Embattled domain registrar RegisterFly will lose its accreditation if it can't fix serious operational problems in the next 15 days. ICANN has informed the New Jersey-based registrar that it is in breach of its operating agreement, threatening enforcement action (PDF) after months of complaints from RegisterFly customers. The registrar's operations have descended into chaos this week, with its web site paralyzed amid allegations that the former president and CEO misused company funds.

As the company's principals battle one another, thousands of domain names have been caught in the crossfire. RegisterFly says that at least 75,000 customer domains expired as a direct result of the company's financial and management problems. RegisterFly is also an SSL certificate authority, making its stability an issue for about 460 site owners who are currently securing sites with FlySSL certificates.

A lawsuit filed by RegisterFly's parent company, Unified Names, blames the meltdown on misuse of company funds by President and CEO Kevin Medina, who was fired by the company's board. The suit alleges that Medina spent company funds on liposuction surgery and escort services. "After his termination, Mr. Medina deleted email accounts, access to support tools, and access for our risk/billing department to issue refunds," RegisterFly's Glenn Stansbury said in a statement posted at RegisterFlies.com, a customer protest site. RegisterFly is also reported to have changed the root password of its web server to prevent sabotage.

Netcraft has released a collection of 3 gadgets that can be added to your personalized Google homepage.

What's that site running?

The What's That Site Running gadget gives convenient access to Netcraft's Web Server Query service, and will let you find out everything there is to know about a web site, such as where it is hosted, and what software it is running.

Netcraft News

The Netcraft News gadget displays the latest news on web security, phishing and web hosting. This gadget can be configured to display the date and short article summaries.

Report a phishing site

The Report a Phishing Site gadget allows you to submit suspected phishing sites to Netcraft. The gadget can remember your name and email address, so each time you stumble upon a new phishing site, all you have to do is enter the fraudulent URL and the reason for it being reported. All accepted submissions are placed into the monthly iPod contest, where the top 5 reporters will win a top-of-the-range iPod.

Netcraft's January phishing site competition saw the number of blocked phishing sites increase by a further 153,000, in contrast to last month's phenomenal rise of 277,000. Live progress of the latest competition can be tracked via the phishing site reporters list.

To continue showing our appreciation to the community, Netcraft will be sending a top of the range black 80gb iPod video to the five people who reported the largest number of phishing reports accepted last month.

January's winners are: Abused, ER, Fully, cristal and Martin. Many thanks for your efforts! Each phishing site that is reported vastly reduces the number of victims falling prey to fraudulent activity on the Web. Netcraft has now received, reviewed and blocked more than 820,000 unique URLs reported to us as phishing sites.

A vulnerability in Adobe Reader was discovered early in January, which made sites that hosted PDF files vulnerable to cross-site scripting attacks. Adobe recommends that users upgrade to the latest version of Adobe Reader to protect themselves against these kind of attacks, but it is worth noting that the Netcraft Toolbar automatically protects users against cross-site scripting attacks of the like typically employed by Internet fraudsters.

The Netcraft Toolbar, which is available for both Internet Explorer and Firefox, serves as a giant neighborhood watch scheme for the Internet: members who encounter a phishing fraud can act to defend the larger community of users against the attack. Once the first recipients of a phishing mail have reported the target URL, it is blocked for toolbar users who subsequently access the URL and widely disseminated attacks simply mean that the phishing attack will be reported and blocked sooner.

In independent reviews by technology media and academic researchers, the free Netcraft Antiphishing Toolbar has been found to be more effective than antiphishing tools in IE7, Firefox 2 and other toolbars.

• Carnegie Mellon University Researchers (PDF): "We designed our first experiment to test the ability of each toolbar to accurately detect "fresh" phishing web sites identified within 36 hours of the experiment. ... The Netcraft Toolbar was the most effective, identifying 48 out of 50 phishing sites (96%)." The next best toolbar was only able to identify 34 (68%).
• CNet: "We found that IE 7 consistently failed to catch phishing sites less than 1 hour old, although IE 7 caught all phishing sites known for at least 1 hour or more. Most phishing sites are removed after their initial 72 hours. We found that stand-alone antiphishing filters, such as that from Netcraft, performed far better than IE 7 in flagging brand-new phishing sites."
• ZDNet: "In testing on live phishing sites, however, IE 7 RC1 failed to identify as many phishing sites as Netcraft's free IE toolbar."
• 3sharp: In a study funded by Microsoft, researchers at 3sharp found that the Netcraft toolbar blocked more phishing URLs than IE7 or any other toolbar tested. "Netcraft’s mature toolbar has clearly succeeded in leveraging Netcraft’s large existing database of Web servers to provide good anti-phishing protection. ... The Netcraft Toolbar also offers some useful features, like its Risk Meter, that may appeal to users who want to know more about the sites they’re visiting."

The Netcraft Toolbar Community is a giant neighborhood watch scheme for the Internet, empowering the most alert and security-aware members to defend the rest of the community against phishing frauds, which to date has blocked over 650,000 phishing urls aimed at customers of over 900 institutions.

Microsoft has licensed Netcraft's Phishing Site Feed for use in its Microsoft Phishing Filter Service, providing users of Internet Explorer 7 protection against the latest phishing attacks reported by the Netcraft Toolbar Community.

Microsoft's inclusion of Netcraft data in the Microsoft Phishing Filter was announced by Microsoft chairman Bill Gates during his keynote speech today at the RSA Conference in San Francisco, which introduced new security intiatives by Microsoft.

The Netcraft Toolbar Community is a giant neighborhood watch scheme for the Internet, empowering the most alert and security-aware members to defend the rest of the community against phishing frauds, which to date has blocked over 650,000 distinct phishing urls aimed at customers of over 900 institutions. In independent reviews by ZDNet, CNet and academic researchers, the free Netcraft Antiphishing Toolbar has been found to be more effective than antiphishing tools in IE7, Firefox 2 and other toolbars.