Using the identity of someone else (whois identity theft) can result in a lawsuit for fraud, or other action depending on the national laws in effect.
It is therefore not uncommon for fake whois information to be totally fictitious. This can take the form of:
- Blatantly fake whois information. Such entries may appear to be authentic to automated scoring systems, but appear obviously fake to a human investigator. For example:
person: Habra Kahdabrah address: 231 Noplace Special address: 90023 address: New York address: United States phone: +32.123123123 e-mail: firstname.lastname@example.org lastupdated: 2008-04-21 17:08:35
In the above instance, clearly a more rigorous scoring script could be called for (zip code in USA does not match the state, the telephone number has the wrong number of digits, the country code is not the correct code for the USA). Even if the zip code, and the telephone number were possible (ex. 10023, and +1.1231231234), even an excellent automated scoring system would accept the registrant data.
- Possibly correct whois information. These may be addresses that could be correct, and thus can fool both the automated scoring system, and an investigator who does not do a thorough investigation.For example:
person: Olf Jøsevold address: Postboks 7222 address: N-0103 address: Bergen address: Norway phone: +47.25905491 e-mail: olof.Josevold@gmail.com lastupdated: 2008-04-21 17:08:35
In this instance, only a dedicated abuse agent (or one living in Norway) would be able to spot the many fallacies and realize the data is fake.