What is the name of the domain?
edu.eu
What is the issue you’re encountering
TL;DR: Cloudflare currently treats .edu.eu as a public suffix allowing anyone to add xxx.edu.eu domains to accounts, but extensive research shows this entire domain space is being used exclusively for educational fraud and scams.
What feature, service or problem is this related to?
Nameservers
What are the steps to reproduce the issue?
The Problem
Recent research on all .edu.eu subdomains and found zero legitimate educational institutions. Every single one appears to be either:
- Fake universities targeting international students
- Degree mills selling fraudulent credentials
- Scam operations collecting personal/financial information
- Identity theft schemes
Technical Issues
- Public Suffix Treatment: CF treats .edu.eu as a public suffix despite it not being in Mozilla’s PSL
- Scammer Hosting: Multiple fraudulent .edu.eu sites are hosted on Cloudflare infrastructure
- Domain Validation: Users can add any xxx.edu.eu subdomain to CF accounts without educational verification
Evidence Summary
- .edu.eu is NOT an official EU educational domain - it’s operated by a private company
- Europe’s legitimate universities (Oxford, Cambridge, Sorbonne, etc.) don’t use .edu.eu
- Documented victim reports of students losing thousands to fake universities
- Technical analysis shows coordinated fraud operations sharing infrastructure
- Multiple news outlets have reported on this scam network
Recommendations
- Remove public suffix treatment for .edu.eu from Cloudflare systems
- Review existing .edu.eu sites hosted on CF for ToS violations
- Consider domain-level restrictions given the systematic fraud
The .edu.eu registry enables widespread educational fraud by creating false legitimacy. No legitimate educational institution uses this domain suffix.
Full research report: https://jy.md/edu-eu-domain
Has anyone else encountered this issue? What’s CF’s policy on domain suffixes used exclusively for fraudulent purposes?