Sometimes I look for these on popular social media posts as well where people repost SMS scams, and every time I do a WHOIS check, contact the registrar's abuse email, send them the details, and get them taken down so they don't scam more people.
I know the scammers will just register another domain, but it does slow them down and in my mind if I save just one person from getting scammed by doing that, it's worth it. It's like a hobby in my free time.
My success rate has been pretty much 100%, some registrars like Porkbun get the domains delisted within minutes, I am very impressed. Others take their time but it always works in the end.
I have recently ran into one instance where my reports do nothing, the registrar is ignoring it and I'm not sure how I can get it taken down. These domains have been active for more than a month.
WARNING! DANGEROUS SCAM websites ahead, do visit if you don't know what you're doing and DO NOT put any details into the forms!
I have encoded them in base64 just in case: aHR0cHM6Ly9hcHBsZS13YWxsZXQtaWQ0Ny5jb20v (WARNING SCAM WEBSITE!)
The first website attempts to steal all your payment details, and after entering them (I tried with fake ones obviously), then redirects to the second website attempting to steal your iCloud credentials: aHR0cHM6Ly9hcHBsZXBheS5hdXRoLWljbG91ZC5jb20v (WARNING SCAM WEBSITE!)
They are both very well made and cloned in the style of official Apple websites.
The registrar seems to be ALIBABA.COM SINGAPORE E-COMMERCE PRIVATE LIMITED.
When I contacted their abuse email, I get an automated message saying my message is ignored because they get a lot of false reports (how convenient!), and redirecting me to another website[0] to report it which requires tons of your personal details, photographic evidence, and all sorts of nonsense. I filled out these forms but they seem to just ignore the report anyway.
For some reason these websites are still not flagged by Chrome's Safe Browsing despite me making reports[1] and the website running for at least a month, having been registered on 2022-08-03. Google are normally pretty good in flagging these kind of websites but in this instance it seems futile.
Any ideas?
[0] 1. https://report.aliyun.com (for users within China) 2. https://intl.aliyun.com/report#abuse (for users outside of China)
[1] https://safebrowsing.google.com/safebrowsing/report_phish/
If it's faking a Apple website it might help to report it to Apple, too. I reported fake bank websites to the (real) banks and they were responsive because it's in their best interest as their customers are likely the targeted audience. That would hopefully get their security team (or a project manager) on the case. I didn't follow up though how long deletion took.
I also experienced this multiple times when trying to report scam and phishing sites. Some registrars/hosting services wont respond positively to abuse report ever, then what's the point of abuse email?
I wonder if we could report them to their higher authority (IANA?).
That said, it might be worth reporting both to Apple at reportphishing@apple.com.