File this under "yes, we know its bad and its happening but you're going to have to do the monitoring for us..."
http://www.itnews.com.au/newsstory.aspx?CIaNID=41386
"Internet addresses that appeal to identity thieves eager to rip off consumers are being posted by major domain resellers, a security company charged on Friday.
Finnish-based F-Secure has identified more than 30 registered domain names for resale on Sedo that would be of interest only to the legitimate holder of the trademark or to phishers, criminals who try to dupe consumers into divulging personal information by enticing them to fake websites. Among the domains: citi-bank.com, bankofameriuca.com, americanexpresscredicard.com, mastercarding.com, and visacardcredit.com.
"Why would anybody want to buy these domains unless they are the bank themselves - or a phishing scammer?" wrote Mikko Hypponen, F-Secure's chief research officer, in an alert on the company's site. advertisement
...
Sedo said that while it has a process in place to pull domain sales that violated trademarks, it was the trademark holder's responsibility to file a request. "We have more than six million domains for sale," said Jeremiah Johnston, Sedo's general counsel. "It's impossible for us to proactively filter sales.""