We want to issue a correction to a blog post we did in January.
While blogging about phishing attacks against EU CO2 Emission Trading Systems, we provided several examples of real phishing e-mails and phishing sites. However, we also mentioned a company called European Climate Registry (europeanclimateregistry.eu).
There were two reasons why we singled this company out. First, the EU had warned about European Climate Registry publicly as it is "not connected to European Commission". However, a company does not need to be connected to the EC if it wants to offer an alternative trading platform for trading carbon-related products.
Second, moreover, the domain europeanclimateregistry.eu looked suspicious to us, as standard WHOIS services listed the registrant information as "NOT DISCLOSED!". We later realized that EURid lists all .EU domain registrants as "NOT DISCLOSED!". You can only query the registrant information via EURids own web form. Thus, our information that the domain was registered with a domain privacy system was incorrect. We have no reason to conclude that European Climate Registry is involved in any wrongdoing.