In their quest to protect Internet users, Meta has issued a lawsuit against Freenom – a domain registrar based in Amsterdam.
The reason for the case is the alleged history of the company ignoring abuse complaints about phishing websites while monetising traffic to those abusive domains.
Freenom is the domain name registry service provider for five country code top level domains (ccTLDs), including:
- .cf – Central African Republic
- .ga – Gabon
- .gq – Equatorial Guinea
- .ml – Mali
- .tk – Tokelau
Freenom has offered domains within these ccTLDs without any registration fees, but they have a catch – The registrar reserves the right to take back the free domains at any time, and to divert traffic to other sites — including ones some may deem inappropriate.
There have been multiple reports from Freenom users who’ve seen their free domains removed from their control and traffic forwarded to other websites.
Meta initially filed its lawsuit in December 2022 and asked a court to seal its case against Freenom – the request was denied.
Meta withdrew that lawsuit and re-filed one in March 2023 stating “The five ccTLDs to which Freenom provides its services are the TLDs of choice for cybercriminals because Freenom provides free domain name registration services and shields its customers’ identity, even after being presented with evidence that the domain names are being used for illegal purposes…”
“…Even after receiving notices of infringement or phishing by its customers, Freenom continues to license new infringing domain names to those same customers.”
Phishing on a massive scale
In the case documents, Meta referred to research from Interisle Consulting Group, which discovered in 2021 and again last year that the five ccTLDs operated by Freenom made up half of the Top Ten TLDs most abused by those conducting phishing attacks.
Not totally altruistic though
The Interisle report does highlight something that suggests that Meta’s lawsuit has possibly been raised because of damage to it’s brand. In the report, Interisle show figures relating to the top brands targeted in phishing attacks and no surprises – Facebook comes out as the No. 1 most used brand in phishing emails and its sister platform WhatsApp coming in 4th place behind 2x Microsoft entries.
Whatever the reason for Metas lawsuit, it all goes towards trying to make the Internet a safer place for everyone to enjoy.
With regards to Freenom, soon after Meta’s lawsuit hit, there was a rapid decline in the numbers of phishing sites being hosted across the five Freenom hosted Domains – so something good has come of the law suit.
