Another GoDaddy ICANN scam

[cmason]

Hi folks,

Just wanted to draw attention to yet ANOTHER GoDaddy ICANN update email scam. This morning I received an email seemingly looking like the GoDaddy ICANN updates. As I get these often and have know that some of them are scams (phishing), I never click links from the emails.

Everything looks like it is from GoDaddy, but the link they are trying to get you to click goes to a newly registered (Feb 21, 2011) domain (GoldadidyDOTcom).

DO NOT CLICK THE LINKS!!!

The domain is registered to a Joe Walters (probably fake) with an admin email of omid.hamidATRocketMail

 

[DN_Hunter]

I literally just received the same scam email (same false link too).

The funny thing is it was for a domain name I no longer own (sold it a few months ago).

 

[ninjadomain]

I received the same thing in my junk folder.

I just deleted as I always keep my information updated.

I've also received them from Moniker. Has anyone else received from Moniker?

 

[silentg]

Forward the emails to [email protected]

 

[domainsusi]

I was just about to post this - already deleted three of these today.
Good idea to forward them - will try to remember that.
I surely don't want to go through the worry and hassle of reclaiming my domains again.

After I got my domains back earlier this month, I never heard another word about it from Godaddy.

Does anyone know if Godaddy takes action against these creeps?

 

[dWhite]

Does anyone know if Godaddy takes action against these creeps?

Godaddy can't do anything against the person if he/she is living in a country where no laws exist for such things.

 

[RevolutionaryDomains]

I too received a similar email today. The email had some bogus GoDaddy links and sales jargon, as if to look like it was sent direct from GoDaddy. For those who like to disect such crapola, I've included the message source details below.


-Regards


--------------------------------------
Status: U
Return-Path: <[email protected]>
Received: from aaron.mail.atl.earthlink.net ([207.69.200.106])
by mdl-ignite.atl.sa.earthlink.net (EarthLink SMTP Server) with SMTP id 1pRbhS2hO3Nl3770; Sun, 20 Feb 2011 10:33:28 -0500 (EST)
Received: from perpetualtrafficformulax.com ([173.0.61.231])
by aaron.mail.atl.earthlink.net (EarthLink SMTP Server) with ESMTP id 1pRbhS1HR3Nl3qa0
for <>; Sun, 20 Feb 2011 10:33:28 -0500 (EST)
Received: from 109.230.217.140 (unknown [109.230.217.140])
by perpetualtrafficformulax.com (Postfix) with ESMTP id 75737BDE0D83
for <>; Sun, 20 Feb 2011 18:34:00 +0300 (MSK)
From: "Tim Jones" <[email protected]>
To: "" <>
Subject: [URGENT]Domain Registered In November
Date: Sun, 20 Feb 2011 07:33:25 -0800
Organization: Tim Jones
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0000_01C6527E.AE8904D0"
Message-Id: <[email protected]>
X-ELNK-Received-Info: spv=0;
X-ELNK-AV: 0
X-ELNK-Info: sbv=0; sbrc=.0; sbf=0b; sbw=000;

This is a multi-part message in MIME format.

------=_NextPart_000_0000_01C6527E.AE8904D0
Content-Type: text/plain;
charset="utf-8"
Content-Transfer-Encoding: 8bit

You registered a domain name in November, 2010.
Please visit CLICK HERE NOW for information.
Thanks
------=_NextPart_000_0000_01C6527E.AE8904D0
Content-Type: text/html;
charset="utf-8"

<HTML>
<HEAD>
<META NAME="GENERATOR" Content="Microsoft DHTML Editing Control">
</HEAD>
<BODY>
<P>You registered a domain name in November, 2010.</P>
<P>Please visit <A
href="http://bizkill.gsniper.hop.clickbank.net/"><STRONG>CLICK HERE
NOW</STRONG></A> for information.</P>
<P>Thanks</P>
</BODY>
</HTML>
------=_NextPart_000_0000_01C6527E.AE8904D0--

--------------------------------

 

[nielsencl]

Report the spam to their hosting company and domain registrar. You can report to Godaddy, but if they are not involved, they don't have to do anything. Spam reports can be very effective against scams like this.

