WPF Report: Call Don’t Click II – Still be smart about ordering federally mandated free credit reports

 

The report Call Don’t Click Update – Still be smart about ordering federally mandated free credit reports was published July 14, 2005. It is the second report in a series on AnnualCreditReport.com and related issues.

Report author: Pam Dixon 

You are at the report main page, where you can download the full report or navigate to parts of the report. The Background, Executive Summary, Index, and full report is in the text below.

Report Links:

  • Download the full report (PDF)

  • Read the Report Front Matter, Executive Summary, Index and the rest of the report below

 

Background of Report

This report focuses on annualcreditreport.com, and the issue of impostor “typo” domains that lead consumers to fraudulent websites, or websites charging a fee for what Congress has mandated should be a free credit report each year for consumers.

This report is Part II in a two-part series of reports concerning annualcreditreport.com. This report is available at www.worldprivacyforum.org, which is also where updates will be published.

 

About the World Privacy Forum

The World Privacy Forum is a non-profit public interest research and consumer education group focused on the research and analysis of privacy-related issues. The Forum was founded in 2003 and has published significant privacy research and policy studies in the area of health, online and technical, privacy, self-regulation, financial, and identity among other areas. www.worldprivacyforum.org

 

Executive Summary

The World Privacy Forum cautions consumers who qualify [1] to order a federally mandated free annual credit report [2] to ensure that they take common-sense computer safety steps before ordering their credit report online. [3] If consumers are unsure about any aspect of securing their computers, calling for a credit report via the official toll free number (877-322-8228) is a good option, as is mailing in for the report. [4] Both the phone and the mail options generally expose consumers to fewer potential hazards than the online option.[5]

The official annualcreditreport.com site has improved since its launch in December 2004. [6] However, there are continuing potential hazards posed by imposter Web domains, some of which have been aggressively attempting to deceive and misdirect consumers. From mid-May through the end of June 2005, the World Privacy Forum identified and tracked 233 domain name registrations that employed the words annual credit report in some combination or variation, or were close misspellings of the official site annualcreditreport.com.

Researchers documented that one hundred twelve (112) of the 233 registered imposter domains were active and online during the month of June, 2005. [7] This marks a 124 percent increase of documented active, online imposter sites from the World Privacy Forum’s February 25, 2005 report on this issue. (The February report documented 96 imposter domain registrations with 50 of the registered domains being active imposter domains.)

Of the 112 current online imposter domains, 7 of the domains have a posted privacy policy, and 21 of the domains allow consumers some way of making contact with the site. During the research period of May 16 to June 30 2005, the World Privacy Forum was not able to find or document any links from the 112 imposter domains that sent consumers to the official annualcreditreport.com site.

The imposter domains vary in content. Some imposter domains ask consumers to supply Social Security Numbers (SSNs), date of birth, and other highly sensitive information inappropriately. Other imposter domains containing the words annual credit report in various combinations are “link farms” [8] or “ad farms” that send consumers to for-pay services at subsidiaries of the credit bureaus Experian, TransUnion, and to other companies through affiliate marketing programs [9] and/or online keyword advertising programs. [10] And finally, some imposter domains send consumers to sites that have nothing to do with credit, for example, some imposter domains have plentiful links to pornographic sites. Four of the imposter domains forward consumers directly to the home page of a commercial data broker, Intelius. [11]

Consumers can land on imposter domains in two primary ways. Some consumers simply mistype the official domain name, or do not remember it correctly when they type it in. Others use a search engine to find the annualcreditreport.com site, and then land on an imposter domain when they click on the wrong result, or on a paid result, in a search engine listing. [12]

Researchers found that the search engines varied substantially in how well the official site was displayed after a search for the phrase “annualcreditreport” and related variations. Depending on the search engine used, consumers may encounter paid results that are listed before the official annualcreditreport.com site, thus creating the possibility of potential confusion for some consumers, even if the non-sponsored search results were generally accurate.

 

INDEX

 

CALL, DON’T CLICK UPDATE: STILL BE SMART ABOUT ORDERING FEDERALLY MANDATED FREE CREDIT REPORTS

SUMMARY

    • SUMMARY OF NEW FINDINGS:
    • SUMMARY OF CHANGES FROM FEBRUARY 25, 2005 REPORT:
    • RECOMMENDATIONS

DISCUSSION OF FINDINGS

FRAUDULENT, DECEPTIVE, OR MISSPELLED DOMAINS ARE STILL A PROBLEM

METHODS THE IMPOSTER DOMAINS ARE USING TO MISLEAD CONSUMERS

HOW THE OWNERS OF THE MISSPELLED DOMAINS ARE MAKING MONEY ON CONSUMERS

    •  How the scheme works: specifics on the mechanics of an affiliate marketer imposter domain

PAY PER CLICK AND OTHER COMPANIES INVOLVED IN ANNUALCREDITREPORT.COM IMPOSTER DOMAINS

IMPOSTER DOMAINS THAT ARE ONLINE AND ACTIVE

SEARCH ENGINE RESULTS AND ANNUALCREDITREPORT.COM

FINDINGS ON OFFICIAL SITE ANNUALCREDITREPORT.COM

RESOURCES

CREDITS

APPENDIX A: CONSUMER RESPONSES TO THE FEBRUARY 25, 2005 REPORT

APPENDIX B: SOURCE CODE OF THE REDIRECTS AT MISLEADING DOMAINS

KEYWORDS AND PROCESS FOR IMPOSTER SITES: EXAMPLE #1

EXAMPLE #2: AD CAMPAIGN FOR FREE CREDIT REPORT

EXAMPLE #3: DECEPTIVE CODING OF DOMAIN REFERRER

APPENDIX C: ADDITIONAL INFORMATION ON THE MISSPELLED DOMAINS

IMPOSTER DOMAIN NAME SERVERS

 EXPERIAN NAME SERVERS

DOMAININFORMATION

APPENDIX D: ARCHIVE OF RELEVANT ANNUALCREDITREPORT.COM PRIVACY POLICIES

APPENDIX E: IMPOSTER SITES ASSOCIATED WITH DOMAIN SPONSOR

APPENDIX F: CONSUMER TIPS

Online Tips

    • Online Tip: Beware of Imposter Domains
    • Online tip: Do not use a library or public computer to access your free credit report.
    • Online tip: Giving An Email Address is Voluntary
    • Online tip: Ensure you are following basic computer safety rules

Phone and Mail Tips

    • Phone and mail tip: Ask to mask all but the last four digits of your SSN
    • Phone and Mail tip: Get Your Report Mailed to a Secure Mailbox

Phone Tips

    • Phone tip: If you have a long or complex last name, or have a strong regional accent, you may have trouble using the automated phone system.

Storage and Disposal Tips

 

Summary

The World Privacy Forum cautions consumers who qualify [1] to order a federally mandated free annual credit report [2] to ensure that they take common-sense computer safety steps before ordering their credit report online. [3] If consumers are unsure about any aspect of securing their computers, calling for a credit report via the official toll free number (877-322-8228) is a good option, as is mailing in for the report. [4] Both the phone and the mail options generally expose consumers to fewer potential hazards than the online option. [5]

The official annualcreditreport.com site has improved since its launch in December 2004. [6] However, there are continuing potential hazards posed by imposter Web domains, some of which have been aggressively attempting to deceive and misdirect consumers. From mid-May through the end of June 2005, the World Privacy Forum identified and tracked 233 domain name registrations that employed the words annual credit report in some combination or variation, or were close misspellings of the official site annualcreditreport.com.

Researchers documented that one hundred twelve (112) of the 233 registered imposter domains were active and online during the month of June, 2005. [7] This marks a 124 percent increase of documented active, online imposter sites from the World Privacy Forum’s February 25, 2005 report on this issue. (The February report documented 96 imposter domain registrations with 50 of the registered domains being active imposter domains.)

Of the 112 current online imposter domains, 7 of the domains have a posted privacy policy, and 21 of the domains allow consumers some way of making contact with the site. During the research period of May 16 to June 30 2005, the World Privacy Forum was not able to find or document any links from the 112 imposter domains that sent consumers to the official annualcreditreport.com site.

