.com registration details leaked
Every domain is required by ICANN to have a WHOIS entry, which among other things, includes the name, address, email, and phone number information of the domain's registrant, administrative, and technical contacts. While it's against the rules (section 3.3.5) to use this for marketing purposes, it's done all the time. It's partly for this reason that many domain registrars offer a "privacy" service whereby they act as a communication proxy for the domain's actual contacts.
There is no central WHOIS database, so I'll be honest I don't know how they find newly created domains*. While WHOIS records do contain information about when the domain was created, last updated, etc., I'm not aware of a way to query a WHOIS database based on these fields. But then I'm not a spammer either...
According to ICANN's website handling complaints about abuse of WHOIS data is outside their authority and they suggest you seek other methods to deal with the problem:
Spam complaints are outside of ICANN's scope and authority; for these types of complaints, please refer to one of the options listed below:
- You may want to contact a law enforcement agency in your jurisdiction
- You may want to file a complaint with a consumer protection entity such as the International Consumer Protection and Enforcement Network or the US Federal Trade Commission
- You may want to contact the spammer's Internet Service Provider
- You may want to contact the registrar of the spammer's email
If it's any consolation I've registered my fair share of domains and my experience has been the phone calls and spam email come to an end rather quickly.
*I did a quick Google search and discovered a number of services offering bulk access to WHOIS data.