ICANNResolve Domain Phishing Attempt

by on June 24, 2008 at 3:53 pm

I obviously don’t write about the vast majority of phishing attempts that I’ve seen, but this one was unique.

Phishers are beginning to strike domain registrants. Webmaster/domain-related forums are discussing this extensively.

While there are plenty of legal (but scummy) snail mail scams that attempt to trick you into switching registrars, this is the first time that I’ve seen an organized effort to actually phish for domains. I expect this phish attempt to be successful for several reasons:

  • The email got through gmail’s superb spam filters
  • The email resembles ICANN-related communication
  • ICANN is in the news currently because it is debating new extensions, so people would expect changes from them around now

Anyway, if you get the email below, don’t respond.

Dear Domain Account Holder,

You are being sent this notice from ICANN due to the fact that you
currently own an active domain name. ICANN is currently upgrading all
domains from their registry database.

The upgrade will introduce new control options for your domain and easier
access. The new upgrade is required by the registry. All domain users are
expected to submit their domain information manually at
LINK REMOVED with the
required information for ICANN to apply the required updates.

The upgrades will be applied to accounts on a first come, first serve
basis. You have until July 25, 2008 to submit the required information to
avoid service and domain interruption.

Thank you for your time.

Sincerely,

ICANNResolve
ICANN.org Resolutions Department
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License. | Dave Naffziger's BlogDave & Iva Naffziger