Whois Phishing
- SB
- Genius
- Joined: 16 Nov 2004
- Posts: 6947
- Loc: Edinburgh, Scotland
- Status: Offline
October 31st, 2008, 6:44 pm
Got an email just a short while ago which i'm slightly surprised by...
For a start, i've not recieved any emails from them to notify me of "incorrect information" and secondly they don't even state which domain name this is. I've purchased many many domain names in the past, so it's kinda tough trying to work out which one they are talking about.
I get so many spam and scam emails daily and not many do i ever think twice about. Immediately when i saw this i looked to see what the email address it was sent to was and right enough they sent it to a non-existent email address that got filtered to my main personal site email address. So, being logical i am to assume they are talking about my main website. My main website domain name i have owned for 3 and a bit years now and it is a .co.uk, so obviously i can't help but wonder why a company in the US would have an issue with it. Nominet deals with domain registrations in the UK, so they would be the one that could have got in touch if anyone.
There were no attachments in the email, just the two domain names you see linked. Anyone got any ideas on what the purpose of this email is because i am finding it difficult to figure out what it is and i'm slightly convinced that it isn't something i should be concerned about. Infact, just take a look at the time the email was sent, even if it is supposed to be in GMT then the compaint was made in about 20 minutes time...
Quote:
Dear user,
On Sat, 1 Nov 2008 02:03:11 +0100 we received a third party complaint of invalid domain contact information in the Whois database for this domain. Whenever we receive a complaint, we are required by ICANN regulations to initiate an investigation as to whether the contact data displaying in the Whois database is valid data or not. If we find that there is invalid or missing data, we contact both the registrant and the account holder and inform them to update the information.
The contact information for the domain which displayed in the Whois database was indeed invalid. On Sat, 1 Nov 2008 02:03:11 +0100 we sent a notice to you at the admin/tech contact email address and the account email address informing you of invalid data in breach of the domain registration agreement and advising you to update the information or risk cancellation of the domain. The contact information was not updated within the specified period of time and we canceled the domain. The domain has subsequently been purchased by another party. You will need to contact them for any further inquiries regarding the domain.
PLEASE VERIFY YOUR CONTACT INFORMATION - http://www.enom.com
If you find any invalid contact information for this domain, please respond to this email with evidence of the specific contact information you have found to be invalid on the Whois record for the domain name. Examples would be a bounced email or returned postal mail. If you have a bounced email, please attach or forward with your reply or in the case of returned postal mail, scan the returned letter and attach to your email reply or please send it to:
Attn: Domain Services 14455 N Hayden Rd Suite 219 Scottsdale, AZ 85260
LINK TO CHANGE INFORMATION - http://www.enom.com
Thank you,
Domain Services
On Sat, 1 Nov 2008 02:03:11 +0100 we received a third party complaint of invalid domain contact information in the Whois database for this domain. Whenever we receive a complaint, we are required by ICANN regulations to initiate an investigation as to whether the contact data displaying in the Whois database is valid data or not. If we find that there is invalid or missing data, we contact both the registrant and the account holder and inform them to update the information.
The contact information for the domain which displayed in the Whois database was indeed invalid. On Sat, 1 Nov 2008 02:03:11 +0100 we sent a notice to you at the admin/tech contact email address and the account email address informing you of invalid data in breach of the domain registration agreement and advising you to update the information or risk cancellation of the domain. The contact information was not updated within the specified period of time and we canceled the domain. The domain has subsequently been purchased by another party. You will need to contact them for any further inquiries regarding the domain.
PLEASE VERIFY YOUR CONTACT INFORMATION - http://www.enom.com
If you find any invalid contact information for this domain, please respond to this email with evidence of the specific contact information you have found to be invalid on the Whois record for the domain name. Examples would be a bounced email or returned postal mail. If you have a bounced email, please attach or forward with your reply or in the case of returned postal mail, scan the returned letter and attach to your email reply or please send it to:
Attn: Domain Services 14455 N Hayden Rd Suite 219 Scottsdale, AZ 85260
LINK TO CHANGE INFORMATION - http://www.enom.com
Thank you,
Domain Services
For a start, i've not recieved any emails from them to notify me of "incorrect information" and secondly they don't even state which domain name this is. I've purchased many many domain names in the past, so it's kinda tough trying to work out which one they are talking about.
I get so many spam and scam emails daily and not many do i ever think twice about. Immediately when i saw this i looked to see what the email address it was sent to was and right enough they sent it to a non-existent email address that got filtered to my main personal site email address. So, being logical i am to assume they are talking about my main website. My main website domain name i have owned for 3 and a bit years now and it is a .co.uk, so obviously i can't help but wonder why a company in the US would have an issue with it. Nominet deals with domain registrations in the UK, so they would be the one that could have got in touch if anyone.
There were no attachments in the email, just the two domain names you see linked. Anyone got any ideas on what the purpose of this email is because i am finding it difficult to figure out what it is and i'm slightly convinced that it isn't something i should be concerned about. Infact, just take a look at the time the email was sent, even if it is supposed to be in GMT then the compaint was made in about 20 minutes time...
- Anonymous
- Bot
- Joined: 25 Feb 2008
- Posts: ?
