Advisory on Registrar Impersonation Phishing Attacks

Citation
ICANN, Security and Stability Advisory Committee (SSAC), Advisory on Registrar Impersonation Phishing Attacks (May 2008) (full-text).

Overview
This Advisory describes a form of phishing attack that targets domain name registrants. The attacker impersonates a domain name registrar and sends an expected or anticipated correspondence to a registrar's customer (a registrant) regarding a domain name related matter. The phisher creates a web site that is deceptively similar to the registrar's site to induce the customer into accessing his domain management account and unwittingly disclose his account credentials to the phisher. The phisher will use the customer's captured credentials to access the customer's domain name portfolio, alter DNS information of domain name(s) in that account and use the domains to abet additional attacks.