Dynadot

advice Advice needed: Is this a potential domain broker scam?

Spaceship Spaceship
Watch

Ned Lee

Established Member
Impact
9
Hello All!

I received an offer from a domain broker with an email @vangus-co-il.info
Any of you guys ever received any offer from such email? Is this a potential domain broker scam or legit? Thanks in advance !
 
1
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
1
•••
3
•••
Thanks so much bookname! Really appreciate your advice! I will follow up with the e-mail and see how it goes.
 
1
•••
I did find the hyphens worrying. So I decided to seek advice. I will ask some questions and post some updates here so that we can all be aware.
 
3
•••
I did find the hyphens worrying. So I decided to seek advice. I will ask some questions and post some updates here so that we can all be aware.
IMO a company that uses alternate email addresses to forward people to their business domain should be treated with caution as you have rightly done. These different outbound email addresses are often used because the sender(s) either doesn't want their main business domain address getting blocked or blacklisted, or because it already has been blocked or blacklisted.
I hope it works out for you - Good luck!
 
Last edited:
7
•••
Are they promising to pay 50K for your domain? Wasn't it via GoDaddy contact form?

If so, it is a scam (appraisal certificates scam). Search in the forum, there are a lot of similar threads.

"Vangus" in .co.il may be a legitimate business, but they did not contact you. Somebody else did.

Because of this scam, GoDaddy now adds a lot of warnings to emails they forward:

We're required by ICANN regulations to forward these types of requests to you, and you're not under any obligation to respond.
Remember, we have no information on the legitimacy of these contacts, and scammers have been known to try to pose as GoDaddy or other companies. Use caution when viewing or replying to unsolicited messages from third parties. If you determine you would like to respond to this message, please be aware that you are electing to respond directly to a third party that has no affiliation with GoDaddy.
 
Last edited:
3
•••
It's too good for true, honey, it's too good for true...
(from Mark Twain's "Huckleberry Finn")
 
3
•••
you can always ask them to provide you proof where are they coming from, before go further, if they said they are from vangus, then you can always ask them send email using vangus.co.il instead of .info.

I also found the vangus.co.il abit weird , they have english language option on their web, but it was not working, usually good hosting company will always make sure all their web accessible.
 
4
•••
Thanks CraigD and tonyk2000 ! Couldn't agree more with you guys. The offer's too good to be true and dodgy although it wasn't 50K. Am always cautious with such e-mails and I am thankful we have namepros to keep a look out for one another!
 
2
•••
@bookname - Indeed. I did a search too like you did and was still skeptical about it. Now we just have to continue to be careful of these scams. It could look legit to others who may fall for it.
 
2
•••
I just got one from them. had an ounce of hope it was real. I think they linked me through squadhelp
 
1
•••
Today I received a too good to be true offer on a domain from an "E Guzman" with a vangus-il.co email address. The domian vangus-il.co is only 5 days old and redirects to vangus.co.il. Definitely a scam by someone trying to look like they are with that hosting company.
 
1
•••
Just got mine through

Screenshot_20200912-155228_Outlook.jpg
 
1
•••
A genuine buyer always tries to low ball and would never give an offer range, they will throw an exact offer, not a range first red herring although a very enticing offer. Don't click on unknown links they send besides. maybe phishing links.

Beware. stay safe. take care. Just my $0.02!

Cheers
 
Last edited:
2
•••
Just got one also... @Ned Lee Did you ever get a reply back?

Sometimes this ends up being more spam in the future.

Hello! We've found your email via WHO IS. Are you interested in selling your domain? We can make an offer in $XX,XXX range. How do you want to get paid: Paypal, Bitcoin or wire? E. Guzman, Ph.D. Haifa, Israel Vangus Co.
 
0
•••
Added Note: I've been trying to get Godaddy to do something about frauds scamming their customers through these fake emails for a few years, and Godaddy doesn't seem to care about protecting their customers.


Got a reply back, called Godaddy to try to confirm and they don't know what they are talking about.

They told me it's not legit at first, then told me it was legit.... but for it to be legit it should come from Godaddy and this second email come directly from the scammers mail server.

I still tried to confirm legitimacy with Godaddy on this, but was just told to ignore it if I don't feel comfortable because they can't actually tell me whether or not they sent me the second email which really looks like the scammer is pretending now to be Godaddy and seems to use a spoof email system to attack Godaddy customers.

I even asked what should I do to report this and was just given an email address to correspond the information to. (someone is actively pretending to be Godaddy, Godaddy can't confirm legitimacy of their own emails, and they can't take an active scammer/fraud report over the phone.)

