Domain Empire

Sendgrid fake name transfer authorization

Spaceship Spaceship
Watch
Kuffy

Kuffy

Name StagTop Member
VIP
Impact
5,321
Yesterday I initiated a transfer from one registrar to another. The registrant email addy was one on my BuyAny.com domain, and I used thunderbird to read the mail. When I looked at the transfer confirmation link, it appeared to be a standard Name Silo one. However, Thunderbird gave me a scam alert warning, and a quick check revealed that it had been cloaked and the real destination was a long url on sendgrid.net. Copy and paste allowed me to confirm the transfer in the normal way.

Now the question? Does anyone know about this scam? Is it my mail server that has been hacked, or is it a problem with the losing registrar?
 
Click to expand...
Reply
0
0 Like
0 Thanks
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
Sort by date Sort by points
sendgrid provides email tracking. it *might* not be a scam. @namesilo can confirm
 
Click to expand...
Reply
0
0 Like
0 Thanks
•••
I looked ata a gmail transfer, and the link in the mail there is uncloaked. I guess that's bad news, as my mail server may be compromised.
 
Click to expand...
Reply
0
0 Like
0 Thanks
•••
What do you mean? What's gmail transfer?
 
Click to expand...
Reply
0
0 Like
0 Thanks
•••
Click to expand...
Reply
0
0 Like
0 Thanks
•••
Okay. I don't, atm, believe that your e-mail or mailserver is compromised. Who's the sender of the e-mail (Losing registrar or Namesilo, the latter, I gather is the gaining registrar)?
 
Click to expand...
Reply
0
0 Like
0 Thanks
•••
OnLineNIC ---> NameSilo

I'll try another transfer to a different thunderbird account in a minute to see what happens.

Another problem is that gmails arrive pretty quickly, but those to my names can take an hour or more, and sometimes I have to request a resend. Other mails to my server boxes are pretty instant, so I don't think it is a hosting problem.
 
Last edited:
Click to expand...
Reply
1
1 Thanks
0 Like
•••
Update -

I used the email associated with my casino names management site, and the first mail didn't arrive. A request for a re-send produced a response in a reasonable time. The scam warning was in this one as well because of the cloaking. This is a different box on a different domain, but still in the same hosting plan.

I guess the next stage is an email to the losing registrar to ask if they are messing around with the links. It's really annoying, and it has wasted quite a bit of my time researching the problem.
 
Click to expand...
Reply
0
0 Like
0 Thanks
•••
I'm pretty sure that the sendgrid link is purely to track if the link was used and/or clicked, from where and other similar associated analytics.
 
Click to expand...
Reply
0
0 Like
0 Thanks
•••
Kuffy said:
The scam warning was in this one as well because of the cloaking
Click to expand...
I'm not sure of the scam warning is only because of cloaking. I've seen legit e-mails from legit senders also display the scam warning (For example, from my legit bank). Thunderbird's scam warning is pretty crappy

ETA: I'm also a daily Tbird user...
 
Click to expand...
Reply
0
0 Like
0 Thanks
•••
Well I need to find out why they are tracking mail to my servers, and not to gmail. I would have thought that a gmail addy was more suspect, than a box on a 14 year old name with the same registrant for that period.
 
Click to expand...
Reply
0
0 Like
0 Thanks
•••
Sendgrid is great I use them for multiple applications, on forums I run, and such.

Depending on your Sendgrid settings, the URL may be a long one created by Sendgrid or the actual URL. The "long URL" is not indicative of a scam if it is Sendgrid that has created the URL, just the way Sendgrid works, a service/method they provide for tracking.

To make the URLs remain without change, access Sendgrid Tracking
Settings/Tracking/Click Tracking
and inactivate Click Tracking so that the URLs remain intact.
 
Last edited:
Click to expand...
Reply
0
0 Like
0 Thanks
•••
Kuffy said:
Well I need to find out why they are tracking mail to my servers, and not to gmail. I would have thought that a gmail addy was more suspect, than a box on a 14 year old name with the same registrant for that period.
Click to expand...
They are not. AFAIK, Gmail made a change to strip out a lot of tracking related elements from e-mails. Not sure if that included tracking links as well. Or perhaps, gmail is displaying the actual text as the link as well. Check the original/raw e-mail to confirm in both cases
 
Click to expand...
Reply
0
0 Like
0 Thanks
•••
I don't really care how reliable sendgrid is, I don't want my registrar to send transfer confirmations through a third party that I don't know. In my opinion, it's another reason to leave that registrar.

Thanks to everybody for clearing up the doubts in this matter. It looks as if I should make sure I use the gmail address for all transfers away from them.
 
Click to expand...
Reply
0
0 Like
0 Thanks
•••
Log in or sign up to reply here.

Similar threads

sharfab
GoDaddy Transfer Issue
16 replies
885 views
Edukar
Edukar
R
  • Locked
Beware of eDomains.com on transfer & / other things
2 replies
279 views
Alfa Mod Team
Alfa Mod Team
R
Beware of eDomains.com on transfer & / other things
1 reply
209 views
remax
R
Charlie J
question Escrow.com Wire Transfer using Wise.com?
0 replies
210 views
Charlie J
Charlie J
D
advice High-Profile Domainer Refuses to Transfer Sold Domain?
2
43 replies
3K views
DrJacoby
D

We're social

Escrow.com

New posts

Auction activity

Domain Recover

What non .com extensions have you sold in 2024?

Polls of interest

Popular this week

Catchy

Community favorite

Popular this month

Blog favorites

  • The sidebar remains visible by scrolling at a speed relative to the page’s height.
Back