 

[cmason]

Report the spam to their hosting company and domain registrar. You can report to Godaddy, but if they are not involved, they don't have to do anything. Spam reports can be very effective against scams like this.

I had done so right away to three separate parties and sadly I heard back from NONE. I understand it was the weekend and all, but usually there is support around on weekends.

Needless-to-say, I'm not overly concerned because it didn't directly hit me, but it seems that each time this phishing technique is used there a good handful of people that fall for it.

 

[cmason]

Just got another phishing email...this time with the domain Goli Daddy.com.

Look out, folks!

 

[randomo]

Just got another phishing email...this time with the domain Goli Daddy.com.

Look out, folks!

Yes, I got that same one - but at least my email program was smart enough to put it in the spam folder!

 

[silentg]

This time the domain is registered with Melbourneit.com. Report this scam to them.

 

[ninjadomain]

I received the same email. The best thing to do is delete any email of the kind. Just make sure you keep your information current and there is never a need to click on any of these links.

 

[silentg]

Deleting the email doesn't solve the problem. It should be reported to the reseller. [email protected]

 

[ninjadomain]

Deleting the email doesn't solve the problem. It should be reported to the reseller. [email protected]

Reporting is always a good idea.

 

[biggie]

it seems that each time this phishing technique is used there a good handful of people that fall for it.

and that is what they hope for


from what i see, most members here love gobdaddy and the scammers do too.

with each newbie that joins np, everyone tells them GD is best registrar

then they go reg and buy names at GD and next thing you know....they get their names stolen.

but it ain't just the newbie's, some veteran domainers get caught off-guard too.


keep your eyes open

 

[silentg]

Golidaddy domain is still live so beware. Avoid Yahoo Domains and MelbourneIT. I have sent numerous emails and they don't seem to take any action.

 

[nielsencl]

If you want to fight this scam, report the emails to the hosting provider of the domain and also the registrar for the domain. I agree that Melbourneit.com is one registrar that does not seem to care about spam or scams from what I have seen. They have never responded to any of my reports and I don't see that they have ever taken any action against spammers.

NameCheap.com is another registrar that is spammer-friendly in my opinion. I say this because most registrars and all hosting providers will take spam reports with headers from users like us, investigate, and take action if the report seems valid. NameCheap says the reports must be from an "authorized" source like Spamcop.net and won't investigate any of my reports. Perhaps someone can tell my how I can become "authorized"...???? I like Namecheap and I don't really think they are "spam friendly", but their policies make them appear that they are. It's one of the reasons I am moving all my domains away from them.

The other thing you can do is find a blog post or forum that doesn't have messages about this scam and post or comment about it.

This scam cannot be stopped by reporting the scam. This scam can only be stopped by many, many people posting about it in as many places as possible, and reporting the scam emails as SPAM whenever you get one. The other thing that will help is to urge anyone that was scammed to get their money back from they payment provider. I have already posted how to do this several times and as people have posted, IT WORKS!

 

[silentg]

I got a reply from Yahoo Domains regarding Golidaddy and they said that they have taken appropriate action. The phishing website is still active at the time of this post. What a joke.

 

[cmason]

Not to rehash this yet again, but if it prevents a single member from getting phished, it was worth it!

Just got ANOTHER "Important ICANN Notice Regarding Your Domain Name(s)" phishing email. This time it was from goldidaddy. I have reported it to Yahoo Domains as well as GoDaddy. The domain was registered today.

 

[silentg]

The e-mails are being sent out again. Report it to [email protected]

 

[Kamikaze]

I've just got the GD scam...
Was about to write it on NP so people would beware, then found this thread on top
Damn scammers!