Stagg's advance is always useful, and after confirming that he sees scams based on "databases being mined for information" frequently, he waxed lyrical on this particular vulnerability.
"So many bits of the Internet are still based on those happy days years ago when it was a small, trusted place and the Russians weren't plugged in," wrote Stagg. "The "WHOIS" database is a classic example. We always check it during penetration-testing, looking for convenient information leaks and occasionally using it for social engineering (famous example: large HK-based retail organisation; one fax on fake letterhead made from their Website, and we OWNED THEIR DOMAIN.....!"
This comment from the ever-inventive Mr Stagg helped spark this blog-post. What comes naturally to penetration-testers (and hackers) is a holistic view of security. Information from the "WHOIS" database is a starting point--correlate with other info gleaned from social networks, "friendly" phone calls to employees, graphics copied from Websites and suddenly a large Hong Kong-based firm no longer owns their own domain. This is why enterprises with significant brand-equity view in-depth online security as sound business practice. The risks are just too great...and diverse.
Stagg then gave some impromptu comments that I feel are worth relaying. "The Internet's greatest challenge is its inertia, and the astonishing amount of will required to upgrade even the tiniest part," he wrote. "Why do we still have spam? Why do we still need search engines? Why are phishers trying extort money? Because we can't upgrade the Internet!"
This string of invective raises more questions than this correspondent can answer, but remember this comes from the managing director of a firm dedicated to helping Hong Kong enterprises protect their networks, and the brand-equity they represent, from criminals who do far worse than blast out a million phishing e-mails based solely on the "WHOIS" database. But for now, let's keep it simple. Go ahead and type any URLs pertinent to your business into : . At the very least, it will show you the information any hacker can easily find, and list the expiration date of your domain-name. Being aware of security issues is always a best practice for enterprises. As Stagg points out, it's been years since the Internet was a small, trusted place.