ICANN: Alert on Domain Name Renewal Phishing Scam
ICANN was recently alerted to a new phishing scam concerning domain registration renewals. The phishing emails use ICANN’s branding and logo, and can appear as though ICANN is the sender. However, once registrants click on links within the spoofed email, they are taken to a fake registration renewal site that captures their credit card and personal information.
Phishing scams, like these, are a popular tool among cybercriminals. They mirror familiar brand imagery, visuals and language in order to fraudulently obtain credentials and personal financial information from users.
ICANN does not process domain registrations, nor collect fees from registrants directly. As a best practice, if an email looks suspicious or is similar to the example above, registrants should avoid clicking on any links in these emails and delete them from the inbox.
ICANN is actively investigating these cases and advises registrants who encounter similar incidents to report them to ICANN immediately via an email to Contractual Compliance at
This email address is being protected from spambots. You need JavaScript enabled to view it.
. For any concerns about domain name status, registrants should contact their sponsoring registrar directly.
This ICANN announcement was sourced from:
http://newgtlds.icann.org/en/announcements-and-media/announcement-29sep14-en
The following blog posting on the phishing scam is also available from the ICANN website with more informtion:
Be Careful What You Click: Alert of New Fraudulent Domain Renewal Emails by ave Piscitello, ICANN Senior Security Technologist
Phishing is a type of email scam that cybercriminals use to steal credit card or personal identifying information. The Anti-Phishing Working Group (APWG) reported that 125,215 attacks occurred [PDF 1.28 MB] in January through March of this year alone, which reminds us to be suspicious of “too good to be true” offers you receive in email, even if they appear to come from places you interact with or trust, including ICANN.
To read this blog post in full, see:
https://www.icann.org/news/blog/be-careful-what-you-click-alert-of-new-fraudulent-domain-renewal-emails