|
|
Netcraft
========
Site Search
Webserver SearchWhat's that site running?... Example: .sco.com
Example: www.netcraft.com RSS feed
Netcraft ServicesInternet ExplorationNetcraft Toolbar
Whats that site running?
SearchDNS
Sites on the Move
Internet Data MiningHosting Provider Switching Analysis
Hosting Provider Server Count
Hosting Reseller Survey
SSL Survey
Web Server Survey Archive
PerformanceHosting Prospects Performance Alerts
Hosting Providers Network Performance
Dedicated Server Monitoring
SecurityAnti-Phishing Toolbar
Audited by Netcraft
Audited by Netcraft FAQ
Bank Fraud Detection
Phishing Site Countermeasures
Automated Security Testing
Dedicated Server Monitoring
Web Application Security Testing
Web Application Security Course
AdvertisingBanner Advertising on Netcraft
About NetcraftAbout Netcraft
Jobs at Netcraft
Fair Use, Copyright
Site Privacy Statement
Visiting Netcraft
Contact UsWebmaster
CategoriesAbout Netcraft
Around the Net
Banner Advertising
Dogfood
Hosting
Interviews
Netcraft Services
Performance
Security
Web Server Survey
Full Index
DatesJanuary 2005
December 2004
November 2004
October 2004
September 2004
August 2004
July 2004
June 2004
May 2004
April 2004
March 2004
February 2004
January 2004
December 2003
November 2003
October 2003
September 2003
August 2003
July 2003
June 2003
May 2003
April 2003
March 2003
February 2003
January 2003
September 2002
March 2002
« Previous | Up | Next »
Phishers Target .ca Domain Name Owners
Security
Phishing scams are targeting domain name owners, including one that
sent emails from a domain that resembles the Canadian Internet
Registration Authority (CIRA) in an effort to trick registrants into
providing usernames and passwords for their domain management
accounts.
The CIRA warned .ca domain owners about the scam, which sends emails
orginating from the address complaince@cira.cc, rather than the
group's official compliance email address, compliance at cira.ca. The
use of such "look-alike" domains has become common in phishing scams
targeting financial institutions. The scam email says the CIRA is
"exercising our right to verify the registrant information." This
tactic mimics legitimate emails sent in recent weeks by numerous
registrars, who sought to verify account information ahead of an ICANN
rule change.
"CIRA has learned that an unknown party is attempting to obtain CIRA
User Account Numbers and Passwords from dot-ca registrants by sending
MISLEADING EMAIL NOTICES that appear to originate from CIRA," the
group said in a statement. "These misleading emails request that CIRA
User Account Numbers and Passwords be provided to validate registrant
information and prevent domain name suspension (inactivation)." The
CIRA emphasizes that it does not ever ask registrants to share login
credentials via email.
The .cc domain is a top-level domain for the Cocos Islands, a small
island nation in the Indian Ocean that makes the .cc domain available
to registrars. The CITA appears to have gained control of the cira.cc
domain which is now registered to a CIRA representative.
Although the use of similar domains can add considerable credibility
to an attack, it also gives the institution an opportunity to defend
its customers, and creates precisely the scenario anticipated by our
domain fraud detection service. This allows domain owners to pre-empt
such frauds through prompt action as soon as they notice domains that
may be attempting to masquerade as their institution. Netcraft's
service can often spot such suspicious domain registrations within 24
hours.
Posted by richm at December 15, 2004 02:51 PM | Subscribe
« Previous | Up | Next »
Copyright © Netcraft Ltd 2005
target
target