- Loc: Ozzuland
- Status: Online
October 31st, 2008, 6:44 pm
- SB
- Genius
- Joined: 16 Nov 2004
- Posts: 6947
- Loc: Edinburgh, Scotland
- Status: Offline
October 31st, 2008, 6:47 pm
So, in 20 minutes time i am going to get an email asking me to confirm that my contact information is correct. If not i will lose my domain name and it will instantly be snapped up.
Seems kinda funny as the email is telling me what happened while also predicting the immediate future
Seems kinda funny as the email is telling me what happened while also predicting the immediate future
- spork
- Rotaredom
- Joined: 22 Sep 2003
- Posts: 5292
- Loc: Rochester, NY
- Status: Offline
October 31st, 2008, 6:57 pm
- neksus
- Mastermind
- Joined: 10 Sep 2004
- Posts: 2206
- Loc: Canada
- Status: Offline
October 31st, 2008, 7:03 pm
- joebert
- S.T. Manager
- Joined: 10 Feb 2004
- Posts: 11002
- Loc: Clearwater, FL
- Status: Offline
October 31st, 2008, 8:19 pm
The squeaky wheel gets the grease, but the whining wheel gets replaced.
Picksel: Ubuntu/Gnome alternative to Colorpix
Picksel: Ubuntu/Gnome alternative to Colorpix
- ATNO/TW
- Super Moderator
- Joined: 28 May 2003
- Posts: 21849
- Loc: Pittsburgh PA
- Status: Offline
October 31st, 2008, 11:31 pm
"The web is a dominatrix. Every where I turn, I see little buttons ordering me to Submit."
Boasting Rights Sports Forum || Nuclear Services - www.alaron-nuclear.com
Boasting Rights Sports Forum || Nuclear Services - www.alaron-nuclear.com
- SB
- Genius
- Joined: 16 Nov 2004
- Posts: 6947
- Loc: Edinburgh, Scotland
- Status: Offline
November 1st, 2008, 8:03 am
Well i guess this answers everything...
And here is the linked email example...
eNom main page wrote:
e recently became aware of the below fraudulent email circulating to customers requesting that customers log into their accounts to correct inaccurate WHOIS information.
Here is an image of the e-mail.
That email is not legitimate, and we believe it is an attempt to compromise your accounts and/or domain names.
If you have received the email above and you attempted to log into your accounts using the links in the email, login to your account and immediately go to My Info to update your password and your secret question/answer. If you believe that your account has been compromised, please contact us.
Here is an image of the e-mail.
That email is not legitimate, and we believe it is an attempt to compromise your accounts and/or domain names.
If you have received the email above and you attempted to log into your accounts using the links in the email, login to your account and immediately go to My Info to update your password and your secret question/answer. If you believe that your account has been compromised, please contact us.
And here is the linked email example...
- neksus
- Mastermind
- Joined: 10 Sep 2004
- Posts: 2206
- Loc: Canada
- Status: Offline
November 1st, 2008, 9:05 am
there's your answer
the link isn't correct
the link isn't correct
- SB
- Genius
- Joined: 16 Nov 2004
- Posts: 6947
- Loc: Edinburgh, Scotland
- Status: Offline
November 1st, 2008, 9:25 am
- joebert
- S.T. Manager
- Joined: 10 Feb 2004
- Posts: 11002
- Loc: Clearwater, FL
- Status: Offline
November 1st, 2008, 10:19 am
The squeaky wheel gets the grease, but the whining wheel gets replaced.
Picksel: Ubuntu/Gnome alternative to Colorpix
Picksel: Ubuntu/Gnome alternative to Colorpix
- bastones
- Novice
- Joined: 02 Nov 2008
- Posts: 16
- Status: Offline
November 2nd, 2008, 2:09 pm
dynBB.com PHP Tutorials & Webmaster Help Forums - need help? find PHP tutorials, help & more @ dynBB.com forums! CSS, PHP, MySQL & more!
- paul8368
- Novice
- Joined: 15 Sep 2008
- Posts: 27
- Loc: UK
- Status: Offline
November 3rd, 2008, 5:43 am
I've had emails like this as well and ignored them, but the frequency appears to be increasing. The source email address changes so my Mcaffee spam filter doesn't cope with them 
fortunately I'm with gmail for my main correspondence so its not a huge issue.
I am starting to get an excess in there as well so I've started archiving the ones I know I need for reference not immediately and checking the rest on my iPhone but it all takes time which I should be using to run my business
Paul
fortunately I'm with gmail for my main correspondence so its not a huge issue.I am starting to get an excess in there as well so I've started archiving the ones I know I need for reference not immediately and checking the rest on my iPhone but it all takes time which I should be using to run my business
Paul
Page 1 of 1
To Reply to this topic you need LOGIN or REGISTER. It is free.
Post Information
- Total Posts in this topic: 12 posts
- Moderator: Moderator Team
- Users browsing this forum: craniul 26, George L. and 73 guests
- You cannot post new topics in this forum
- You cannot reply to topics in this forum
- You cannot edit your posts in this forum
- You cannot delete your posts in this forum
- You cannot post attachments in this forum
