Skip to main content
Resources

About Phishing

"Phishing" is the process of using emails and/or websites to improperly obtain usernames, passwords and financial information. Complaints about phishing are outside of ICANN's scope and authority. For these types of complaints, please refer to one of the options listed below:

  • You may want to contact a law enforcement agency in your jurisdiction.
  • You may want to report a phishing attempt through the US-CERT and Anti-Phishing Working Group (APWG) website's Report Phishing page.
  • You may want to file a complaint with a consumer protection entity such as the International Consumer Protection and Enforcement Network or the US Federal Trade Commission.
  • You may want to contact the phishing domain name's web hosting provider.
  • You may want to contact the registrar of the phishing domain name.

How to report a suspicious ICANN email or website

If you receive a suspicious email that appears to come from the ICANN org:

  1. Avoid clicking links or opening attached files.
  2. FORWARD the entire message to globalsupport@icann.org.
  3. Do not alter the subject line or forward the message as an attachment.
  4. Delete the suspicious email from your inbox.
  5. If you have opened an attached file or clicked a suspicious link - report the incident to your IT support staff.

If you visit a suspicious website (or suspect a scam in any other form) that appears to be related to the ICANN org:

  1. Avoid clicking links and sharing any personal information (passwords, payments information…). 
  2. Copy the site's web address and paste it into an email to globalsupport@icann.org.

Tips to recognize and protect yourself from fraudulent emails and websites

The security of our community is one of our key priorities. While we actively investigate phishing emails that use the ICANN organization's likeness to fraudulently obtain financial or personal information, we recommend that you also take steps to protect yourself.

Review carefully every email you receive from the ICANN org and consider the following:

  • Ask your email provider if they can use the ICANN SPF record to check which senders are authorized to use our domains and help filter out spoofed senders.
  • Phishing emails and websites typically mirror familiar visuals and language, they may include the ICANN's branding and logo and appear as though the ICANN org is the sender.
  • With rare exceptions, legitimate emails from the ICANN org will be sent from an icann.org domain.
  • The ICANN org will never send you an email that asks you for your password or personal information. If you see an exception, please report it to us (globalsupport@icann.org) so we can work with our service partners to make the necessary changes.
  • Be suspicious of any webpage or email from ICANN that offers domain renewals or registration services. The ICANN org does not process domain registrations, send WHOIS Data Reminder Policy (WDRP) notices, issue certificate nor collect fees from registrants directly. All fee collections are transactions between the registrar and the domain name holder.
  • Email attachments may contain malware. You should avoid opening one unless you are sure of their origin.
  • Hyperlinks may direct you to malicious websites or forms. When possible, manually type the address of the page you wish to visit in your web browser instead of clicking directly on a link embedded in an email.
  • Never enter your password into a page you arrived at by following a link in email.
  • Phishing emails often communicate a false sense of urgency to prompt you to act before reviewing them carefully. For example, they might report that your account will be in jeopardy if something is not updated right away or that you will miss a great offer if you don't act quickly.
Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as""icann.org"" is not an IDN."