Dec 13th, 2004.
CIRA (the .ca registry) has warned us that they are going to
send a mailout to all .ca registrants warning of "Misleading
Verification Notices". Their summary instructions are "Do not
share your CIRA User Account Number or Password with anyone"
(which is plain good advice).
The core of the message is:
CIRA has learned that an unknown party is attempting to obtain CIRA User
Account Numbers and Passwords from dot-ca registrants by sending
MISLEADING EMAIL NOTICES that appear to originate from CIRA.� These
misleading emails request that CIRA User Account Numbers and Passwords be
provided to validate registrant information and prevent domain name
suspension (inactivation). The emails originate from COMPLIANCE@CIRA.CC.
CIRA's compliance email address is COMPLIANCE@CIRA.CA
This type of fraudulent messaging has become quite common on the
internet. It is another form of identity theft. Banks, E-Bay and Paypal
have been common targets in the past. The rules of thumb are to
try to be sure you know who you are talking to, and try to type in URLs
yourself instead of following ones supplied in an e-mail or on a web page
that you do not already trust. This is part of "taking adequate security
precautions".
|