<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.2900.3020" name=GENERATOR></HEAD>
<BODY>
<DIV dir=ltr align=left><SPAN class=250084502-17012007><FONT face=Arial
color=#0000ff size=2>hey</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=250084502-17012007><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=250084502-17012007><FONT face=Arial
color=#0000ff size=2>these may be automated renewal notices from the previous
website. i dont know what could have triggered them now. i will check if thts
the case. wats the progress on the new website? i am kind of out of the loop.
should i be shutting down this website?</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=250084502-17012007><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=250084502-17012007><FONT face=Arial
color=#0000ff size=2>bhavin</FONT></SPAN></DIV><BR>
<BLOCKQUOTE
style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #0000ff 2px solid; MARGIN-RIGHT: 0px">
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> owner-registrars@gnso.icann.org
[mailto:owner-registrars@gnso.icann.org] <B>On Behalf Of </B>Robert F.
Connelly<BR><B>Sent:</B> Tuesday, January 16, 2007 4:57 PM<BR><B>To:</B>
Registrars Constituency<BR><B>Subject:</B> [registrars] From Treasurer of
Registrars Constituency, WARNING, CAUTION, possible
phishing.<BR><B>Importance:</B> High<BR></FONT><BR></DIV>
<DIV></DIV>Dear Members:<BR><BR>Several of our members have received the
following Email. The first red text was highlighted by me to show the
obvious misspelling of "following":<BR><BR>Mail Body: Registrar XXXXX has
signed up with email id:
XXX@XXX.com<X-TAB> </X-TAB><BR><BR>Please sign in
and click on the <FONT color=#ff0000>folling</FONT> link <A
href="http://www.icannregistrars.org/Default.aspx?tabid=38"
eudora="autourl">http://www.icannregistrars.org/Default.aspx?tabid=38</A> for
registrar approval/rejection. <BR><BR>Regards, <BR>Site Admin<BR><BR>close
quote:<BR><BR>The source of the incoming email was
<admin@icannregistrars.org>. Whoever wrote it has no official
standing with the Registrars Constituency. Please be cautious. Do
not attempt to pay any RC fees on this site. Do not give any passwords,
credit card numbers, etc. It may well be a phishing
expedition:-(<BR><BR>One registrar *did* attempt to pay through this web
site. He wrote to Jay and me as follows:<BR><BR>
<BLOCKQUOTE class=cite cite="" type="cite"> Regarding a trouble I have
in the payment of membership fee, I would<BR>be grateful if you could give
me better ways to pay it. I am not sure<BR>to whom I should ask the trouble,
I would appreciate your providing<BR>the name, title, or e-mail address I
may contact, if you know.<BR><BR><FONT color=#ff0000> After I completed
online payment by credit card,</FONT> I received the<BR>'Documents Required'
notice which required us to submit fax<BR>authorization by signature because
of HIGH RISK classification for our<BR>business credit card. ...
</BLOCKQUOTE><BR>
<BLOCKQUOTE class=cite cite="" type="cite"> I wonder if I can cancel
the trackingid and re-register and pay with<BR>another credit card. I found
that our name doesn't exist in 'Select<BR>registrar:' list on page for
Register at<BR><A
href="http://www.icannregistrars.org/Default.aspx?tabid=43&ctl=Register"
eudora="autourl">http://www.icannregistrars.org/Default.aspx?tabid=43&ctl=Register</A>
, as<BR>we are in process of registration. </BLOCKQUOTE><BR>end
quote:<BR><BR>I, too, tried to sign in but could not find Domains Only on the
list. I checked for other missing registrars, none that I checked were
there, netsol, Godaddy, psi-japan, etc.<BR><BR>The red highlighting, above, is
mine. It looks very much as though this registrar has been exposed to
phishing. <BR><BR>Jay has "scrambled" the DNS for icannregistrars.org so
there should be no more exposure. If any of you has already put data in
the web site, take protective measures ASAP.<BR><BR>Regards,<BR>Bob
Connelly<BR>Treasurer<BR><BR><BR><BR> </BLOCKQUOTE></BODY></HTML>