The imposter domains vary in content. Some imposter domains ask consumers to supply Social Security Numbers (SSNs), date of birth, and other highly sensitive information inappropriately. Other imposter domains containing the words annual credit report in various combinations are “link farms” [8] or “ad farms” that send consumers to for-pay services at subsidiaries of the credit bureaus Experian, TransUnion, and to other companies through affiliate marketing programs [9] and/or online keyword advertising programs. [10] And finally, some imposter domains send consumers to sites that have nothing to do with credit, for example, some imposter domains have plentiful links to pornographic sites. Four of the imposter domains forward consumers directly to the home page of a commercial data broker, Intelius. [11]

Consumers can land on imposter domains in two primary ways. Some consumers simply mistype the official domain name, or do not remember it correctly when they type it in. Others use a search engine to find the annualcreditreport.com site, and then land on an imposter domain when they click on the wrong result, or on a paid result, in a search engine listing. [12]

Researchers found that the search engines varied substantially in how well the official site was displayed after a search for the phrase “annualcreditreport” and related variations. Depending on the search engine used, consumers may encounter paid results that are listed before the official annualcreditreport.com site, thus creating the possibility of potential confusion for some consumers, even if the non-sponsored search results were generally accurate. [13]

Summary of new findings:

  • At least 233 total domains with close or nearly identical spellings of annualcreditreport.com have been purchased. This is an increase from the findings in the first report.
  • At least 112 known and confirmed imposter domains were “live,” that is, online and are actively routing consumers away from the official site as of June, 2005. This is an increase of 62 domains from the findings in the first report.
  • 7 of the 112 imposter sites posted a privacy policy.
  • 21 of the imposter sites posted some form of minimal contact information, such as
    the ability to fill out a Web form or send an email.
  • Many of the imposter domains actively sent consumers to credit bureaus instead of to the official annualcreditreport.com site. This is happening because the pay per click and affiliate marketing issues articulated in the first report are still a substantial problem. When the “live” and “parked” imposter domains send consumers to commercial credit services and some credit bureaus, many of the imposter domains get paid for doing this via “pay per click” online advertising and/or affiliate marketing schemes.
  • Four imposter domains forwarded consumers directly to a commercial data broker, Intelius.

Summary of Changes from February 25, 2005 Report:

  • As of June 2005, 112 confirmed imposter sites were active online. This is 62 more domains than researchers documented in February, 2005. Some of the domains were more assertive about gathering consumer SSNs and other sensitive information than was documented in the earlier report.
  • Originally, only four sites were able to link to the official free credit report site: the Federal Trade Commission (FTC) and the three credit bureaus, Experian, Equifax, and TransUnion. The credit bureaus now allow legitimate organizations to link to the official Web site, which is a positive change from the first Call Don’t Click report. [14]
  • TransUnion’s initial implementation of its free credit report system has changed since the first report. The initial report noted that when consumers used the official annualcreditreport.com site to order reports from TransUnion, they were automatically selected to receive marketing information and product offers from subsidiaries and affiliates. This was done via a check box that was already checked at the TransUnion registration point of the annualcreditreport.com site. This issue has now been resolved, and TransUnion no longer pre-selects consumers to receive this marketing material on this particular page.
  • A commercial data broker, Intelius, is using annualcreditreport.com imposter domains to send consumers to its services. This was not a situation researchers uncovered in research for the February version of the report.
  • Consumers who go to a variety of search engines and type in the term annualcreditreport will frequently see the official site as the first non-paid result the official site, depending on which search engine is being used. That search engines can now index the official site is a positive change from the first report. Unfortunately, not all search sites clearly segregate paid and unpaid listings clearly, and this can pose problems.

Recommendations

  • (Detailed tips and recommendations for consumers are available in Appendix F and also at <https://www.worldprivacyforum.org/consumertips_calldontclick.html>. ) 
  • All Web domains that are online and that use the keywords annual credit report in various combinations, or domains which are close misspellings of the official site, need to be taken offline immediately and turned over to the Central Source. [15]
  • The FTC should require credit bureaus and their subsidiaries to cease and desist from all search engine and other online advertising campaigns – including affiliate marketing programs — that use the words annual + credit + report in any combination if these search terms take consumers to a for-pay commercial site or any site other than the official annualcreditreport.com site. This is a challenging area, but one that needs to be tackled.
  • The credit bureaus and their subsidiaries should be required to closely audit their marketing affiliates and search engine marketing campaigns for abuses and take action. Any credit bureau affiliates using domains containing the words annual credit report should be disaffiliated immediately and the domain turned over to the Central Source. To date, this has not been happening in a consistent or timely manner.
  • There are substantial problems with imposter domains that are parked or live “ad farm” or “link farm” domains. These domains frequently post dozens of text advertising links to credit bureaus and credit services. This is an out-of-control area of e-commerce that needs to be looked at very closely by the FTC for consumer fairness issues. Consumers who land on “link farms” or “ad farms” should receive some disclosure about what it is they have landed on so they can make informed decisions. Well-known domain registrars are among the entities creating the imposter domains, and well-known search engines are among those filling the domains with commercial credit bureau and debt consolidation ads. In addition to creating more accountability for the credit bureaus and their affiliate marketing advertisements, the companies responsible for creating the domains and/or the advertisements sitting on the imposter domains also need to shoulder some of the responsibilities to the consumer.
  • The commercial data broker Intelius is using domains that contain the keywords annual credit report to forward consumers to its data brokerage services. These domains should be returned to the Central Source immediately.
  • Those Web sites that state in their source code that they are referring consumers from a domain other than the actual domain should be held accountable for deceptive practices. This would apply especially to questionable sites that redirect consumers to legitimate businesses by altering the domain referrer information.
  • A search of “annualcreditreport” using a search engine such as Google.com, Yahoo.com, or MSN.com typically brings up the official site plus in some cases sponsored listings for commercial sites and services that are not the official annualcreditreport.com site. While this is an accepted business practice, this is a cause for concern in instances where there may be consumer confusion about which search results are paid listings, and which are the unpaid listings. Because of the importance of the annualcreditreport.com site, it is important for the FTC and the credit bureaus to continue public education campaigns to differentiate the official site. Although display of search results is admittedly a larger Internet issue, it is still important for all search engines to follow the FTC guidelines for clearly differentiating search engine placement of paid and sponsored results. [16]

 

Discussion of Findings

Fraudulent, deceptive, or misspelled domains are still a problem

Researchers documented that 233 domains containing the keywords annual credit report or close misspellings of annualcreditreport.com had been registered. [17] Of the total registered imposter domains, 112 +/- 3 were online and available to consumers as of June, 2005. The pretender domains showed up in some search engine results, and some of the pretender domains showed up in some search engines’ paid or sponsored listings sections.

The graphic below (Figure 1) is an example of an imposter domain pretending to be the real annualcreditreport.com. Here, annualceditreport.com (note the missing “r” in credit) is claiming on its home page to be annualcreditreport.com, and boasting that it is “Your Access to Free Credit Reports.”

Figure 1. An imposter domain. Note the misspelling of the URL in the address bar. Also note the links to Annual Credit report online; these links did not lead to the official site at the time of analysis.

 

This site pictured above represents a typical pretender domain’s approach to misdirecting consumers. It is also an excellent example of what a “link farm” looks like.

Link Farms and SSN-grabbers

Currently, the majority of the imposter sites are “link farms” set up by pay-per-click marketing companies. Link farms are domains that contain dozens of links to sites that have a marketing relationship with the link farm owner, or links that are ads of some sort. Each time a consumer clicks on a link at a link farm, the owner of the link farm typically gets paid a few cents by an advertiser or affiliate marketing partner. Link farms are part of what are generally called affiliate marketing schemes, and affiliate marketing is how the majority of the imposter domains are making their money. Some link farms are also created by search engine optimization companies to cause a domain to rise in search rankings.

No matter why they were created, link farms can act as a barrier to consumers who are attempting to access the official www.annualcreditreport.com site.

Examples of this type of domain include that seen in Figure 1, and also domains such as www.annualfreecreditreport.org, annualcreditbureaureport.com, annualcreditorreport.com, and www.annual-credit-report.org. While these domains do not request SSNs from consumers right away, many of these domains lead to highly questionable businesses that do request information inappropriately from consumers.

Other types of imposter domains include more problematic sites that aggressively attempt to deceive consumers into giving SSNs and other information. One site in particular stood out as extremely fraudulent and deceptive: wwwannualcreditreport.com. (Note that there is no period between the “www” and annual). This imposter site requested consumer SSNs, date of birth, address, name, and then according to the site privacy policy, that information was shared with other companies, including car dealerships. The site was in operation until June 6, 2005. [18]

Some imposter domains steal credit bureau logos and use trademarked names and symbols to lure consumers into believing the site is legitimate. One such site, www.freeannualcreditreports.com, had inappropriately taken Experian’s ConsumerInfo logos and had created a fake domain that looked just like the credit bureau site, but without the privacy policy. After researchers brought this site to Experian’s attention, the deceptive logos were removed. However, the site did not get taken down entirely. A “link farm” containing links to ConsumerInfo and to TransUnion for-pay services – among others — took its place and was still up at the close of the research period.

