[LINK] ICANN phishing

Kim Holburn kim at holburn.net
Sat Oct 28 07:30:22 AEST 2006 

On 2006 Oct 27, at 8:03 PM, Kim Davies wrote:
> Quoting Kim Holburn on Friday October 27, 2006:
> | I have received a number of emails from Domain registrars purporting
> | to be on behalf of ICANN and asking me to log into my registrar and
> | check the details of my domains.
> |
> | I am a bit taken aback that Domain registrars would send stuff like
> | this because these are so like phishing emails.  I can't see how  
> this
> | can be good in the long run.
>
> ICANN requires registrars to have domain registrants verify their  
> WHOIS
> data is correct once per year, in order to prevent stale data  
> ending up
> in the database. How the registrar implements it is more or less up to
> them.

I could see that from the emails.  I have seen quite different ones  
from different registrars.  The problem is that they are so similar  
to phishes that it took me quite a long time to examine them to  
determine if they were real or not.

How long before phishers take up this juicy plum eh?  What happens  
then?  If I got the same number of "registrar" emails as say I get  
paypal phishes I wouldn't have time to sort the real from the fake.   
(Well I don't have that many domain names but some people do).

Just think of the havoc phishers could cause if they managed to take  
over a small proportion of DNS names.

I don't think ICANN has thought this one through.  Simple text emails  
with directions and no links would have done the job.  It's still not  
clear from any of these emails what you actually have to do?  I know  
my domains are OK so do I simply have to "visit" my registrars'  
sites?  Is that enough?  Click a button saying OK?  There wasn't one.


> Information on the requirement is at
> http://www.icann.org/registrars/wdrp.htm
>
> kim

-- 
Kim Holburn
Security Manager, National ICT Australia Ltd.
Ph: +61 2 61258620 M: +61 417820641  F: +61 2 6230 6121
mailto:kim.holburn at nicta.com.au  aim://kimholburn
skype://kholburn - PGP Public Key on request
Cacert Root Cert: http://www.cacert.org/cacert.crt
Aust. Spam Act: To stop receiving mail from me: reply and let me know.
Use ISO 8601 dates [YYYY-MM-DD] http://www.saqqara.demon.co.uk/ 
datefmt.htm

Democracy imposed from without is the severest form of tyranny.
                           -- Lloyd Biggle, Jr. Analog, Apr 1961

More information about the Link mailing list