NameSilo

Credit emails from GoDaddy. FYI: The amount is wrong.

Located in Drop Catchers and Expired Domain Services, started by Michael M, May 28, 2020

Replies:
21
Views:
1,026

  1. Michael M

    Michael M Top Contributor VIP ★★★★★★★★★★

    Posts:
    1,309
    Likes Received:
    2,154
    Anyone else just get an email from Godaddy (yes, verified actual godaddy email - not spoof) saying they have a credit for a domain backorder?

    I recall putting nothing on backorder at GD, and can find nothing with the referenced amount..

    Anyone else get an email like this? Thinking it is an error unless they charged me something in the past I did not realize. (and GD's website when trying to view orders is giving me a Bad Gateway error at the second - so can't confirm)

    Your refund receipt number is: *********

    May 26, 2020

    QTY ITEM PRICE

    -1 Private Domain Backorder ($649.00)

    Subtotal: ($649.00)

    Shipping & Handling: $0.00

    Tax: $0.00

    Store Credit: $0.00

    Total: ($649.00)
     
    The views expressed on this page by users and staff are their own, not those of NamePros.
  2. Gube

    Gube NameInvestors.com - Epik.com Epik.com Staff

    Posts:
    555
    Likes Received:
    831
    This is definitely a phising attempt.
    Don't click on any link in that email
     
  3. Michael M

    Michael M Top Contributor VIP ★★★★★★★★★★

    Posts:
    1,309
    Likes Received:
    2,154
    I do not believe so. I have been in IT over 20 years. I have already checked the headers:

    Received: by m319.em.secureserver.net

    The only link points to godaddy's actual server (I don't click email links anyway), and it has my customer #. All signs point to godaddy sent this email.
     
  4. MadAboutDomains

    MadAboutDomains Top Contributor VIP ★★★★★★★★★★

    Posts:
    3,195
    Likes Received:
    1,199
    I've seen many sites hosted on sexureserver.net that were dodgy.

    Godaddy let's other people host on that I think.
     
  5. Michael M

    Michael M Top Contributor VIP ★★★★★★★★★★

    Posts:
    1,309
    Likes Received:
    2,154
    Agree it is possible it is a phishing attempt, but I find it unlikely that godaddy would allow anyone to spoof the godaddy.com domain on their secureserver.net email system. Seems like that would be a no brainer.
     
  6. MadAboutDomains

    MadAboutDomains Top Contributor VIP ★★★★★★★★★★

    Posts:
    3,195
    Likes Received:
    1,199
    Fair enough. If I remember I'll see if I can dig out the dodgy email I got from secureserver.net as an example.

    Its probably not a scam if you're satisfied that the email matches the info in your account.

    You only have to Google site:secureserver.net to see how much rubbish is hosted on it.
     
    Last edited: May 28, 2020
  7. Michael M

    Michael M Top Contributor VIP ★★★★★★★★★★

    Posts:
    1,309
    Likes Received:
    2,154
    :ROFL::ROFL::ROFL::ROFL::ROFL::ROFL::ROFL:

    Godaddy's account site just came back up. It was a valid credit. Only thing is it is for $6.49 - not $649 that the email said.

    So noone get excited if they get an email like this! :xf.smile:

    (I wasn't excited. I was going to contact GD and have them remove it if not valid - but I know some others would be :xf.wink:)
     
  8. AEProgram

    AEProgram Top Contributor VIP Blue Account

    Posts:
    1,271
    Likes Received:
    1,691
    how could it be a phishing attempt if the links go to godaddy?

    got the same email now but with -999 as the amount
     
  9. Michael M

    Michael M Top Contributor VIP ★★★★★★★★★★

    Posts:
    1,309
    Likes Received:
    2,154
  10. Michael M

    Michael M Top Contributor VIP ★★★★★★★★★★

    Posts:
    1,309
    Likes Received:
    2,154
    It is $9.99 :)
     
  11. Save Breach

    Save Breach Established Member

    Posts:
    545
    Likes Received:
    789
    if you have an open redirect vulnerability*, like somewhere.godaddy.com/vulnerable?url=attacker.com, it can be almost hidden in plain-sight but it leads to an attacker controlled page

    secondly no big deal to get customer #, if you have done deals on NP directly, someone might have it ;)

    many subdomains of *.secureserver.net are in private use i suppose.