Specific Examples of Imposter Sites

The following domains are examples of actual imposter sites that were live and online during the research period, which ended June 30, 2005.

Imposter Example #1: wwwannualcreditreport.com

This site was collecting SSNs of consumers, and then, according to the site privacy policy, was sharing those numbers with other companies. Researchers acted to have this site taken down immediately upon discovery; researchers uncovered the site June 1 2005, after which the Central Source was notified. The site was offline by June 6, 2005. It is unknown how long the site was operating prior to that time.

Imposter Example # 2: The sites www.annual-credit-reports.com, www.annual- credit-report.org, and www.free-annual-credit-reports.com. [19]

After typing in the domains above, consumers were be redirected to http://www.spendonlife.com/freecreditreport/, where they were then instructed to fill out an online form to get their “free credit report” for “credit peace of mind.” Actually, what is happening is that the site is a “lead generator,” that is, its purpose is to collect consumer emails. According to the site’s materials:

“SPENDonLIFE.com is an online leads marketplace that empowers mortgage brokers and lenders to obtain quality, highly targeted mortgage loan leads at low prices. SPENDonLIFE.com generates fresh real-time internet mortgage leads from qualified, motivated consumers looking for home loans, mortgage refinance loans, home equity loans or debt consolidation loans.” 20

and:

“Join The Best Debt Consolidation Affiliate Program and Make Money Debt Consolidation webmasters get paid $7.50 per lead . Look how simple our debt consolidation application is!” [21]

The real potential trouble on these imposter sites may be found on the “Free Debt Analysis” page. This page asked consumers to complete a detailed form that requests first and last name, debt amount, email address, phone number, and names of creditors. [22] This is apparently the form that provides the “fresh leads” the site brags about elsewhere.

On this site, consumers who click on a link to order a free credit report will get directed to Qspace, a site related to ConsumerInfo. ConsumerInfo is a wholly-owned subsidiary of the Experian credit bureau. If a consumer clicked on the order button from one of these imposter domains, this is the URL they would see, or something very similar:

https://qspace.iplace.com/cobrands/838/order1_1.asp?p=1&afd=35&sc=65770001

Oddly, the Spendonlife privacy policy posted on these three imposter sites mentions a number of privacy and consumer protection organizations such as the Privacy Rights Clearinghouse, EPIC, and the FTC, stating that they are good resources. The privacy policy provides no links or URLs to direct consumers to these resources.

Intriguingly, there is an additional – and different — Spendonlife.com privacy policy and site. This other privacy policy is available at http://qspace.iplace.com/cobrands/465/privacy.asp and is a Truste verified privacy policy. This policy is also completely different than the policy consumers access from the three imposter domains. The quspace.iplace.com policy states plainly that it is a ConsumerInfo site, and:

“Note to Spendonlife.com users: If you place an order for our products or services through co-branded web pages that display both our name and Spendonlife.com’s, our partnership agreement with Spendonlife.com specifies that both companies may use the information you provide. Spendonlife.com’s privacy policy governs their use of your information, as this policy governs ours.” [23]

It is unknown if the three imposter sites are inappropriately using the Spendonlife.com’s trademarks or images, or what ConsumerInfo relationships the sites do or do not enjoy. It is unknown which privacy policy is the actual policy that applies to consumers. What is known is that these sites — www.annual-credit-reports.com, www.annual- credit-report.org, and www.free-annual-credit-reports.org– are apparently working to collect leads, not working to send consumers to the official www.annualcreditreport.com site.

Imposter Example #3: www.annualcreditreportrequestservice.com, www.onlineannualcreditreport.com, creditreportanually.com, and annualonlinecreditreport.com.

These four imposter sites, at last check, resolve to the commercial data broker Intelius and do not lead consumers to the official www.annualcreditreport.com site. Specifially, the sites resolve to http://find.intelius.com/search-name.php. Intelius has made no effort to inform consumers that its site is not the official annualcreditreport.com site, despite that Intelius was – and at last check still is — appropriating annualcreditreport-related Web domains to attract consumers to its for-pay services.

Imposter Example #4: The domains www.annualcreditmonitoringreport.com and www.freeannualcreditmonitoringreport.com

These two sites redirect consumers away from the official www.annualcreditreport.com site to a site called freecreditprofile.com, where consumers are asked to provide their name, address, email, and other information about themselves. Freecreditprofile.com is associated with the TransUnion credit bureau. Technically, Freecreditprofile.com is a “product of TrueCredit.” 24 TrueCredit is a wholly owned subsidiary of the TransUnion credit bureau. [25]

The annualcreditmonitoringreport.com domain uses framesets to forward consumers to Freecreditprofile.com from nameservers belonging to Domainmanager, a company that specializes in assisting domain owners with redirects such as this.

The other domain, www.freeannualcreditmonitoringreport.com, resolves to www.annualcreditcheck.com, which then displays Freecreditprofile.com in a frame. This domain forwards consumers from nameservers belonging to Fabulous.com, a company that focuses on pay per click and affiliate schemes. [26] Whois records indicate that the www.freeannualcreditmonitoringreport.com domain is owned by Ousel Internet Development. [27]

It is unknown if TransUnion is aware of the redirection of these sites to its commercial services.

Imposter Example #5: DomainSponsor’s 68 imposter sites [28]

DomainSponsor, a well-known affiliate marketing company that is also associated with the search engine Information.com, owns and or manages a large number of imposter site link farms. As many as 18 of the known 68 DomainSponsor sites have at one time stated in their title bars that the domain is “AnnualCreditReport,” even when the domain was only a close misspelling of the official site.

None of the 68 Domain Sponsor sites have privacy policies or contact information. None of the 68 Domain Sponsor imposter sites led consumers to the official annualcreditreport.com site during the research period.

Imposter Example #6: www.freeannualcreditreports.com

This domain was discussed previously. When typed in, this imposter domain resolves to creditkeeper.com. When researchers originally found this site, it was inappropriately copying a ConsumerInfo site nearly image for image. After the site was identified in early June to ConsumerInfo as a problem affiliate that was using the keywords annual credit report to misdirect consumers, the imposter site removed the ConsumerInfo images and changed its information three times within a 24 hour period.

At last check, this site is still apparently acting as some sort of marketing affiliate of ConsumerInfo in that it is still directing consumers to commercial services at ConsumerInfo and other companies via apparent affiliate marketing links. The domain name has not been taken offline or transferred to the Central Source. The site, which is an apparent link farm, does not post a privacy policy. Unfortunately, this type of site is typical of the imposter domains.

Methods the Imposter Domains Are Using to Mislead Consumers

The annualcreditreport.com imposter domains were using sophisticated variations of online bait-and-switch techniques to lure consumers to the wrong sites. Primary techniques included the following:

A. The imposter domain names contain the words annual credit report in various combinations. An example of this is the domain www.annualonlinecreditreport.com. The key words used in the imposter domain brings users in through search engine results, paid and unpaid. Once at the imposter domain, which in this case is a domain for a commercial data broker named Intelius, consumers may then be asked for SSNs and other sensitive information for completely different purposes than for ordering a federally mandated free credit report.

B. The imposter domains may also incorrectly claim to be annualcreditreport.com or AnnualCreditReport on their home pages, confusing consumers about which domain is the real domain. Many domains do this, for example, www.annualcrditreports.com.

C. Affiliate marketing with credit bureaus: Many of the imposter domains appear to have affiliate marketing or advertising relationships with Experian or TransUnion. That is, some imposter domains are affiliate marketing partners of Experian or TransUnion, and as such, the imposter domains link to legitimate commercial credit services. For example, freeannualcreditreports.com appears to be a ConsumerInfo/ Experian affiliate, and it is also an imposter domain. The domain www.annualcreditmonitoringreport.com appears to be a TransUnion affiliate and it is an imposter domain. [29]

The imposter domains that have affiliate marketing relationships are particularly problematic in that they have an appearance of legitimacy by linking to real credit bureaus. Some of the imposter sites do not just have affiliate marketing links. Instead, some of the imposter sites use online advertising to fill their sites with text links.

