Call Don’t Click Update: Discussion – Fraudulent, deceptive, or misspelled domains are still a problem
Researchers documented that 233 domains containing the keywords annual credit report or close misspellings of annualcreditreport.com had been registered.  Of the total registered imposter domains, 112 +/- 3 were online and available to consumers as of June, 2005. The pretender domains showed up in some search engine results, and some of the pretender domains showed up in some search engines’ paid or sponsored listings sections.
The graphic below (Figure 1) is an example of an imposter domain pretending to be the real annualcreditreport.com. Here, annualceditreport.com (note the missing “r” in credit) is claiming on its home page to be annualcreditreport.com, and boasting that it is “Your Access to Free Credit Reports.”
This site pictured above represents a typical pretender domain’s approach to misdirecting consumers. It is also an excellent example of what a “link farm” looks like.
Link Farms and SSN-grabbers
Currently, the majority of the imposter sites are “link farms” set up by pay-per-click marketing companies. Link farms are domains that contain dozens of links to sites that have a marketing relationship with the link farm owner, or links that are ads of some sort. Each time a consumer clicks on a link at a link farm, the owner of the link farm typically gets paid a few cents by an advertiser or affiliate marketing partner. Link farms are part of what are generally called affiliate marketing schemes, and affiliate marketing is how the majority of the imposter domains are making their money. Some link farms are also created by search engine optimization companies to cause a domain to rise in search rankings.
No matter why they were created, link farms can act as a barrier to consumers who are attempting to access the official www.annualcreditreport.com site.
Examples of this type of domain include that seen in Figure 1, and also domains such as www.annualfreecreditreport.org, annualcreditbureaureport.com, annualcreditorreport.com, and www.annual-credit-report.org. While these domains do not request SSNs from consumers right away, many of these domains lead to highly questionable businesses that do request information inappropriately from consumers.
Specific Examples of Imposter Sites
The following domains are examples of actual imposter sites that were live and online during the research period, which ended June 30, 2005.
Imposter Example #1: wwwannualcreditreport.com
After typing in the domains above, consumers were be redirected to http://www.spendonlife.com/freecreditreport/, where they were then instructed to fill out an online form to get their “free credit report” for “credit peace of mind.” Actually, what is happening is that the site is a “lead generator,” that is, its purpose is to collect consumer emails. According to the site’s materials:
“SPENDonLIFE.com is an online leads marketplace that empowers mortgage brokers and lenders to obtain quality, highly targeted mortgage loan leads at low prices. SPENDonLIFE.com generates fresh real-time internet mortgage leads from qualified, motivated consumers looking for home loans, mortgage refinance loans, home equity loans or debt consolidation loans.” 20
“Join The Best Debt Consolidation Affiliate Program and Make Money Debt Consolidation webmasters get paid $7.50 per lead . Look how simple our debt consolidation application is!” 
The real potential trouble on these imposter sites may be found on the “Free Debt Analysis” page. This page asked consumers to complete a detailed form that requests first and last name, debt amount, email address, phone number, and names of creditors.  This is apparently the form that provides the “fresh leads” the site brags about elsewhere.
On this site, consumers who click on a link to order a free credit report will get directed to Qspace, a site related to ConsumerInfo. ConsumerInfo is a wholly-owned subsidiary of the Experian credit bureau. If a consumer clicked on the order button from one of these imposter domains, this is the URL they would see, or something very similar:
These four imposter sites, at last check, resolve to the commercial data broker Intelius and do not lead consumers to the official www.annualcreditreport.com site. Specifially, the sites resolve to http://find.intelius.com/search-name.php. Intelius has made no effort to inform consumers that its site is not the official annualcreditreport.com site, despite that Intelius was – and at last check still is — appropriating annualcreditreport-related Web domains to attract consumers to its for-pay services.
These two sites redirect consumers away from the official www.annualcreditreport.com site to a site called freecreditprofile.com, where consumers are asked to provide their name, address, email, and other information about themselves. Freecreditprofile.com is associated with the TransUnion credit bureau. Technically, Freecreditprofile.com is a “product of TrueCredit.” 24 TrueCredit is a wholly owned subsidiary of the TransUnion credit bureau. 
The annualcreditmonitoringreport.com domain uses framesets to forward consumers to Freecreditprofile.com from nameservers belonging to Domainmanager, a company that specializes in assisting domain owners with redirects such as this.
The other domain, www.freeannualcreditmonitoringreport.com, resolves to www.annualcreditcheck.com, which then displays Freecreditprofile.com in a frame. This domain forwards consumers from nameservers belonging to Fabulous.com, a company that focuses on pay per click and affiliate schemes.  Whois records indicate that the www.freeannualcreditmonitoringreport.com domain is owned by Ousel Internet Development. 
It is unknown if TransUnion is aware of the redirection of these sites to its commercial services.
Imposter Example #5: DomainSponsor’s 68 imposter sites 
DomainSponsor, a well-known affiliate marketing company that is also associated with the search engine Information.com, owns and or manages a large number of imposter site link farms. As many as 18 of the known 68 DomainSponsor sites have at one time stated in their title bars that the domain is “AnnualCreditReport,” even when the domain was only a close misspelling of the official site.
None of the 68 Domain Sponsor sites have privacy policies or contact information. None of the 68 Domain Sponsor imposter sites led consumers to the official annualcreditreport.com site during the research period.
Imposter Example #6: www.freeannualcreditreports.com
This domain was discussed previously. When typed in, this imposter domain resolves to creditkeeper.com. When researchers originally found this site, it was inappropriately copying a ConsumerInfo site nearly image for image. After the site was identified in early June to ConsumerInfo as a problem affiliate that was using the keywords annual credit report to misdirect consumers, the imposter site removed the ConsumerInfo images and changed its information three times within a 24 hour period.
 The last complete check of number of active domains and domain registrants using the key words annual credit report or close misspellings of these key words was June 27, 2005 with spot checks of problematic domains until June 30, 2005. Additional checks were conducted up until July 14, but results logged after the close of the research period (June 30) were not included in the report findings.
 Because of the serious nature of the problems at this particular site, researchers took immediate steps to get it offline. The site was taken down approximately 6 days after researchers originally discovered it and alerted the Central Source of its presence.
 During the course of research, these three sites went off and online frequently. By checking the sites using differing Internet Protocol addresses, researchers were able to determine that the sites were generally up and working. However, researchers observed that the sites would go through cycles of going offline for a day or two and then the sites would come back online again. The final check of these sites was July 4, 2005, where two of the sites were offline and one site – www.free-annual-credit-reports.com – was online.
 <http://www.spendonlife.com/partners/>Last accessed July 4, 2005.
 <http://www.spendonlife.com/affiliates/.> Last accessed July 4, 2005.
 < http://www.spendonlife.com/dc/> Last accessed July 4, 2005.
 See < https://www.freecreditprofile.com/policy/privacy.jsp >Last accessed July 4, 2005. 25 See <http://www.truecredit.com/> Last accessed July 4, 2005.
 See <http://www.fabulous.com>.
 See <http://whois.internic.net>.
 See Appendix E for a listing of the 68 Domain Sponsor Imposter sites.
Roadmap: Call Don’t Click Update – Still be smart about ordering federally mandated free credit reports: Discussion of Findings: Fraudulent, deceptive, or misspelled domains are still a problem