But as article specifically mentions sending during the night and registration next morning that does seem to indicate eweek found out about "no whois" but with already registered domain, i.e. see
Could they simply be referring to the technique of sending spam at night with a URL to a non-existent domain? When everyone's NOC sees the spam for the first time and tries to get the website shut down, it's not there. Tickets are closed, and many people think someone else already had the site taken down. But, first thing in the morning, the domain is registered just in time to accept the first queries from gullible customers eager to find out how to collect their lottery winnings. For a few hours, the spammers collect phone numbers and then spend the next few days running their telephone con. Rinse and repeat. When we make it too hard for legitimate businesses to use spam as a means of advertising their product, then only criminals will use spam. The arms race continues... --Michael Dillon