D. Some of the domains may correctly label their home pages, but then incorrectly include deceptive domain forwarding information within their source code. This deceptive information incorrectly identifies the domain to a search engine, or a credit bureau, or other ad partner or affiliate.

The techniques described above are not unique to the annualcreditreport.com site. Imposter domains typically target any Web site that receives high traffic and then use that traffic to make money from referrals or “click throughs”. This is an unfortunately common Internet business model. For example, Delta Airlines at one time had a persistent problem with an imposter site. The Delta imposter set up a site wwwdelta.com (no period between the w and the d) that took consumers to an entirely different domain. Delta took action against the imposter, and the case was eventually was settled in Delta’s favor via arbitration. [30]

Not surprisingly, the official www.annualcreditreport.com site was targeted by the exact same technique that had been used on the Delta domain. The result, wwwannualcreditreport.com was a highly problematic site.

While imposter domains are a general Internet problem, what is unique about the annualcreditreport.com site is that tens of millions of consumers or more may potentially access the official site once per year, every year. These consumers are accessing the site prepared and willing to enter their Social Security Numbers and other highly personal data in order to get a credit report. With such a high volume and the potential for collection of highly sensitive consumer information, annualcreditreport.com is a top target for imposter sites and identity thieves.

How the Owners of the Misspelled Domains are Making Money on Consumers

As discussed previously, the imposter domains fall into two broad categories: the imposters are either “SSN grabbers” or they are “link farms.” The SSN grabbers comprise a minority of the imposter domains. These domains make money by collecting consumer information and sharing it with others for a fee or for barter.

The most commonly encountered money-making scheme among the imposter sites is that of an affiliate partnership with credit bureaus and other credit-related companies. Affiliate marketing and link farms are often woven in a complex tapestry of Web sites and advertising agreements, and these sites can work in a variety of ways. [31]

But the essential way affiliate marketing works online is that a company pays a site to send Web traffic its way. This can be done directly through sites that are large collections of links, or link farms. Sometimes, ads based on keywords are taken out for a marketing campaign, and are posted on various search engines and other sites. For example, an online ad or affiliate marketing campaign studied for the February report included the keywords “free +credit + report + online.” This program sent consumers to Experian and other credit services via the imposter sites. [32]

The Experian, TransUnion, and Equifax credit bureaus all have active affiliate marketing programs, each of which operates slightly differently. [33] In research conducted for this report, the World Privacy Forum found that Experian and TransUnion were associated with link farms using domain names containing the keywords annual credit report in some combination or variation. Researchers did not find Equifax associated directly with any link farms using annual credit report in the domain names during the research period.

However, affiliate marketing services offering “3 credit bureau reports” were associated with the keywords annual credit report.

How the scheme works: specifics on the mechanics of an affiliate marketer imposter domain

This is a simplified explanation of what is happening to consumers. For more details and examples of how the source code looks and operates, please see Appendix A.

1.An individual types in official annualcreditreport.com domain name with a misspelling, or they click on an imposter result or ad in a search engine result list. In this example the domain is annualcresitreport.com, which is an easy typo mistake to make.

2. The annualcresitreport.com domain name is parked at or managed by a “pay per click” domain company, in this example, the annualcresitreport.com Web site is parked at DomainSponsor.com.

3. The annualcresitreport.com home page contains links to Free Credit Reports and similar topics. (PDF of home page).

4. Consumers who click on the “Free Credit Report Online” links will be taken to a page of “sponsored links.” The four sponsored links on the site in this example are “Free Credit Report Now,” Instant Credit Report, Online Credit Report, and Free Credit Report. (PDF of Sponsored Links page).

5. After clicking one of these sponsored links, individuals will be redirected through a series of Web sites. This will happen so quickly that most will never see the information flashing across the address bar. For example, say a consumer clicks on the sponsored link “Free Credit Report.” In this example, that link will take the consumer first to Information.com then to Google.com, then finally, the consumer will land on an Experian credit bureau site that lets consumers check their credit — for a fee. All of this redirection will happen in the blink of an eye and will not be obvious to most consumers.

(PDF of ConsumerInfo via Qspace, arrived at via clicking on the imposter site link).

The reason this redirection happens is so that keywords or search terms can be passed along to advertising partners. This ensures that everyone in the chain gets a commission from the click. Meanwhile, ConsumerInfo.com/Experian gets customers. And the owner of the annualcresitreport.com domain gets a potential financial payout from the click-through.

Everyone makes money or gets a benefit, except for the consumer who did not make it to the real annualcreditreport.com site.

For the record, the annualcresitreport.com imposter site in this example had four “sponsored links” leading to the following sites:

 

Pay Per Click and other Companies Involved in AnnualCreditReport.com Imposter Domains

Many of the imposter domains are link farms registered to or connected in some way with pay-per-click advertisers or Web hosting companies. Pay-per-click and domain hosting companies specialize in creating hundreds and sometimes thousands of domains for the primary purpose of making money from consumer clicks from links or ads associated with affiliate marketers.
Specifically, 68 of the imposter domains are affiliated with DomainSponsor, [34] a “pay per click” domain parking engine. This is revealed by the name servers of nsproredirect1/nsproredirect2, which are the well-known name servers Domain Sponsor allows domain parkers to use. [35] The domains parked at Domain Sponsor make extensive use of frames [36] to disguise what is happening to consumers.
A feature that can sometimes be seen on some imposter sites are pages full of Google ads or Google-style ads. Google has a program called Domainpark that enables companies or individuals with parked domains meeting certain criteria to allow Google to place textads on those domains. Everyone in the click foodchain makes a little money when those text link ads are clicked by consumers – except for the consumers.

Imposter domains that were “live” at the time of writing were hosted by the following companies on the following name servers, among others:

DomainSponsor
Name Server: NS1.PROREDIRECT.COM

Enom
Name Server: DNS1.NAME-SERVICES Also
NS1.123COMMERCE.COM
Also
NS1.DOMAINMANAGER.COM

GoDaddy
Name Server: PARK17.SECURESERVER.NET

Budget Names
Name Server: NS1.RENTALQUEUE.COM

Domain Hop
Name Server: NS1.DOMAINHOP.COM

Fabulous
Name Server: NS1.FABULOUS.COM

Below are some other company names associated with the imposter domains in various ways:

Sedo Parking < http://www.sedoparking.com/ >
Google’s Domainpark program [37] < http://www.google.com/domainpark/ >,

Infosonar AdOn Network, pay per click and cost per view < http://infosonar.mygeek.com/adon_network.jsp>

Domain Spa, < http://www.domainspa.com/US/>
And < http://www.domainspa.com/US/target_inside.asp>

It cannot be emphasized enough that the relationships between the domain registrants, domain registrar companies, pay per click hosting and parking companies, ad companies, affiliate marketing relationships, and the advertisers is extremely complex.

For example, the domain www.freannualcreditreport.com resolves to freeonlinecreditrecord.com. The freannualcreditreport domain name was registered at Enom.com by a GreenApple Properties. The name servers state the site is at ns1.123commerce.com. The name, when typed in, resolved to freeonlinecreditrecord.com.

A more thorough service scan notes the following for HTTP Port 80:

HTTP/1.1 302 Found
Date: Wed, 13 Jul 2005 20:40:13 GMT
Server: Apache/1.3.33 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 PHP/4.3.9 FrontPage/5.0.2.2634a mod_ssl/2.8.22 OpenSSL/0.9.6b
Location: http://apps5.oingo.com/apps/domainpark/domainpark.cgi?cid=SPOR8573&s=www.123chi na.com
Connection: close
Content-Type: text/html; charset=iso-8859-1

Note in particular the location information that is highlighted in purple. Now a new domain, domainpark, makes an entry, and yet another name arrives, www.123china.com. The path for this domain is hardly straightforward.

Meanwhile, the imposter domain contained variable ads, including those for monitoring credit reports at www.reliacredit.com, for getting instant credit reports from www.globalcreditreport.com and for purchasing identity theft protection from www.globaldirectsvcs.com. Do these companies know their advertising is on an imposter site? That is unknown.

The end result of all of the domain advertising and affiliate marketing is potential consumer confusion. Consumers who mistype in annualcreditreport.com or click on an imposter domain from a search engine result and land at one of these active imposter domains will frequently either find a page filled with text link ads, or they will be besieged by pop-ups, pop-unders, and persistent advertisement windows. [38] Researchers documented pop-up advertisements for Phoenix University, virus scanning software, a host of “free” items, and credit report advertisements. Many of these advertisers do not understand that their ads are being placed on these sites due to the complexity of how the ads were placed on the site.

