Press "Enter" to skip to content

Shooting the Duck – CIRA Sends Phishing Alert

Canadian domain registration body “CIRA”:http://www.cira.ca/ recently sent members (.ca domain owners) a message warning of phishing for domain-related information:
bq.. Ottawa , June 8, 2005 – The Canadian Internet Registration Authority (CIRA) wishes to remind dot-ca domain registrants (holders of dot-ca domain names) NOT TO RESPOND OR REPLY TO ANY EMAILS requesting confirmation of CIRA User Account Numbers and Passwords.
An unknown party appears to be attempting to obtain CIRA User Account Numbers and Passwords from dot-ca registrants by sending MISLEADING EMAIL NOTICES that appear to originate from CIRA. These misleading emails request that an account be confirmed to avoid suspension. The emails appear to originate from SUPPORT@CIRA.CA.
If you have replied to an email requesting your CIRA User Account Number and Password, and have included your CIRA User Account Number and Password in your reply, PLEASE CONTACT YOUR REGISTRAR IMMEDIATELY to request a new CIRA User Account Number and Password. If you do not know the name of your registrar, you may obtain it by entering your dot-ca domain name in the WHOIS field at “http://whois.cira.ca/public “:http://whois.cira.ca/public.
If you have received an email requesting your CIRA User Account Number and Password, please forward a copy of the email to security-advisory@cira.ca with the complete header information. Your cooperation with this matter will help CIRA estimate the number of misleading notices that have been sent to unsuspecting dot-ca domain name holders and to track the author of the email.
Similar fraudulent email schemes (labeled as “phishing” or “spoofing”) designed to obtain credit card numbers and Internet banking passwords have been reported by financial institutions since 2002.
CIRA User Account Numbers and Passwords are critical to the security of dot-ca domain names because they are needed to manage (e.g. renew, transfer, update, etc.) dot-ca domain names. CIRA does not request, and has never requested, that registrants provide CIRA User Account Numbers and Passwords by email to confirm registrant account information.
Those seeking additional information are invited to call CIRA’s Customer Support Unit at 1-877-860-1411 (8:00 to 20:00 Eastern, Monday to Friday).
For additional information: “http://www.cira.ca/news-releases/153.html”:http://www.cira.ca/news-releases/153.html
p. I’m tempted to say “enough with the warnings”, but I’m not so sure. At first glance these warnings look a lot like old-fashioned “don’t open e-mail with _(insert inane phrase here)_ in it” type messsages. People should know enough not to run Windows PCs without anti-virus software and they should know not to respond to spam. But now we also want them to know not to “shoot the duck”:http://weblogs.jupiterresearch.com/analysts/stein/archives/008674.html.
The problem is, how do we know when it _is_ a duck?

One Comment

  1. June Macdonald
    June Macdonald June 10, 2005

    Per last week’s posting on email attitudes from Pew Internet, a significant number of users DO respond to these messages and to spam. Anyone who works in a sizable company that’s been slowed down by someone opening a virus attachment knows you can never stop educating!

Comments are closed.