Fraud Friday: Investigation into a ring of fake Universities
guardyourdomain.comThe immediate red flag to me is all the domains listed do not end in .edu which is easy to register if one has a real accredited school.
We drill into this in the article and unfortunately many cyber-security tools categorize the education related gTLDs in the same bucket as the verification requiring .edu
I suppose that should there be enough fraud on the gTLD's that mimic .edu[cation] we could push for legislation to have ICANN [1] drop those TLD's given that scammers will do what scammers can do. Or alternately add the same requirements as .edu to those gTLD's. In the mean time perhaps all the firewall and DNS providers that block malicious sites should just globally block those TLD's. e.g. OpenDNS, Fortinet, Palo Alto Networks, maybe even Google DNS and Cloudflare DNS, all the blocklists on Github [2], etc...
[1] - https://www.icann.org/resources/pages/report-security-issues...