Consumers who land on these imposter domains, parked or otherwise, should simply close their browsers and start over, or simply call the toll free number for their credit report.

Finally, some of these pay per click companies also own or are closely affiliated with search engine sites. For example, DomainSponsor is affiliated with the search engine Information.com. Information.com in turn collects all of the information flowing into its site from the imposter domains and makes money by selling or sharing the information. [39]

(PDF of Information.com privacy policy.)

Based on the WHOIS registry information and information on Information.com and DomainSponsor, it is possible to go one step further. DomainSponsor.com is registered by Oversee.net, and Information.com is also registered by Oversee.net. Information.com states on its Web site that it is an Oversee.net company. It appears that Information.com uses its apparent DomainSponsor product to set up imposter domains and feeds the keywords and ad campaigns into its own search engine.

Imposter Domains That Are Online and Active

During the research period ending June 30 2005, Researchers uncovered 233 total imposter domains, 112 of which at the time of research were online and were actively engaging consumers in a way that was either fraudulent, confusing, or deceptive.

During research for this report, some of the imposter domains changed status and sometimes even names every couple of hours. Also during research for this report, the total number of imposter domains increased incrementally every week.

If this pattern continues, there is a good probability that more misspelled domains already exist, or will be registered in the future. 40 There is also the possibility that the live and non-live domains will continue to shift. This list of domains should be viewed as a snapshot in time for the period of June, 2005.

wwwannualcreditreport.com

freeannualcreditreports.com

annuilcreditreport.com

annualcrditreports.com

annualccreditreport.com

annualcredditreport.com

annualcreditrepoort.com

annualcrreditreport.com

annalcreditreports.com

annualcreditreportwebsite.com

annualcreditsreport.org

freeannualcreditsreport.com

annualcreditsreports.com

annualfeecreditreport.com

annualfrecreditreport.com

annualfreecreditreport.org

wwwannualfreecreditreport.com

annuallycreditreport.com

annuallycreditreports.com

annualreecreditreport.com

orderannualcreditreport.com

annualcreditreportform.com

requestannualcreditreport.com

getfreeannualcreditreport.com

annualcreditorreport.com

annualcreditmonitoringreport.com

freeannualcreditmonitoringreport.com

theannualcreditreport.com

annual-credit-report.org

free-annual-credit-reports.com

free-annual-credit-reports.org

annualcreditreportrequestservice.com

freeannualcreditreports.net

onlineannualcreditreport.com

creditreportannually.com

annualonlinecreditreport.com

anualcreditreports.com

annuacreditreport.com

annualcreditrepport.com

annualceditreports.com

creditannualreport.com

annualvcreditreport.com

annualycreditreport.com

reportcreditannual.com

creditreportannual.com

annualcresitreport.com

annalcreditreport.com

snnualcreditreport.com

annuelcreditreports.com

annualfreecreditreport.com

annualfreecreditreports.com

creditreportannualy.com

annualcreditreportonline.com

reeannualcreditreport.com

wwwlannualcreditreport.com

wwwfreeannualcreditreport.com

returntoannualcreditreport.com

annualcreditpreport.com

annualcreditcreport.com

experianannualcreditreport.com

annuakcreditreport.com

freecreditannualreport.com

annualcreditsreport.com

returnannualcreditreport.com

annualcreditbureaureport.com

freannualcreditreport.com

free-annualcreditreport.com

getannualcreditreports.com

annualcreditreportz.com

free-annualcreditreports.com

annualcreditreportfree.com

getannualcreditreport.com

eannualcreditreport.com

annualcreditbureaureport.org

nnualcreditreport.com

aannualcreditreport.com

wwwwannualcreditreport.com

annualcreditreportcom.com

wwannualcreditreport.com

wwwannualcreditreport.net

wwwannualcreditreport.org

wwwannualcreditreports.com

freeannual-creditreport.com

reportannualcredit.com

annualcredit-reports.com

annualcreditcardreport.com

annualcreditcardreports.com/

annualcreditcheckreport.com

annualcreditfreereport.com

annualcreditratingreport.com

feeannualcreditreport.com

fereannualcreditreport.com

fereeannualcreditreport.com

freeeannualcreditreport.com

frreannualcreditreport.com

onlineannualcreditreport.org

sannualcreditreport.com

equifaxannualcreditreports.com

equifaxannualcreditreports.org

freeannualcreditreports.org

onlineannualcreditreports.com

onlineannualcreditreports.org

transunionannualcreditreports.com

transunionannualcreditreports.org

annualcreditreportsfree.com

annualcreditscorereport.com

annualcreditscorereports.com/

annualcreditreporter.com

annualcreditreporte.com

annualcreditreportforfree.com

annualcreditreportonline.org

annualcreditreportr.com

Research Note: Two domain names, www.httpannualcreditreport.com/index and
freeannualcreditbureaureports.com came up twice; once upon discovery and once during a complete check. These domain names were left off of the final list of active domains because after resolving upon discovery, they did not resolve a minimum of two additional times during complete checks, which is the minimum requirement for a site’s inclusion on the list.

Search Engine Results and AnnualCreditReport.com

Many consumers rely on search engines to look for and find Web sites they want to visit. Consumers who remember that they want to find “annualcreditreport.com” may very well go to Google.com, Yahoo.com, MSN.com, or a variety of other search engines and type in search phrases such as annual credit report or annualcreditreport or annualcreditreport.com, among others.

Researchers tested these search phrases and keywords, among others, at a variety of search engines to see what sites consumers would be seeing in the first pages of results. During the month of June, 2005, the official site is the number one listing at many but not all search engines. Sponsored results are also showing up in some search sites, some of which then compete with the official results, depending on which search engine was used.

While this report does not focus on search engine results, the placement of paid listings does pose a potential issue for consumers. A January 2005 Pew Internet & American Life Project survey found users of Web search engines to be “unaware and naïve” about the role financial remuneration can play in some search engine listings. The report states:

Only 38% of users are aware of the distinction between paid or “sponsored” results and unpaid results. And only one in six say they can always tell which results are paid or sponsored and which are not. This finding is ironic, since nearly half of all users say they would stop using search engines if they thought engines were not being clear about how they presented paid results.” [41]

Even very basic testing on annual credit report –related terms points to the need for all search engines to follow the FTC recommendations regarding conspicuous disclosure of paid results and advertising. In its recommendations about this matter, the FTC noted in June, 2002 that search engines should do the following:

  • “Any paid ranking search results are distinguished from non-paid results with clear and conspicuous disclosures;
  • The use of paid inclusion is clearly and conspicuously explained and disclosed; and
  • No affirmative statement is made that might mislead consumers as to the basis on which a search result is generated.” [42]

Consumer Reports Web Watch has extensive research materials for consumers about search engine results and their relationship to paid advertisements. These materials are available at < http://www.consumerwebwatch.org/dynamic/search-report- disclosure-update-abstract.cfm>.

 

Findings on Official Site AnnualCreditReport.com

Version 2 of the Call Don’t Click report does not re-analyze the annualcreditreport.com site proper. The most recent analysis of the site is available at the first version of the Report dated February 25, 2005 <https://www.worldprivacyforum.org/calldontclick.html>.

Resources

Toll Free number for accessing federally mandated free credit report:

877-322-8228

For mailing, complete the Annual Credit Report Request Form and mail it to:

Annual Credit Report Request Service
P.O. Box 105281
Atlanta, GA 30348-5281

The Annual Credit Report Request Form is available online at: <http://www.ftc.gov/bcp/conline/edcams/credit/ycr_free_reports.htm>

Federal Trade Commission page on Free Annual Credit Reports: <http://www.ftc.gov/bcp/conline/pubs/credit/freereports.htm>

 

Credits

Dave Del Torto of Cryptorights.org was instrumental in the early stages of this research.

Daniel Brandt of Public Information Research and Namebase.org provided information on the details of online ad campaigns and how the click flows work with affiliate marketing programs for both versions of the report as well as technical proofing for the report.

The report and June 2005 conference on Search Engines by Consumer Reports WebWatch was helpful in shaping the information about search engines and the official site.

Gary Mittman of Nami Media provided information about the “pay per click” business model and world.

Daryl Swensson, Technology Research Fellow at the World Privacy Forum, assisted in the proofing of the early report drafts.

L.K. Davidson provided editorial proofing of both versions of the report.

John Boak, Webmaster of World Privacy Forum, created the design for the report.

Jordana Beebe of Privacy Rights Clearinghouse provided particularly important feedback during the peer review process for the first version of the report.

