The now-defunct UK government agency responsible for investigating computer crime, the NHTCU, no longer owns its domain name after it was sold to an enterprising German internet marketer.
The National Hi-Tech Crime Unit (NHTCU) was established in 2001 to fight high tech crime, but its duties came to an abrupt end in April 2006, when it was transferred to the Serious Organised Crime Unit (SOCA).
While the ownership of a defunct website does not sound overly troublesome, it a serious issue, because many websites around the world still have links pointing to the old NHTCU website. This includes a link to old NHTCU website on the Home Office's own web pages.
The problem came to light at the weekend, after Graham Cluley, senior technology consultant at Sophos, was reading an article on the BBC news website about the NASA hacker, Gary McKinnon.
He noticed a link to the NHTCU website on the BBC article and clicked on it, but instead of being confronted with the usual NHTCU webpage redirecting people to the SOCA website, he was instead confronted with a website advertising a German holiday.
The Government, it seemed, no longer owned the www.nhtcu.org website, which in early August had been sold to a German, Uwe Matt.
"It is pretty sloppy," said Cluley. "The NHTCU website was shut down a few years ago, but until recently, the page redirected people to where they are supposed to go (SOCA). But it seems that someone was not watching this registration, or ignored the renewal form."
"The problem is that many sites and government pages are linked to this page," he added. "Indeed, the Home office crime reduction website links to this site."
Cluley told the UK's Techworld Web site that at the moment, the site does not contain malware.
"There is no reason to think it will in the future," he said. "But there is the potential for the unscrupulous use of the site for nefarious purposes. It could contain malware, or indeed, claim to be the actual NHTCU website, which if it asked users to fill out their details, would lead to identity theft."
"Domains like this very valuable, because lots of sites link to it, like the BBC, which gives it better credibility under Google's search rankings.
"It is enormous irony that the people who are advising about identity theft, have managed to have their own identity stolen," said Cluley. He reckons the sites new owner is a domain speculator, as his own website lists him as the "owner of hundreds and hundreds of websites."
Attempts to contact the website owner, Uwe Matt, were unsuccessful.
Indeed, a WHOIS search revealed that the owner of the NHTCU website is PrivacyProtect.org, a Dutch website that people can use to replace their contact details with alternate contact information. When Techworld attempted to reach the owner, via PrivacyProtect.org's "Contact the Domain Owner" online form, it returned the following error message.
"This Domain is not Privacy Protected and the Owner (Registrant) contact information is available from the public Whois."
This is despite PrivacyProtect.org being listed as the domain owner. The listed telephone number also points to PrivacyProtect.org.
Cluley says the case is a stark warning to people to make sure that the sites they are providing links to, really is the legitimate website, as the ownership can change.
"It is a warning for all of us to be a bit more careful," Cluley said. "Be careful clicking on links, even from reputable sites. It is the wild west out there."
SOCA admitted that renewing the domain registration was its responsibility, but "unfortunately it didn't happen in this case."
"SOCA is aware that registration of the domain www.nhtcu.org has lapsed and is taking the necessary steps to remind partners and stakeholders that the NHTCU became SOCA e-crime in April 2006, and that they should confirm that web links and other references are amended accordingly," said the organization in a statement.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.