And who might get "pawned" (pronounced "pawned")? Everyone on the "WHOIS" record. And what's the "WHOIS" record? According to Wikipedia: "WHOIS (pronounced 'who is') is a query and response protocol...used for querying databases that store the registered users or assignees of an Internet resource, such as a domain name, an IP address block, or an autonomous system, but is also used for a wider range of other information. The protocol stores and delivers database content in a human-readable format."

. If you want to find out who registered, for example, hongkong.com, go to and type it in--it will dish up the registration info at the time of registration.

It's a piece of information useful in basic intel-gathering, but I haven't thought of this registry in awhile. Until a friend sent me a panicked e-mail last week--he was convinced of cyber malfeasance. The dodgy missive contained his actual name/address/telephone number, and seemed to offer a search-engine-service in a manner more suited to warning of imminent domain-name expiration. There were links to the usual ("PROCESS SECURE PAYMENT" and "UNSUBSCRIBE INSTRUCTIONS") malware-delivery-sites, but, he said: "they've got my info!"88"

I suggested he remain calm and check the return email address, noting that as it was a string of letters and numbers with a ".in" domain, perhaps he wasn't in imminent danger. Unless of course he'd clicked on the links, which--following essential security practice--he hadn't. Deleting the malicious missive eliminated any chance of pwnage.

But it's been years since I saw a phish based on mining of the "WHOIS" database, so I contacted Richard Stagg, managing director of Hong Kong-based security and penetration-testing firm Handshake Networking.