Info! Please note that this translation has been provided at best effort, for your convenience. The English page remains the official version.

The risk of sharing your credentials to third parties

Published On -

This is to alert AFRINIC Resource Members of a misleading email communication from purported representatives of a fictitious organization; targeted at AFRINIC  Resource Members (“members”), soliciting them to sign a power of attorney form and surrender their MyAFRINIC portal credentials with them for the purpose of casting a vote for Board Member’s seat. Here is an example of such an email.

AFRINIC strongly condemns such an attempt, and we wish to remind our members that their MyAFRINIC login credentials are private and confidential to our members only.

The MyAFRINIC portal is the platform used by members to manage the IP Number Resources delegated by AFRINIC. Access to this platform means that the third party can cast a vote (including for board members' elections) on behalf of the members. Moreover, the access also means one could modify information of the organization, delegated resources, and critical service configurations for Reverse DNS Delegations, RPKI ROAs, and Internet Routing Registry, causing misleading routing information for the global internet. Such access can also be used to trigger resource transfer. This can have serious consequences, not just for your organization, but for the entire Internet community.

We want to make it very clear that this is a scam as no Board election is presently being organized by AFRINIC, and we strongly advise all members not to share the MyAFRINIC login credentials with third parties no matter how legitimate the request may seem. Do note that AFRINIC shall not be held liable or responsible for any damage or harm caused by such unauthorised disclosure.

We take the security of our member's information very seriously, and we cannot, under any circumstance, encourage our members to share their credentials with a third party. Instead, we encourage our members to be cautious and protect their information at all times.

We are constantly monitoring for any suspicious activity on our systems and recommend that you regularly change your login credentials, use strong passwords and use 2-Factor Authentication.

In case you receive any such further or similar requests, we urge you to report them to us immediately.

If you have any questions or concerns, please feel free to reach out to us at This email address is being protected from spambots. You need JavaScript enabled to view it..

Print Friendly, PDF & Email
Last Modified on -