Home / Industry

WHOIS History Footprint Tells Us More about the Man Behind the Biggest BLM Scam

In 2018, the biggest scam that banked on the Black Lives Matter movement was exposed. An Australian National Union Workers official named Ian Mackay was allegedly behind the Black Lives Matter Facebook page that garnered more than 700,000 followers and racked over US$100,000 in donations. However, founders and members of the Black Lives Matter movement didn't know about the fundraisers nor received any amount from them.

Although Mackay never admitted his involvement with the fake fundraisers, he quit as the Australian union's vice president. This post aims to uncover the historical WHOIS footprint of the man allegedly behind the biggest Black lives Matter scam.

Examining Historical WHOIS Records

We detected over a thousand newly registered domains related to the Black Lives Matter campaign and George Floyd around the first two weeks of June. A majority of the domains were parked, but some hosted e-commerce sites that promised to donate a portion of their profits to the Black Lives Matter movement. We also saw some domains that pledged to donate to George Floyd's family. Some of these fundraisers could be comparable to what Ian Mackay did in 2018.

Mackay's Facebook fundraisers pointed to several websites registered under his name and email address, but most have already been dropped in 2018. However, historical WHOIS records reveal that some of Mackay's domains are being re-registered in light of recent events related to the Black Lives Matter movement. Some of them are among those that we detected in June. Below are some of the domains, along with their registration dates:

  • blacklivesmatter[.]media (21 July 2020)
  • blacklivesnews[.]com (5 June 2020)
  • blackpowerfist[.]com (21 June 2020)
  • blackfists[.]com (6 June 2020)
  • blacklivesmatter[.]london (18 June 2020)

Although most of these domains' current WHOIS records are redacted or protected by privacy protection services, our WHOIS history tool shows that at some point, they have had the following historical WHOIS records:

  • Registrant name: Ian Mackay
  • Registrant address: Brisbane, Australia
  • Registrant email address: imackay@******[.]au, blacklivesmatter1@*******[.]com
  • Registrant phone number: ***29031316

Hundreds of other domains share the same details in their historical WHOIS records. When we ran the name Ian Mackay and his first email address on a reverse WHOIS tool, it returned 236 domains, some of which appear to be of questionable nature.

On the other hand, we saw five domains where Mackay used the second above-mentioned email address. Some of these have already been re-registered.

Historical WHOIS Records of the Official Black Lives Matter Domain

Whatever advocacy or cause, it is wise to check any domain's historical WHOIS records for shady connections before making a purchase or donation. Why is this necessary? For one, the contributions may not reach the intended recipients at all, as what happened with Mackay's fundraisers in 2018.

So we dug into the historical WHOIS records of blacklivesmatter[.]com, the movement's official website. Although its current WHOIS details are protected by Domains By Proxy, LLC, its historical WHOIS records provide a sense of comfort to supporters wanting to contribute.

Before its record details were redacted in 2014, our WHOIS history tool revealed that it was registered under Opal Tometi with an address in California and the email address opal@blackalliance[.]org. Opal Tometi is a human rights activist who co-founded the Black Lives Matter movement.


While past associations with Mackay doesn't necessarily mean domains will be used in financial scams again, the knowledge would give people more information to decide if it is worth donating to the sites in question or not. But with the redaction of current WHOIS records, this is not always possible. As such, historical WHOIS records can help protect people from scams and assist with cybersecurity investigations.

Organizations can also make better business decisions when they obtain information from WHOIS history tools. Historical WHOIS records can help them avoid associations with disreputable domains and personalities.

By WhoisXML API, A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider – Whois API, Inc. (whoisxmlapi) is a big data and API company that provides domain research & monitoring, Whois, DNS, IP, and threat intelligence API, data and tools to a variety of industries.  Visit Page

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Related

Topics

Whois

Sponsored byWhoisXML API

IP Addressing

Sponsored byIPv4.Global

New TLDs

Sponsored byAfilias

Cybersecurity

Sponsored byVerisign

Domain Names

Sponsored byVerisign

DNS Security

Sponsored byAfilias

Brand Protection

Sponsored byAppdetex

Cybercrime

Sponsored byThreat Intelligence Platform