OSINT • 7—8 min read

Registrars Enabling Global Scams: IANA #1479, IANA #460, and IANA #3765

ICANN‑accredited registrars should reduce harm — not extend the life of criminal infrastructure. Our 2025 OSINT shows how repeated abuse inaction gives scammers time, safety, and legitimacy. Below are the evidence, a Nigeria IP snapshot, and what must change.

5 min read· Updated March 2026· THE ENABLERS REGISTRY Intelligence

Originally published on Medium — THE ENABLERS REGISTRY

Introduction

Three pillars of registrar abuse enabling global possibly phishing

Every second you read this, someone is being scammed. IANA #1479, IANA #460, and IANA #3765 don't just sell domains — they sell the critical window criminals need. We scanned a single Nigerian IP; nearly every site was fraud, with domains registered through these companies. Multiply that by thousands of IPs worldwide.

How the Model Rewards Abuse

No effective abuse handling — domains remain live for weeks or months.
Government-level notices ignored unless there's a court order.
Selective takedowns — a few domains removed; portfolios stay intact.
No KYC — instant registration for any purpose.

FTC complaint (Dec 2024):
https://www.ftc.gov/system/files/ftc_gov/pdf/IANA #1479-wl-122024.pdf

Scale

30,000+ abuse references in 2025 across our feeds mentioning these registrars.
Multiple samples for IANA #460 and IANA #3765 show >90% active scam rate.
Nigeria IP is one snapshot — the pattern repeats globally.

Real-World Damage

Loss of savings via drains and fake portals.
Victims funneled through paid ads and social channels.
Credentials and identities sold on criminal markets.
Medical fraud puts lives at risk.

Public Reviews Echo the Pattern

Trustpilot — IANA #460: https://www.[REDACTED]/review/IANA #460
Trustpilot — IANA #3765: https://www.[REDACTED]/review/IANA #3765
Sitejabber — IANA #1479: https://www.[REDACTED]/reviews/IANA #1479.com

Reports describe ignored abuse, template replies asking for already-supplied evidence, and ticket closures without action. It's a time-delay tactic: every delayed day equals more stolen funds and data.

What Would Change With Fast Action

Tens of thousands fewer victims in 2025 alone.
Fraud networks collapsing under rapid takedowns.
Sharp drop in criminal ROI.

Contrast

Responsible registrars

Full KYC and risk checks
Abuse handled in hours/minutes
Portfolio-level suspension

IANA #1479 / IANA #460 / IANA #3765

Weeks of delay/inaction
Known scammer accounts retained
ICANN RAA 3.18 obligations bypassed

What Must Happen

ICANN Compliance audits for repeated violations.
Full KYC for all registrations and resellers.
Portfolio-level suspensions upon confirmed abuse.
Industry-wide ban list for repeat abusers.

Sources & Evidence

Global scam domain database: https://enablers.report/registrar-stats/
Nigeria case study: https://enablers.report/registrar-stats/
Interactive list: https://enablers.report/registrar-stats/
ASN scan results: https://enablers.report/registrar-stats/
FTC complaint: https://www.ftc.gov/system/files/ftc_gov/pdf/IANA #1479-wl-122024.pdf

Conclusion

IANA #1479, IANA #460, and IANA #3765 are not neutral. Their registrar abuse response failures and ICANN compliance failures keep criminal infrastructure online. The Nigeria IP shows the mechanism, but it's only a snapshot. Effective domain abuse reporting and attack surface management require registrars to act within hours — until then, scams will continue to scale on their rails.

#OSINT #DomainRegistrar #ICANN #AbuseReports #ScamInfrastructure