Tips provided by the Attorney General of Michigan’s February 2005 consumer alert were indispensable in thinking through the consumer information in the report.

 

Appendix A: Consumer Responses to the February 25, 2005 Report

Since the publication of its first Call Don’t Click report in February 2005, the World Privacy Forum has received follow-up consumer queries concentrated in three areas:

  • Complaints about difficulties using the automated phone system if the individual had a strong accent or a highly complex name.
  • Questions about which parts of the official annualcreditreport.com site were free or not, and which parts of the site were actually part of the credit report. (For example, a common question was if a credit score was part of the official credit report.)
  • Complaints and questions about being confused about which domain was the official domain.

The identity verification process for the annualcreditreport.com site and phone system is another area where there has been consumer feedback.

  • The World Privacy Forum received one question about what to do when a family member inappropriately accessed an individual’s credit report by correctly answering the identity verification questions via phone.
  • The Electronic Privacy Information Center (EPIC) has received numerous complaints from consumers who were not able to access their reports because they failed to pass the identity verification questions.
    Appendix B: Source Code of the Redirects at misleading domains
    This appendix contains selected source code that resides within the framed templates of some of the misspelled domains and discusses how it operates.

Keywords and Process for Imposter Sites: Example #1

DomainSponsor pages are redirecting traffic with the key words “free credit report online.” Note the keywords bolded in red below from the source code of the page annualcresitreport.com. The relevance of the keywords is that their appearance in this code signals that someone paid for these keywords to lead to a specific domain. These keywords below were directed to Information.com, then to Google.com, then finally went to ConsumerInfo.com.

The deduction is that ConsumerInfo.com, an Experian company, or some other company, paid to send consumers who type in these keywords to their ConsumerInfo.com site, a for -pay credit report site.

For information directly from DomainSponsor about how its pay per click model works, check its FAQ at <http://www.domainsponsor.com/faq.html>.

<script language=”Javascript” src=”http://landing.domainsponsor.com/scripts/flex.php?doma inname=annualcresitreport.com&a_id=565&num=6&option=javascr ipt&module=oneclick&position=main_popular&keywords=free+cre dit+report+online&offensiveness=0&srch=110910183180260225&s ub1=”>

</script>

Ideally, the free credit report online keywords should lead consumers to the federally mandated free credit report site, annualcreditreport.com.

Example #2: Ad campaign for Free Credit Report

In another example, the imposter site annualcreditroport.com is sending people forward tagged with the keywords or search terms free credit report. Looking within the frame, the source code reads:

<script language=”Javascript” src=”http://landing.domainsponsor.com/scripts/flex.php?doma inname=annualcreditroport.com&a_id=583&num=6&option=javascr ipt&module=oneclick&position=main_popular&keywords=free+cre dit+report&offensiveness=0&srch=11091086221563765040&sub1=” >

</script>

Again, the terms free credit report should ideally lead consumers to the annualcreditreport.com site if these keywords have been purchased by a credit bureau.

Example #3: Deceptive coding of domain referrer

In a third example, if a consumer types in the domain <annuolcreditreport.com>

He or she will be redirected to this Web address:

http://apps5.oingo.com/apps/domainpark/domainpark.cgi?cid=SPOR8573&s=www.annualcreditrecord.com.

This URL change from the domain annuolcreditreport.com to a domain with the word “domainpark” in it is a sure sign that the consumer has landed on a parked domain or a “pay per click” scheme. This site did not hide its source code in a frame, and evidently found a way to give its domain more credibility, as it has a direct advertising relationship with Google.

This is important because it appears that Experian or another company has taken out a Google online ad campaign to bring consumers to an apparent Experian commercial site called “Free Credit Report in Seconds.com” via Qspace, a domain hosted on Experian name servers.

The code below states that the domain consumers are coming from is annualcreditrecord.com. This is actually not the domain consumers typed in, so this is problematic and deceptive. The site should state the actual URL in the code, which is annuolcreditreport.com. This would alert Google, Experian , and other companies that consumers are being misled.

Source code of annuolcreditreport.com:

Note the statements in red. The Googlesyndication code indicates this is a Google ad campaign. The domain name = annualcreditrecord.com in red indicates (falsely) to Google and other domains the site name, and adurl= Free-Credit-Report-in-Seconds.Com indicates the target, or final destination. Presumably, an individual associated with the final destination paid for the advertisement campaign, though this is not always the case.

href=”http://pagead2.googlesyndication.com/pagead/iclk?sa=l&amp;ai=Blz9SmagbQpC AFsiesQGb5MxVh8r8CNPq- qEBwI23AeD6IBACGAIgjqmGAigKSME5mAHb24ICqgEjdGVzdF8wNjgrdGVzdF8w MzErdGVzdF8wNDArdGVzdF8wMDSyARZhbm51YWxjcmVkaXRyZWNvcmQuY29t yAEB2gEpaHR0cDovL2FubnVhbGNyZWRpdHJlY29yZC5jb20vLTYyNjAwODg3NW Q&amp;num=2&amp;adurl=http://Free-Credit-Report-in-Seconds.Com/index.php%3Fsrc%3D904&amp;client=ca-dp- sportacle&amp;domain_name=annualcreditrecord.com” target=”_top”>Free Credit Report Online</a><br><span>See Your Credit Report Credit Score or 3 Bureau Report Now!<br></span><a href=”http://pagead2.googlesyndication.com/pagead/iclk?sa=l&amp;ai=Blz9SmagbQpC AFsiesQGb5MxVh8r8CNPq- qEBwI23AeD6IBACGAIgjqmGAigKSME5mAHb24ICqgEjdGVzdF8wNjgrdGVzdF8w MzErdGVzdF8wNDArdGVzdF8wMDSyARZhbm51YWxjcmVkaXRyZWNvcmQuY29t yAEB2gEpaHR0cDovL2FubnVhbGNyZWRpdHJlY29yZC5jb20vLTYyNjAwODg3NW Q&amp;num=2&amp;adurl=http://Free-Credit-Report-in- Seconds.Com/index.php%3Fsrc%3D904&amp;client=ca-dp- sportacle&amp;domain_name=annualcreditrecord.com” target=”_top”>Free-Credit-Report-in-Seconds.Com</a> </td></tr>

 

Appendix C: Additional information on the misspelled domains

The majority of the imposter domains discussed in this report belong to companies or individuals associated with “pay per click” marketing schemes. This is evidenced by the nameservers the domains are hosted on.

Imposter Domain Name Servers

The nameservers Fabulous.com, Proredirect.com, DomainHop.com, and Rentalqueue.com belong to Internet companies that park and redirect domains for the purposes of getting “ad clicks.” These nameservers occur again and again among the imposter domains.

Here are some of the other name servers that occur in the domains mentioned in this appendix, and the companies the name servers appear to belong to:

Domain Sponsor name servers:
Name Server: NS1.PROREDIRECT.COM

Enom name servers:
Name Server: DNS1.NAME-SERVICES

GoDaddy name servers:
Name Server: PARK17.SECURESERVER.NET

Budget Names name servers:
Name Server: NS1.RENTALQUEUE.COM

Domain Hop name servers:
Name Server: NS1.DOMAINHOP.COM

Experian Name Servers

In the February 2005 report, researchers noted that Ennualcreditreport.com and other misspelled domain names were registered by proxy, or anonymously. These anonymous domains were hosted on nameservers with the name “ns.consumerinfo.com.” ConsumerInfo.com is an Experian company, thus tying this and other domains to Experian. After publication of the first report, Experian confirmed its ownership of the domains.

The World Privacy Forum has learned that approximately 200 domains have reportedly been taken out by at least two of the credit bureaus. To the best of the World Privacy Forum’s current knowledge, none of the domains taken out by the credit bureaus are online with the exception of the official site. This means that even though the credit bureaus have purchased the non-official domains, the credit bureaus do not have active sites on the Web based on the non-official domain names at this time. According to the credit bureaus, these domains were taken out with the intent of stopping fraud. [43]

Domain Information

To find domain ownership information, check the WHOIS directory. < http://www.internic.net/whois.html .>

 

Appendix D: Archive of relevant AnnualCreditReport.com privacy policies

(Available for the online version of the report only.)

TransUnion annualcreditreport.com site privacy policy: PDF TransUnion standard privacy policy: PDF

Experian annualcreditreport.com site privacy policy: PDF Experian standard privacy policy: same as above.

Equifax annualcreditreport.com privacy policy: PDF Equifax standard privacy policy: same as above.

