ICANN was recently alerted to a new phishing scam concerning domain registration renewals. The phishing emails use ICANN's branding and logo, and can appear as though ICANN is the sender. However, once registrants click on links within the spoofed email, they are taken to a fake registration renewal site that captures their credit card and personal information.
Phishing scams, like these, are a popular tool among cybercriminals. They mirror familiar brand imagery, visuals and language in order to fraudulently obtain credentials and personal financial information from users.
ICANN does not process domain registrations, nor collect fees from registrants directly. As a best practice, if an email looks suspicious or is similar to the example above, registrants should avoid clicking on any links in these emails and delete them from the inbox.
ICANN is actively investigating these cases and advises registrants who encounter similar incidents to report them to ICANN immediately via an email to Contractual Compliance at firstname.lastname@example.org. For any concerns about domain name status, registrants should contact their sponsoring registrar directly.