I regret I didn’t blog about this sooner since it’s only now I set aside some time for it. I just hope it’s not too late.
There’s been two recent potential scam emails involving two registrars. If you got them, please do not do what it tells you to do!
The two emails involve domain registrars eNom and Network Solutions. In reality, it uses a practice called phishing to try to capture your login details and steal your domain names with either registrar!
I once blogged about phishing since domain registrar Moniker also had this happen to them. But as a recap on what it is:
http://en.wikipedia.org/wiki/Phishing
In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication.
I didn’t see any online reports about this, so I guess it was contained on time.
One email supposedly informs you that your domain name has been cancelled due to invalid domain registration data, then sold to another party. The email said to contact the new owner or buyer via a link.
The link actually goes to a “sub domain” site, something like enom.domain.com. While I haven’t accessed the site, I’ve seen cases where such links would either try to capture the user’s login details, or put “stuff” in the user’s computer to compromise and steal their private information.
Fortunately, eNom posted a copy of such an email. You can view it here.
The second one involves Network Solutions. While I can’t post an online copy of the email without permission from someone I found, one person in a forum was kind enough to post a copy.
The email asked you to access a link to update your contact information to receive some kind of “proceeds” from them. It’s using Network Solutions’ practice of paying (or at least trying to pay) a user proceeds from the auction of their “former” domain registration.
Similarly, the link is actually a subdomain. Something like networksolutions.subdomain.com, wherein the subdomain.com part is a .mobi registration.
Hmm, those scammers are arguably getting more “clever”, exploiting existing processes to try to get your information. Again, if you received those emails, do not do what they ask you to do.
If you get them, you can contact (or better yet, call) your domain registrar and report it or verify the email you supposedly received from them. Be ready to disregard them if your registrar confirms they’re fake.
If you did click on them, though, then contact your registrar right away also. Let them know what happened, and they might be able to help you resolve that without further incident.
I’m sure we’re going to see more attempts like this, so be on your guard.
Popularity: 45% [?]
It figures Dave that these no-gooder’s get more creative at their trade. Couldn’t you imagine what things would be like if they plied their trade by doing something legally?
Great post though about phishing though. Folks need to be aware so as to not get robbed of their domains.
You bet, Scott. Help spread the word.