Facebook sues OnlineNIC for domain name fraud associated with malicious activity

Facebook today announced it has filed suit in California against domain registrar OnlineNIC and its proxy service ID Shield for registering domain names that pretend to be associated with Facebook, like www-facebook-login.com or facebook-mails.com, for example. Facebook says these domains are intentionally designed to mislead and confuse end users, who believe they’re interacting with Facebook.

These fake domains are also often associated with malicious activity, like phishing.

While some who register such domains hope to eventually sell them back to Facebook at a marked-up price, earning a profit, others have worse intentions. And with the launch of Facebook’s own cryptocurrency, Libra, a number of new domain cybersquatters have emerged. Facebook was recently able to take down some of these, like facebooktoken.org and ico-facebook.org, one of which had already started collecting personal information from visitors by falsely touting a Facebook ICO.

Facebooks’ new lawsuit, however, focuses specifically on OnlineNIC, which Facebook says has a history of allowing cybersquatters to register domains with its privacy/proxy service, ID Shield. The suit alleges that the registered domains, like hackingfacebook.net, are being used for malicious activity, including “phishing and hosting websites that purported to sell hacking tools.”

The suit also references some 20 other domain names that are confusingly similar to Facebook and Instagram trademarks, it says.

Screen Shot 2019 10 31 at 1.27.38 PM

OnlineNIC has been sued before for allowing this sort of activity, including by Verizon, Yahoo, Microsoft and others. In the case of Verizon (disclosure: TechCrunch parent), OnlineNIC was found liable for registering more than 600 domain names similar to Verizon’s trademark, and the courts awarded $33.15 million in damages as a result, Facebook’s filing states.

Facebook is asking for a permanent injunction against OnlineNIC’s activity, as well as damages.

The company says it took this issue to the courts because OnlineNIC has not been responsive to its concerns. Facebook today proactively reports instances of abuse with domain name registrars and their privacy/proxy services, and often works with them to take down malicious domains. But the issue is widespread — there are tens of millions of domain names registered through these services today. Some of these businesses are not reputable, however. Some, like OnlineNIC, will not investigate or even respond to Facebook’s abuse reports.

The news of the lawsuit was previously reported by Cnet and other domain name news sources, based on courthouse filings.

Attorney David J. Steele, who previously won the $33 million judgement for Verizon, is representing Facebook in the case.

“By mentioning our apps and services in the domain names, OnlineNIC and ID Shield intended to make them appear legitimate and confuse people. This activity is known as cybersquatting and OnlineNIC has a history of this behavior,” writes Facebook, in an announcement. “This lawsuit is one more step in our ongoing efforts to protect people’s safety and privacy,” it says.

OnlineNIC has been asked for comment and we’ll update if it responds.