Analysis tool created by EIT is running 24 hours a day and the results are available at eit.dk/fup.
The above is a summary of the article “Kinesere på domæne-hugst i Danmark”.