[Feature Request] ICANN Mode

As someone who regularly reports phishing incidents, I’ve found the process of compiling and sending these reports about specific registrars to ICANN to be quite manual and time-consuming. This is especially true when it involves including detailed email headers in each report.

I propose the addition of an “ICANN Mode” on phish.report. This mode would ideally allow users to:

  1. Generate a consolidated file of their phishing reports, tailored to a specific registrar.
  2. Include detailed email headers automatically in each report.
  3. Format the reports in a manner that aligns with ICANN’s reporting requirements.

The introduction of such a feature would not only streamline the reporting process for users like myself but also enhance the efficiency and effectiveness of the anti-phishing efforts as a whole.

Many of my reports to ICANN go unresolved, since I don’t have the time to sift through 50 reports, and consolidate them into a single email response.

I understand that implementing new features can be challenging, but I believe that the ICANN Mode would be a valuable addition.

Sorry if bumping threads isn’t allowed. I don’t see any rules stating not to…

This is a feature that would really help. The data is already available within Phish.Report, as it’s CCd on every email. I just need to be able to consolidate emails regarding a single registrar. Even if there are limits to how many can be done at once, if I could specify date ranges, that would work too.

Hey, what’s the goal of reporting to ICANN? Is this in the case of registrars not responding to abuse reports?

1 Like

Correct. I make a report about non-responsive registrars.

ICANN asks for thorough documentation of correspondence with the registrar, including email headers.

I start pulling the information, but it is tedious and time consuming. It’s nearly impossible to do on a phone, so I can’t do it while sitting around with time to kill, but with no laptop around. I run out of time, then forget to go back and keep working on it. The report expires and I need to start over. I phish hunt as a hobby, so I don’t have the time to sit and sift through email headers. That’s why I use Phish Report, because it saves me the steps of having to check for the parties involved in a domain, screenshot it, and manually find the abuse forms.

Ideally I want to be able to pull a document (pdf or csv or something) including all my correspondence with a particular registrar. Bonus points if I can filter by those that have not made a response. All of this is already in Phish Report, since its email is copied on every report, and most registrars reply all.