 

Appendix E: Imposter sites associated with Domain Sponsor

Domain Sponsor is a pay-per-click company that hosts an unusually high number of imposter sites. Here is a list of imposter sites specifically tied to Domain Sponsor. These listings were current during the research period ending June 30, 2005.

Research note: 15 of the domains listed below were active prior to February 2005, and were also listed in the February 25, 2005 report.

None of the following domains posted either a privacy policy or contact information.

annualcrditreports.com

annualccreditreport.com

annualcredditreport.com

annualcreditrepoort.com

annualcrreditreport.com

annalcreditreports.com

anualcreditreports.com

annuacreditreport.com

annualcreditrepport.com

annualceditreports.com

nnualcreditreport.com

aannualcreditreport.com

wwwwannualcreditreport.com

annualcreditreportcom.com

wwannualcreditreport.com

wwwannualcreditreport.net

wwwannualcreditreport.org

wwwannualcreditreports.com

freeannual-creditreport.com

reportannualcredit.com

annualcredit-reports.com

annualcreditcardreport.com

annualcreditcardreports.com

annualcreditcheckreport.com

annualcreditfreereport.com

annualcreditratingreport.com

feeannualcreditreport.com

fereannualcreditreport.com

fereeannualcreditreport.com

frreannualcreditreport.com

onlineannualcreditreport.org

sannualcreditreport.com

equifaxannualcreditreports.com

freeeannualcreditreport.com

equifaxannualcreditreports.org

freeannualcreditreports.org

onlineannualcreditreports.com

onlineannualcreditreports.org

transunionannualcreditreports.com

transunionannualcreditreports.org

annualcreditreportsfree.com

annualcreditscorereport.com

annualcreditscorereports.com

annualcreditreporter.com

annualcreditreporte.com

annualcreditreportforfree.com

annualcreditreportonline.org

annualcreditreportr.com

annualcreditreportwebsite.com

annualcreditsreport.org

freeannualcreditsreport.com

annualcreditsreports.com

annualfeecreditreport.com

annualfrecreditreport.com

annualfreecreditreport.org

wwwannualfreecreditreport.com

annuallycreditreport.com

annuallycreditreports.com

annualreecreditreport.com

creditannualreport.com

annualvcreditreport.com

annualycreditreport.com

reportcreditannual.com

creditreportannual.com

annualcresitreport.com

annalcreditreport.com

snnualcreditreport.com

annuelcreditreports.com

 

Appendix F: Consumer Tips

A general tip for all consumers is to stagger report requests by 3 or 4 months. For example, order a free Experian credit report in September, then order a free TransUnion report in January, and then order a free Equifax report in May, and so on. In this way, you can keep a close eye on your credit all year long.

Generally speaking, The World Privacy Forum recommends that the simplest way for most people to access a free credit report is to either call or to mail for the report. For those who decide to retrieve a free credit report via the www.annualcreditreport.com site , we recommend taking commonsense computer security and safety measures prior to placing an order.

The tips below include information on all three forms of ordering the reports: online, phone, and mail.

Online Tips

Online Tip: Beware of Imposter Domains

Check to make sure you are accessing the official www.annualcreditreport.com site. Many fake, imposter domains have been put up. These domains often are very misleading, and typically will not help you find your way to your federally mandated free credit report.

Online tip: Do not use a library or public computer to access your free credit report.

Shared computers may inadvertently help share your credit report information with others. Only access your report online via your own computer, or a trusted computer. A work computer is also a poor choice for accessing your free credit report online.

Online tip: Giving An Email Address is Voluntary

Know that you are not required to give out your email address in order to obtain a federally mandated free credit report.

Online tip: Ensure you are following basic computer safety rules

Key safety steps include taking the following minimum precautions:

1. Ensure you are at the official site before you submit personal information.

2. Do not use a public computer (such as a library or public rental computer) or use a networked computer at work to order your reports. Generally speaking, ordering your report using work computers is not a good idea.

3. If you order your report using a Wireless Internet connection, ensure that the connection is encrypted.

4. Ensure that the computer you use is not infected with viruses or spyware that could compromise the security of your information.

5. If you use software such as Google desktop search or other search software that saves https files, either deselect https caching or turn the software off during your ordering process.

If at any point in the online ordering process, you see pop-up advertisements or are asked to pay for a free credit report, close the browser and start over or switch to either the phone or the mail method.

Phone and Mail Tips

Phone and mail tip: Ask to mask all but the last four digits of your SSN

When phoning the toll free number (877-322-8228) for a free credit report, request that only the last four digits of your SSN are displayed.

Phone and Mail tip: Get Your Report Mailed to a Secure Mailbox

If you call for your report or have it mailed to you, have your credit report mailed to a secure mailbox. Also see tip #4: ask to mask all but the last four digits of your SSN when the report is mailed to you.

Phone Tips

Phone tip: If you have a long or complex last name, or have a strong regional accent, you may have trouble using the automated phone system.

The World Privacy Forum has received a number of consumer complaints due to problems with using the toll free. The complaints tend to originate from consumers who had either very long or complex names, or those who had strong accents. If you have consistent troubles using the phone system, the next preferred method is to use the mail method. Be sure to see the mailing method tip below.

Storage and Disposal Tips

After you have received your credit report, store it in a secure location where you are sure only you and others you trust can access it. A locked file cabinet, for example, would be a preferable storage location to a paper file stored on top of a desk. If you decide to throw your credit report away, it is important to shred your report before placing it in the trash. Preferably, the shredder you use will be a cross-cut shredder.

If you have accessed your credit report electronically, print out the credit report. Ensure that that no electronic copies of the report remain on the computer. This is especially important for those using laptop computers.

 

 

__________________________________________________

Endnotes

[1] Residents in Alaska, Arizona, California, Colorado, Hawaii, Idaho, Montana, Nevada, New Mexico, Oregon, Utah, Washington, and Wyoming can order a free report beginning December 1, 2004. Residents in Illinois, Indiana, Iowa, Kansas, Michigan, Minnesota,  Missouri, Nebraska, North Dakota, Ohio, South Dakota, and Wisconsin can order a report beginning March 1, 2005. Residents in Alabama, Arkansas, Florida, Georgia, Kentucky, Louisiana, Mississippi, Oklahoma, South Carolina, Tennessee, and Texas can order a free report starting June 1, and residents in Connecticut, Delaware, Maine, Maryland, Massachusetts, New Hampshire, New Jersey, New York, North Carolina, Pennsylvania, Rhode Island, Vermont, Virginia, and West Virginia, the District of Columbia, Puerto Rico, and all U.S. territories can order their free reports beginning September 1, 2005. Source: < http://www.ftc.gov/bcp/conline/pubs/credit/freereports.htm>.

[2] For more information about why free credit reports have been mandated by the Federal government, see the discussion at the FTC pages. < http://www.ftc.gov/bcp/conline/pubs/credit/freereports.htm>.

[3] Key safety steps include: 1. Ensure you are at the official site before you submit personal information, 2. Do not use a public computer (such as a library computer) or use a networked computer at work to order your reports, 3. If you order your report using a Wireless Internet connection, ensure that the connection is encrypted, 4. Ensure that the computer you use is not infected with viruses or spyware that could compromise the security of your information, 5. If you use software such as Google desktop search or other search software that saves https files, either deselect https caching or turn the software off during your ordering process.

[4] Federally mandated credit reports may be ordered by mail. See the Resources section of this report for directions on how to do this.

[5] Michigan Attorney General Mike Cox has suggested in a February 2005 consumer alert several tips for consumers who phone in for their reports. First, request that only the last four digits of the SSN are shown on the mailed report, and send the report to a secured mail box. For the complete consumer alert, please see <http://www.michigan.gov/printerFriendly/0,1687,7-164-34391-111010– ,00.html>.

[6] The most significant site-specific improvement was TransUnion’s decision to stop pre-selecting consumers to receive marketing materials during the registration process. See the February 25, 2005 study for a discussion of this and other site-specific issues: <https://www.worldprivacyforum.org/pdf/wpf_calldontclick_study_2005.pdf. >

[7] 112 +/- 3. Each domain included in the final number of 112 was checked a minimum of three times prior to inclusion in this report. Domains that were identified as problematic, i.e., domains that were found to be shifting, were checked as many as 20 times prior to inclusion. Please note that the imposter domains can change as frequently as three times in one day, so the number of domains is a moving target. It is probable that the domains may have changed since the last complete check date June 27, 2005. The average variation in domain names during checks was plus or minus 3 due to domain shifting. That is, the domains would go offline for a day, then come back up. Some of the domain names changed home pages multiple times during a day, others would change the URLs to which the domain was forwarding.

