GoDaddy Email: Is It Legitimate?

[J Sokol]

Yesterday I got an email from GoDaddy that appears to be legitimate, but it seems suspicious. It says, "Action required: Please verify your email address." Then in a big red band it says, "Your domain will go on hold if we can't confirm your email address."
It doesn't say which domain this applies to, which seems strange, and I've never had an email like this before from GoDaddy. The sender is [email protected].

Any thoughts?

 

[xynames]

There are these illegitimate emails

https://www.namepros.com/threads/beware-of-recent-godaddy-and-general-cpanel-phishing-scams.1101066/

No, there was no "brute force" attack on your GoDaddy, account, just another phishing scam!

no need to validate ownership of your email address, unless you want to turn it over to a scammer:

Your CPanel is doing just fine! unless you want to let a phisherman in to it:

Do not click the Unsubscribe links either!

With some of these, the return email address (for example [email protected]) is a tell-tail sign of a scam (although the return email address may easily be forged to try to fool you). Other times you are tipped off by the word "Kindly" and other non-American sounding phrases. (Kindly tell these scammers to f. off!) You will also find non-English speaker, grammatically incorrect or odd phrases such as "additional protection would be added to your email account" and out-of-place valedictions such as, "Thanks in advance,".

In all cases, just report the full header + contents of the email to spamcop.net and add a comment "Phishing" to the report. Cheers!

https://www.namepros.com/threads/godaddy-phishing-email-account-deactivation-alert.1058093/

Notice the Yahoo email address. Account Deactivation Alert / Cancel Suspension - SCAM!

You should post a screenshot of whatever you received if you want an answer. Can’t know from just your description.

Also you should click to reply (but don’t actually reply) to determine if the email return address matches the purported sender, AND run its entire headers + content through spamcop.net to see who the sender really is because sender emails may be forged.

 

[J Sokol]

Thanks @xynames. Here's the screen shot:

 

[xynames]

It looks illegitimate but as I wrote above, checking the return address by clicking to reply (but NOT actually replying) and running its entire headers + content through spamcop.net will make sure.

Spamcop will indicate to you where it actually came from. You have to set up an account with spamcop before using them which involves whitelisting your mail servers.

If you're not ready to open a spamcop account (really worth the effort! for future reference, because you'll be able to not only check but also report these bastards), use something like this

https://www.ip2location.com/free/email-tracer

just to trace the email to its sender.

 

[J Sokol]

Okay, I'll give that a try. Thanks for the info.

 

[AIS01]

@Paul Nicks please have a look.

 

[Paul Nicks]

Best to just login to your GoDaddy account and see if there's a warning or other notification in your account or domain management area.

 

[J Sokol]

Best to just login to your GoDaddy account and see if there's a warning or other notification in your account or domain management area.

Everything's working fine in my account. The email originated in Atlanta, then went through GoDaddy in Scottsdale. Apparently this is a well-disguised phishing email.
Thanks for responding.

 

[urlurl]

best practice is to never logon to anything from any email. Always best to go directly to the site and logon from there to make any changes or check to see if there are any warnings.

 

[Adnan Shaikh]

The email looks so real, I amazed how intelligent and talented people are and they still want to utilize their skills doing wrong things

 

[viniproject09]

I recommend to reach Godaddy team through chat or phone if you feel its suspicious. They will take and look at let you know. Hackers do make phishing sites to capture your username and password so stay alert.

 

[J Sokol]

I recommend to reach Godaddy team through chat or phone if you feel its suspicious. They will take and look at let you know. Hackers do make phishing sites to capture your username and password so stay alert.

Good idea @viniproject09. The funny thing is, this email came between two legitimate GD emails - that's what made in confusing to me. In the inbox the phishing email looked exactly the same as the other two.

 

[J Sokol]

The email looks so real, I amazed how intelligent and talented people are and they still want to utilize their skills doing wrong things

Yes, that always puzzles me too. Seems like they have the skills to make good money doing legitimate things.