Responsible Disclosure Policy

Domain Abuse Intelligence Center (DAIC) follows a responsible disclosure approach when reporting suspected domain name abuse, online fraud, phishing campaigns, or other malicious infrastructure activities.

Purpose

The purpose of this policy is to ensure that reports are submitted professionally, ethically, and in a manner that supports infrastructure operators in mitigating abuse without causing unnecessary disruption.

Scope of Reports

• Phishing and impersonation domains
• Investment fraud and scam platforms
• Malware distribution domains
• Domain abuse violating registrar or registry policies
• Infrastructure misuse identified through OSINT analysis

What DAIC Does

• Collects publicly available technical indicators
• Documents observed abuse behavior
• Submits reports to relevant registrars or service providers
• Maintains neutrality and factual reporting

What DAIC Does Not Do

• Conduct hacking, exploitation, or unauthorized access
• Perform takedowns or suspensions
• Provide legal judgments or enforcement actions
• Engage in harassment or retaliation activities

Disclosure Timeline

Reports are submitted as soon as sufficient indicators are documented. Response times and actions are solely determined by the receiving registrar or infrastructure operator.

False Reporting

DAIC does not support or tolerate false, misleading, or malicious reports. All submissions are expected to be made in good faith and supported by verifiable evidence.

Contact for Disclosure

For responsible disclosure or abuse-related communication, please contact:

📧 Email: report@daic.org

Legal Notice

DAIC operates independently and does not claim authority over any domain, registrar, registry, or hosting provider. All findings are provided for informational and mitigation purposes only.