- Impact
- 270
PHISHING ALERT: DOMAINERS BEWARE
I just received an email appearing to be from GoDaddy.com - alerting me to multiple invalid login attempts on my account. It gave a link asking me to proceed to setup extra security.
The email looks exactly like most legit emails I get from GoDaddy. But it just didn't sound right. I hovered over the link and immediately noticed it to be a hoax. It starts of like
I clicked on it to take a closer look. I was presented with a page that looked identical to the GD login pages. Even the certificate at the bottom is faked almost to perfection. However, the domain where this page is hosted is "search799.com" (admin please remove if you find it inappropriate).
Amongst other things I found a fake Barclays Bank site also on the same domain.
WARNING: We all need to be extra vigilant, especially when clicking through links either via email or otherwise. As a rule, I always type in my registrars url manually - I never click through on a link without inspecting it first. Everyone needs to be aware of these scams. Your domains are at risk, so pay that little extra bit of attention.
Pay attention to the links, the most important part is the just before the first forward slash - right after the extension.
eg.
in that example "fakedom.com" is the domain and not namepros.com as it might appear at first glance. Scam links generally use subdomains with names of popular sites to make it appear like its the real deal.
Btw. I'm not sure who, how or where to report this issue. Please feel free to take some action and give advice on what to do with such cases.
I just received an email appearing to be from GoDaddy.com - alerting me to multiple invalid login attempts on my account. It gave a link asking me to proceed to setup extra security.
The email looks exactly like most legit emails I get from GoDaddy. But it just didn't sound right. I hovered over the link and immediately noticed it to be a hoax. It starts of like
Code:
http://godaddy.com.48673468909234902340X9238.search799.comI clicked on it to take a closer look. I was presented with a page that looked identical to the GD login pages. Even the certificate at the bottom is faked almost to perfection. However, the domain where this page is hosted is "search799.com" (admin please remove if you find it inappropriate).
Amongst other things I found a fake Barclays Bank site also on the same domain.
WARNING: We all need to be extra vigilant, especially when clicking through links either via email or otherwise. As a rule, I always type in my registrars url manually - I never click through on a link without inspecting it first. Everyone needs to be aware of these scams. Your domains are at risk, so pay that little extra bit of attention.
Pay attention to the links, the most important part is the just before the first forward slash - right after the extension.
eg.
Code:
http://namepros.com.7897983-04.security.fakedom.com/examplein that example "fakedom.com" is the domain and not namepros.com as it might appear at first glance. Scam links generally use subdomains with names of popular sites to make it appear like its the real deal.
Btw. I'm not sure who, how or where to report this issue. Please feel free to take some action and give advice on what to do with such cases.
