ZACR warns about fake Govt sites

CERT-LatestNews ThreatsActivists ThreatsCybercrime ThreatsEconomic
ZACR says legitimate South African government Web sites will always end in, and not in, or any other domain name extension.

ZACR says legitimate South African government Web sites will always end in, and not in, or any other domain name extension.

The ZA Central Registry (ZACR) is warning the public to keep an eye out for fake versions of South African government e-mail addresses and Web sites. It says these are being used to trick consumers into divulging sensitive information such as usernames, passwords or financial data in order to perpetuate tender-related scams.

ZACR CEO Lucky Masilela says in the past there have been issues of ‘cyber squatting’, which refers to the registration of well-known company or brand names as Internet domain names with the intent to resell them at a profit.

Now, however, “new forms of domain name abuse unrelated to commercial rights have started to become apparent. Among these is what is known as phishing, where a domain name resembling, for example, a government department is registered, with the possibility of conducting fraudulent activities,” he says.

The ZACR is a non-profit company that administers, among others, the .za second level domain name space, with over 1.1 million domain names currently registered. Although the ZACR does not regulate Web site content of .za-registered domain names, it believes these domain names under its administration can be used in creating these Web sites.

“Domain names are essentially the route markers in cyber space and we are concerned about the increase in abusive registrations designed to lure unsuspecting consumers down the wrong path,” says Masilela.

  See also

ZACR says legitimate South African government Web sites will always end in, and not in, or any other domain name extension.

“There are strict eligibility criteria that must be met before a moderated domain such as may be registered, which is not the case with domains like, which are largely registered on a first-come, first served basis. An example of an illegitimate site is

“Members of the public should always double check the address of the Web site they are navigating to ensure they are interacting with a legitimate South African government Web site with a valid domain name, ending with,” Masilela adds.

According to ZACR, as a rule, there is no human interaction when a domain name is created in an unmoderated namespace like However, there are rights protection mechanisms in place to assist companies and individuals to challenge abusive domain name registrations that infringe on trademark rights or attempts to pass themselves off as an authentic domain name.

“ZACR believes individuals and organisations should be vigorous in protecting their intellectual property rights in cyber space in an effort to combat this unlawful and undesirable practice and will endeavour to render every assistance within the scope of its Registry Policy Framework in this regard,” Masilela says.

ZACR points out Section 77 of the ECT Act No. 25 of 2002 can also prove useful in cases where a fraudulent Web site is being hosted with a local Internet service provider (ISP) that is also an ISPA (Internet Service Providers’ Association of SA) member.

“Essentially, section 77 entitles anyone with a basis for an unlawful activity claim to lodge a ‘Take-Down Notice’ to an industry recognised representative body, such as ISPA, which has the power to request its member/s to remove the alleged unlawful content,” ZACR says.

According to ISPA, the leading category of notice is copyright and trademark infringement, followed by fraud, malware and phishing.

“The key to success will always be a vigilant and alert public. The abuse of domain names can largely be prevented if the public exercises the same degree of caution in the virtual world as they do in the real world,” Masilela concludes.

Concerned members of the public can also contact ZACR by e-mailing [email protected].

Our comments policy does not allow anonymous postings. Read the policy here