"Phishing" is the process of using emails and/or websites to improperly obtain usernames, passwords and financial information. Complaints about phishing are outside of ICANN's scope and authority. For these types of complaints, please refer to one of the options listed below:
- You may want to contact a law enforcement agency in your jurisdiction.
- You may want to report a phishing attempt through the US-CERT and Anti-Phishing Working Group (APWG) website's Report Phishing page.
- You may want to file a complaint with a consumer protection entity such as the International Consumer Protection and Enforcement Network or the US Federal Trade Commission.
- You may want to contact the phishing domain name's web hosting provider.
- You may want to contact the registrar of the phishing domain name.
How to report a suspicious ICANN email or website
If you receive a suspicious email that appears to come from the ICANN org:
- Avoid clicking links or opening attached files.
- FORWARD the entire message to firstname.lastname@example.org.
- Do not alter the subject line or forward the message as an attachment.
- Delete the suspicious email from your inbox.
- If you have opened an attached file or clicked a suspicious link - report the incident to your IT support staff.
If you visit a suspicious website (or suspect a scam in any other form) that appears to be related to the ICANN org:
- Avoid clicking links and sharing any personal information (passwords, payments information…).
- Copy the site's web address and paste it into an email to email@example.com.
Tips to recognize and protect yourself from fraudulent emails and websites
The security of our community is one of our key priorities. While we actively investigate phishing emails that use the ICANN organization's likeness to fraudulently obtain financial or personal information, we recommend that you also take steps to protect yourself.
Review carefully every email you receive from the ICANN org and consider the following:
- Ask your email provider if they can use the ICANN SPF record to check which senders are authorized to use our domains and help filter out spoofed senders.
- Phishing emails and websites typically mirror familiar visuals and language, they may include the ICANN's branding and logo and appear as though the ICANN org is the sender.
- With rare exceptions, legitimate emails from the ICANN org will be sent from an icann.org domain.
- The ICANN org will never send you an email that asks you for your password or personal information. If you see an exception, please report it to us (firstname.lastname@example.org) so we can work with our service partners to make the necessary changes.
- Be suspicious of any webpage or email from ICANN that offers domain renewals or registration services. The ICANN org does not process domain registrations, send WHOIS Data Reminder Policy (WDRP) notices, issue certificate nor collect fees from registrants directly. All fee collections are transactions between the registrar and the domain name holder.
- Email attachments may contain malware. You should avoid opening one unless you are sure of their origin.
- Hyperlinks may direct you to malicious websites or forms. When possible, manually type the address of the page you wish to visit in your web browser instead of clicking directly on a link embedded in an email.
- Never enter your password into a page you arrived at by following a link in email.
- Phishing emails often communicate a false sense of urgency to prompt you to act before reviewing them carefully. For example, they might report that your account will be in jeopardy if something is not updated right away or that you will miss a great offer if you don't act quickly.