Here is the response I got below.... note that I never confirmed with Godaddy but yet, that's how the email starts....

Thank you for confirming you have received our email. We're required by ICANN regulations to forward these types of requests to you. However this is our obligation to verify the legitimacy of such requests.

To protect you we have verified this contact and may confirm the legitimacy of the request to purchase your domain. The buyer has provided the proof of funds so now you can communicate with the buyer safely.

To respond safely to the domain buyer, simply reply to this email and he will receive your response on his email account. Then you will be able to communicate direct without GoDaddy.
 
Last edited:
0
•••
I've gotten another reply and it seems this is in fact connected to the certificate scam. They are apparently using the name of a hosting company to do business this way.

This has been going on for quite a while now... although I'm not really surprised Godaddy isn't up to speed here.

For me to research and properly report something like this it takes about 2 hours.... and as many times as I've made reports in the past for there to be no outcome, I'm not about to try to save Godaddy's customers again if Godaddy can't and won't do anything on their side.

Even the domain privacy come years too late, so the fact that Godaddy changed their logo and pretends to be about customers now is just a load of crap... if they were true they would care about protecting their customers from fraud like this, but Godaddy clearly is just leaving their customers open to fraud and scams like this, as if they were earning money from it too.
 
0
•••
Got the same exact email from the email address. That Phd got me feeling it was a scam.
Was checking up on google to see if it was legit or not.
Thanks for Namepros and community for this information.
Not gonna waste my time on these scams now.
 
0
•••
Scam in my honest opinion.
 
0
•••
There's a whole new person they are using now....

Here is the message from [email protected]. Once again, this is NOT from a GoDaddy representative.
spc_trans.gif

Hello! We saw your name listed for sale. We can offer a good price in five figure range. How do you want to get paid: Paypal, Bitcoin or wire? E. Rosenberg, Ph.D. Haifa Israel Galcomm Co.
 
0
•••
Yes.

Receiving some of them.

A group may be working, Godaddy may not aware of this.

New customers will be affected if not taken any action.
 
Last edited:
0
•••
I've reported this to Godaddy and they tried to tell me that a fake email I got without a Godaddy email header was legitimately sent from Godaddy....

They are aware but the problem is Godaddy has ignored this problem for years and doesn't feel they are setup to handle stuff like this, so they don't seem to deal with it as far as someone reaching out for support., and now it's of course advanced a bit from "certificate scams" to now there's initial contact through Godaddy before they try to scam you.... Twitter also seems to support whoever is doing the scams because they sure still are online and in "business"!

Godaddy for years let the privacy stuff just be open unless you paid them to keep it private (you paid the price for Privacy with Godaddy before, you just didn't get it).

I think the whole Godaddy rebranding and the whole privacy deal where people were finally switched private, could just be publicity stunts.

Why would a company help cover up private info, if they are just going to ignore future scam emails sent through their new system design?

When I first signed up for Godaddy to create my first websites, before 6 months had passed, Godaddy was stripping the "unlimited" yearly services I had paid for already, and I even had someone claim to be from the exec-office threatening to change stuff on my account without my permission.

That was before the rebranding of Godaddy, where they claimed to be more about customers and their ideas and helping them.... but again why would a company help cover up private info, if they just going to ignore future scam emails sent through their new system design?

Why would a company claim they fixed a problem, if they just ignore the further problems their "fix" created?
 
Last edited:
0
•••
I have received same email via GD email:

Message reads:

>
Here is the message from e.rosenberg(at)galcomm-il.info. Once again, this is NOT from a GoDaddy representative.
Hello! We saw your name listed for sale. We can offer a good price in five figure range. How do you want to get paid: Paypal, Bitcoin or wire? E. Rosenberg, Ph.D. Haifa Israel Galcomm Co.
To respond directly to the requester, simply reply to this email.
>


WHOIS shows that GALCOMM-IL.INFO was registered at Godaddy on 2020-09-19
 
Last edited:
0
•••
Another possible round of scams

Just received one of those Godaddy/ICAAN requests to forward email to me from someone who is interested in buying a domain.

Email address:

authorize-(country name).info

I checked whois and the senders domain was registered 3-days ago at GD.

I should point out that the sender could have easily just sent an email to my business email that is publicly listed on the landing page of that domain name, or purchased the domain quite cheaply through GD auction listing BIN, but they have instead chosen to go this route which, if I replied, would expose my private email address that domain is registered under.

I get the impression that these requests are made to find out your domain registration private email address.

Has anyone else received one of these?
 
Last edited:
0
•••
Back