[8] A link farm is a Web site that exists for the primary purpose of sending consumers to various services or sites, often in return for a small fee paid for each time a consumer clicks on one or more of the links. Some links on a link farm may be placed there on the basis of an affiliate marketing relationship (For more on affiliate marketing, see Footnote 9). But some link farms are simply collections of text ad links that have been rolled onto one or more pages. There is no real content, just dozens of links that are text ads. For example, a link farm can be created on a parked domain that contains many text link ads related to or from online advertising programs such as Google’s Domainpark program. (See footnote 10 for more on Domainpark.)

[9] Affiliate marketing programs are a common feature of the Internet at this point. The issue with affiliate marketing programs is that because they typically pay a commission to sites that bring in visitors through active links, some domain owners have abused the programs by creating thousands of phony or “typo” sites to bring in visitors for certain keywords. Some affiliate marketing programs are well-policed for abuses, others less so. For additional information about this subject, see Wired, “Shady Web of Affiliate Marketing,” Feb. 10, 2005, Ryan Singel. See< http://www.wired.com/news/privacy/0,1848,66556,00.html >.

[10] Online advertising programs are frequently encountered on the imposter sites. The Google Domainpark program (see < http://www.google.com/domainpark/) and other similar programs allow site owners with multiple “parked” domains to place text link ads and other kinds of online ads on parked pages. The links may be related to advertisements keyed to particular words or phrases. The pages that result are frequently called “link farms” or “ad farms.” The domains in parked ad programs may get high volumes of visitors because the sites are often misspellings of well-known sites, in this case, annualcreditreport.com. See Footnote 8 for more on link farms.

[11] As of June 27, 2005 the following four domains containing the key words annual credit report resolved to (that is, forwarded consumers to) Intelius: www.onlineannualcreditreport.comwww.creditreportannually.comwww.annualonlinecreditreport.com, and www.freeannualcreditreports.net . For more about Intelius see < http://find.intelius.com/index.php>.

[12] Consumer Reports Web Watch issued a June 2005 report detailing the importance to consumers of how search engines display search results. The report, Still In Search of Disclosure, is available at < http://www.consumerwebwatch.org/dynamic/search-report- disclosure-update-abstract.cfm >.

[13] Ibid. Still in Search of Disclosure.

[14] Originally, the credit bureaus only allowed the FTC and the three credit bureaus to link to the official annualcreditreport.com site. This created numerous problems, for example, consumers were having to type in domains, which increased the possibilities for consumers to land on a typo domain. See Figure 2 in the first report for more information about the original linking problem < https://www.worldprivacyforum.org/calldontclick.html >. Also see EPIC’s December 2004 letter to the FTC asking the agency to unblock Web links. “Free Annual Credit Report Site is Blocking Web Links,” December 7, 2004. < http://www.epic.org/privacy/fcra/freereportltr.html>.

[15] The Central Source was established by a rulemaking of the Federal Trade Commission. The rule created one central location where consumers could request and acquire a free annual credit report from the three nationwide credit bureaus: Equifax, Experian, and TransUnion. Under the final FTC rule, the centralized source must include “a dedicated Internet Web site, a toll-free telephone number, and a postal address.” See < http://www.ftc.gov/opa/2004/06/freeannual.htm>.
[16] See the FTC consumer alert about search engines: <http://www.ftc.gov/bcp/conline/pubs/alerts/searchalrt.htm>. Also see the FTC guidelines for search engines: < http://www.ftc.gov/os/closings/staff/commercialalertletter.htm >.[17] The last complete check of number of active domains and domain registrants using the key words annual credit report or close misspellings of these key words was June 27, 2005 with spot checks of problematic domains until June 30, 2005. Additional checks were conducted up until July 14, but results logged after the close of the research period (June 30) were not included in the report findings.[18] Because of the serious nature of the problems at this particular site, researchers took immediate steps to get it offline. The site was taken down approximately 6 days after researchers originally discovered it and alerted the Central Source of its presence.[19] During the course of research, these three sites went off and online frequently. By checking the sites using differing Internet Protocol addresses, researchers were able to determine that the sites were generally up and working. However, researchers observed that the sites would go through cycles of going offline for a day or two and then the sites would come back online again. The final check of these sites was July 4, 2005, where two of the sites were offline and one site – www.free-annual-credit-reports.com — was online.[20] <http://www.spendonlife.com/partners/>Last accessed July 4, 2005.[21] <http://www.spendonlife.com/affiliates/.> Last accessed July 4, 2005. 22< http://www.spendonlife.com/dc/> Last accessed July 4, 2005.[23] <http://qspace.iplace.com/cobrands/465/privacy.asp>[24] See < https://www.freecreditprofile.com/policy/privacy.jsp >Last accessed July 4, 2005. 25 See <http://www.truecredit.com/> Last accessed July 4, 2005.[26] See <http://www.fabulous.com>.[27] See <http://whois.internic.net>.[28] See Appendix E for a listing of the 68 Domain Sponsor Imposter sites.[29] Equifax does not appear to have direct affiliate relationships with the imposter domains based on the research for this report.[30] See < http://www.arbforum.com/domains/decisions/133619.htm> last visited July 5, 2005. In the arbitration settlement, the domain was transferred to Delta.[31] For general information about how affiliate sharing can work, Wired Magazine has a good article on this subject. Wired, “Shady Web of Affiliate Marketing,” Feb. 10, 2005, Ryan Singel. See< http://www.wired.com/news/privacy/0,1848,66556,00.html >.[32] Online ad campaigns based on keywords and search engines can be dynamic and complex. For more on this, see Google AdSense and Overture as two examples of how these kinds of campaigns generally operate. Sites: < http://www.google.com/ads/> and < http://www.content.overture.com/d/USm/ays/ps.jhtml>. Also see Candian Yesup’s Clicksor program <http://www.clicksor.com/>, and Darkblue <http://www.fabulous.com/informationcenter/index_aboutus.htm > of Fabulous.com.[33] TransUnion’s TrueLink affiliate program is at:< http://www.truelink.com/affiliate/faq.html#1>; Equifax’s Link Partner Program is at < http://www.equifax.com/link_partners/ > ; Experian’s CreditExpert affiliate program is available at: <https://www.creditexpert.com/CE_site/Message.aspx?PageTypeID=Affiliate Program_CE>.[34]<http://www.domainsponsor.com>.[35] A confirmation of this is the DiG lookup of proredirect.com: proredirect.com name servers are ns2.oversee.net and ns1.oversee.net. Oversee.net is the parent company for DomainSponsor.[36] A frame is a type of coding used in Web sites. There are several types of frames. For example, there are simple FRAME tags. There is also an IFRAME tag. See, for example Wikipedia <http://en.wikipedia.org/wiki/IFRAME>. The IFRAME tag allows a Web site designer to place either small batches of code or entire pages of HTML code within one or more very simple frames. The IFRAMEs can be, and often are, nested. While some Web designers use IFRAMEs to make sites load faster, affiliate marketers often use IFRAME and other framing techniques to disguise and cover the original and often much more complex and revealing source code of the sites they are “link farming.” For more on the FRAME, IFRAME element, and other frame elements see especially < http://www.w3.org/TR/REC-html40/present/frames.html >.[38] DomainSponsor, in its FAQ page, discusses the benefits of using pop-ups at sites parked at its service. See < http://www.domainsponsor.com/faq.html>.[39] Information.com may make additional revenue from the incoming data, beyond affiliate marketing. This is hinted at in the Information.com privacy policy, which states: “Individual customers who reside in California and have provided their personal information to us may request information about our disclosures of certain categories of personal information to third parties for their direct marketing purposes.” See: <http://www.information.com/help/privacy.html> Last visited July 13, 2005.[40] The research period for this report ended June 30, 2005. However, for informational purposes, the last check of the total number of imposter domains was July 12, 2005. This check revealed 240 imposter domains, which is in line with researchers’ findings that the number of registered imposter domains continues to creep upward.[41] See Search Engine Users…, Deborah Fallows, 1/23/2005 at: <http://www.pewinternet.org/PPF/r/146/report_display.asp>.[42] Letter to Commercial Alert re: FTC complaint. < http://www.ftc.gov/os/closings/staff/commercialalertletter.htm >[43] Based on conversations with representatives from Experian April 2005 and June 2005; conversations with representatives from Equifax June 2005.