In a recent article titled “Bulk Registrations Used for Unpaid Toll Scams,” Colin Strutt of Interisle Consulting Group delves into the alarming trend of bulk domain registrations being exploited for unpaid toll scams. Read the full article here.
Strutt builds on previous Interisle Insights articles that explored bulk domain registrations for cybercrime and unpaid toll scams. This time, he focuses on specific bulk-registered domains used in these fraudulent schemes, particularly those containing the term ‘txtag’.
Key Findings from the Article:
- Registration Patterns: The domains were registered through three registrars—Dynadot, NameSilo, and Dominet (HK)—in 26 bulk sequences between February 24 and February 28, 2025. Dominet (HK) was responsible for the longest sequences, including 159 domains registered in just 14 minutes.
- Ongoing Threat: The scam continued beyond February 2025, with expectations of more domains being reported in March. Interisle plans to monitor and analyze further data to understand the tactics and vulnerabilities enabling this abuse.
Strutt emphasizes the need for domain registrars and registries to monitor these patterns and take proactive measures to mitigate abuse. He also highlights existing systems like the Abuse Prevention and Early Warning System (APEWS) as effective tools to combat cybercrime-related bulk registrations. Quoting Strutt, “We recommend domain name registrars and registries monitor their systems for these domains and registration patterns and take action to mitigate the abuse.”
For a deeper dive into the data and analysis, read Colin Strutt’s full article: Bulk Registrations Used for Unpaid Toll Scams.
This summary is based on Strutt’s original work, and all credit goes to his research and insights.
