Submitting DNS abuse complaints to ICANN: A step-by-step guide

The Internet Corporation for Assigned Names and Numbers (ICANN) has released a new Step-by-Step Guide: Submitting DNS Abuse Complaints, designed to help internet users, security professionals, and stakeholders understand when and how to report Domain Name System (DNS) Abuse to ICANN Contractual Compliance. 

The new guide aims to clarify, standardise, and simplify the process to submitting complaints.

The guide walks readers through two major components of the reporting and escalation process:

• Identifying and reporting the issue to the appropriate party, which depending on the circumstances may be the domain’s registrar, the registry operator, or another actor within the DNS ecosystem such as a hosting company. The guide outlines how to determine which party is the most appropriate to investigate and act on the abuse and how to locate the abuse contact, and includes links to resources explaining what information should be included in an initial report to ensure it can be investigated efficiently. It also reminds complainants that ICANN’s contractual authority extends only to ICANN-accredited registrars and generic top-level domain (gTLD) registry operators, not hosting providers, website operators, or other intermediaries.
• When and how users may escalate a matter to ICANN if a registrar or registry operator fails to take prompt mitigation actions against well-documented DNS Abuse. The guide outlines the necessary evidence, including a list of affected gTLD domain names, screenshots demonstrating the domain’s use for abuse, and records indicating that the issue was initially reported to the registrar or registry. It also highlights the importance of consistency between the initial report and the complaint submitted to ICANN, as discrepancies may delay processing.