    So there's enough reason for OP to consider it phishing but as we know GD's backend is old, buggy and recently got hacked, no wonder its suspicious. Possible its a malicious person manipulating the emails, who knows?

    OP has a valid concern.

    *Reference: https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html (open redirect)
     
    Last edited: May 28, 2020
  12. ultradog

    ultradog Established Member

    Posts:
    422
    Likes Received:
    490
    Lots of errors lately. I just got an email from Godaddy saying a domain would be autorenewed in my account, a domain I sold about 2 years ago.
     
    Last edited: May 28, 2020
  13. AEProgram

    AEProgram Top Contributor VIP Blue Account

    Posts:
    1,271
    Likes Received:
    1,691
    time for them to run a free scan to find out?
    😉
     
  14. kite26

    kite26 Fearless Bird VIP

    Posts:
    5,333
    Likes Received:
    4,411
    What? I received today a similar email but for $999. The email has my customer number and it seems legit. Maybe info leak happened?
     
  15. Michael M

    Michael M Top Contributor VIP ★★★★★★★★★★

    Posts:
    1,309
    Likes Received:
    2,154
    No... Figured out this is all legit. GD is just accidentally putting the decimal point in the wrong place in the email. Check your order history.
     
  16. DomainVP

    DomainVP Domain Expert VIP

    Posts:
    3,499
    Likes Received:
    12,669
    Yes, mine was for $1,298.00. :xf.laugh:

    Looks like they moved the decimal place over too far.

    Just a glitch in the eMail, actual amount refunded was $12.98.

    Question is why was this refunded at all? Mine was some kind of backorder charge, but it was associated with a GoDaddy Auctions membership purchase number.

    Weird.
     
    Last edited: May 28, 2020
  17. kite26

    kite26 Fearless Bird VIP

    Posts:
    5,333
    Likes Received:
    4,411
    These are returning amounts?
     
  18. Michael M

    Michael M Top Contributor VIP ★★★★★★★★★★

    Posts:
    1,309
    Likes Received:
    2,154
    Yes. Store credit.

    I never found where or have any memory of backordering a domain from Godaddy in many many years, but that is what my credit is for. Maybe something old or a mistake? Not sure...

    What was yours for and does it seem correct?
     
  19. kite26

    kite26 Fearless Bird VIP

    Posts:
    5,333
    Likes Received:
    4,411
    Thanks for help. I write from an old phone and I cannot provide screenshots right now but I will.
     
  20. Michael M

    Michael M Top Contributor VIP ★★★★★★★★★★

    Posts:
    1,309
    Likes Received:
    2,154
    Ahhh didn't see this post. Are they accidentally issuing refunds that shouldn't be? I was wondering, but this makes me more curious.

    I believe when you get an auction membership you get free domain monitoring in the backorder system. Maybe some accounting issue is making them refund part or old charges? That or they need to get on top of this quickly as many people will spend that store credit quickly.

    @Joe Styler
     
  21. Save Breach

    Save Breach Established Member

    Posts:
    545
    Likes Received:
    789
    Sure they can head over to FreeScan.com ;)
     
  22. Joe Styler

    Joe Styler Aftermarket Product Manager GoDaddy Staff Afternic Staff PRO VIP

    Posts:
    2,132
    Likes Received:
    4,229
    Sorry for the delay. I was not on Namepros last week from Thursday to Monday and when I logged in yesterday I had about 50 alerts and a bunch of PMs so I am working through them in order.

    I did see your message last week I think via twitter or somewhere else someone pointed it out to me and I let the email team know. They were aware of the error with the decimal point and looking to fix it and update people.

    The refunds are legitimate it is for the difference between an standard backorder and a private backorder based on the price you paid at the time of the backorder credit. Privacy on backorders is going away shortly and will be revamped as there is more or less a free privacy to Europeans under GDPR and California enacted a privacy law so there are updates coming in privacy for backorders in the near future and we are proactively refunding anyone who paid for privacy as an upgrade to a backorder credit and no longer can use it for backorders.
     

Want to reply or ask your own question?

It only takes a minute to sign up – and it's free!
Topics / Tags:
NameWorth
  1. NamePros uses cookies and similar technologies. By using this site, you are agreeing to our privacy policy, terms, and use of cookies.
    Dismiss Notice
Loading...