Phishing Fears as CIPRO Website Loses Government Ownership
After its registration expired, the CIPRO website domain has landed into the hands of a man from Mexico. CIPRO is the predecessor of the Companies and Intellectual Property Commission (CIPC).
The CIPC is responsible for business registration in South Africa and keeps a registry of business directors and their contact details.
The transfer of ownership of the CIPRO website has sparked fears of potential phishing attacks as the new owner now has access to create any @cipro.co.za email accounts.
These email accounts can be used to create legitimate-looking phishing emails which could be set up to steal login details and personal details of unsuspecting business owners.
Change of CIPRO Website Ownership
After the lapse of registration, the domain was registered to Mr Miguel Gomez on 17 August 2018.
A visit to www.cipro.co.zawill now re-direct a user to a Czech website, www.horux.cz. This website was previously mentioned on Facebook, offering Russian email accounts for sale, along with what appears to be a price-list for hacking services.
Having access to the CIPRO mail server means that account recovery and password reset emails can be accessed by the owner, and can then be used to reset those accounts to obtain access to them.
In response to questions sent by News24, the CIPC’s Kritzinger indicated that the responsibility for maintaining .gov.za websites lies with the State Information Technology Agency (SITA).
“The domain names, cipro.co.za, cipro.com, cipro.net and cipro.org are no longer of interest to CIPC. Both CIPRO and consequently CIPC have never had any mail addresses linked to @cipro.co.za. We can confirm that no mails have reticulated through this manner. We can also confirm that cipro.co.za does not resolve to cipc.co.za any longer. There were and are therefore no mail or transactional resolutions to the cipc.co.za site.”
He also urged stakeholders to remain vigilant when engaging online.
“Phishing on websites, CIPC included, is a daily occurrence. We are confident that our systems are secure.
“Users and stakeholders of all systems still need to be aware of the dangers of phishing. We will continue to engage with stakeholders, including the potential blocking of domains such as cipro.co.za in South Africa, to obviate confusion in this regard.”
It is important that business owners educate their employees on the threats of phishing attacks and that they put effective measures in place to avoid any attacks. Software solutions like YDOX was developed to significantly minimise the risk of any cuber attacks, keeping business documents safe, at rest and in transit.