The Freename Forum

The Swiss Federal Office for Cyber Security (BACS) warns of “hoaxes with abandoned or forgotten Internet domains”. A case was reported to the BACS, which it describes as follows: A canton operates an application under the (fictitious) subdomain anwendung.kt.ch. However, this name does not lead directly to an IP address, but is only a kind of alias, which in turn leads to the domain kanton-anwendung.ch. This application was then taken out of service and the domain kanton-anwendung.ch was abandoned. Fraudsters noticed this, re-registered the domain and redirected it to a page with fraudulent competitions. What's more, they forgot to delete the old alias, so the fraudsters were able to misuse links with the official domain anwendung.kt.ch for their own purposes. In doing so, they exploited the fact that cantons enjoy a trustworthy reputation. The BACS therefore recommends, among other things: If a domain is no longer in use, weigh up the (low) costs of being able to keep it anyway against the possible consequences of a third party taking over the domain.

The BACS recommendations can be found at:
https://www.ncsc.admin.ch/ncsc/en/home/ ... ck_42.html