GoDaddy Phishing Email? Be Careful!

[Omar Negron]

Hey all. Just wanted to let you know I received an email and I had a feeling it was probably some type of scam or a phishing email of some sort.

After speaking to a Godaddy Rep, they confirmed they had no idea of the email so it didn't come from them and asked me to forward it to them, which I did. Here is what the email said.

-----

Dear Valued GoDaddy

Your GoDaddy service(s) shown below has been suspended because some of the purchases on your account remain unpaid. For a limited time, however, the services will continue to be registered to you even while disabled .

Account Holder: ****** *******. (blocked out for privacy)

The following nsWebAddress™ are in this account : Domain Removed

Please make payment immediately upon receipt of this notification, or the nsWebAddress™(es) listed above will be deleted from your account and we may, in accordance with our service agreement, attempt to renew and transfer the nsWebAddress™ listed above to a third party on your behalf. This notice has been sent to both the Primary Contact and Registrant assigned for these services.

To make payment and reinstate your services, please Follow the reference below :
Link Removed

Thanks for your co-operation.
GoDaddy Customer Support.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Copyright (c) 1999-2015 GoDaddy.com, LLC. All rights reserved.


-------------------

Now I knew something was up because I got that domain through a Godaddy backorder credit, so it HAD to be paid for once I got it. And I had access to the name for weeks now with no issues regarding payment.

Anyway, just wanted to let you guys know if you get this type of email make sure you let Godaddy know!

-Omar

 

[briguy]

Thanks..did Godaddy give you a address to send these emails too, like PayPal?

 

[Omar Negron]

Yes they gave me a specific address to forward this email to, which I did.

I knew something was fishy, also the FOOTER gave it away for me.

-Omar

 

[laladomains]

Oh, we got tons of fake emails from "GoDaddy". Be careful guys !

 

[Kate]

This is a very poor fake, coming from a total amateur. I would look at the headers carefully, perhaps you will find clues leading to the culprit.

 

[johnn]

Rule #1

never click anything from your email unless you are expecting the email - regardless of who the sender is.

Rule #2

Go to rule #1

 

[briguy]

Yes they gave me a specific address to forward this email to, which I did.

I knew something was fishy, also the FOOTER gave it away for me.

-Omar

Would you mind sharing the address?

 

[Enfant]

To make payment and reinstate your services, please Follow the reference below :
Link Remover

Is it even possible to cheat a domainer?
Don't you check all the links automatically?

Day or night, sunshine or storm, drunk or at church - my eyes keep checking the domains in links!

 

[kolorovnohovno]

Since yesterday I get tons of this template emails. It redirects to 11nk dot ru with fake godaddy login website lol.
But I wonder how it comes that my mail shows it came from secure@godaddy com? Anyone kind to share?

Edit: Ah nevermind, Mailbird doesnt show much info but another mail client does: secure@godaddy com via domain fabula.timeweb dot ru

 

[Omar Negron]

Yes. I wondered the same thing. The email it came from looked exactly like Godaddy's. Anyone know how they could pull that off?

 

[Enfant]

Yes. I wondered the same thing. The email it came from looked exactly like Godaddy's. Anyone know how they could pull that off?

It is only a front ("looked exactly like Godaddy's"). Anyone can copy the "front": godaddy's page, bank account change password page, paypal account details page, gmail password change page, etc. and email it to potential victims.

It's up to stupidity of a human, to trust such good looking front page and enter his personal details (name, address, passwords, social security number, etc - just name it) himself!

No one can pull that off. What legitimate business can prevent the scammer? The only prevention is - to look at the URL of that scam (phishing) page. Are you domainer? That should be the last problem of the domainer to ask such questions and, more, to participate in those scams!!!

 

[simran.net]

I got same today and unfortunately I clicked and it prompted for login! I loggedin and found noting. So I immediately change password and sent mail to godaddy.

I am little panic!

 

[Omar Negron]

I got same today and unfortunately I clicked and it prompted for login! I loggedin and found noting. So I immediately change password and sent mail to godaddy.

I am little panic!

That sucks. Sorry to hear that. Good thing you changed your password quick.

Make sure you let Godaddy know and possibly talk to a rep. They may ask you to forward the email over to them like they did to us.

-Omar

 

[interassets]

Gotta be careful with these, though a quick glance over the email normally brings up some clues. I don't know why these scammers don't tripple check everything?

 

[johname]

Just never ever login through a Godaddy email-EVER. Make it automatic thought process. Godaddy Email=No login.

 

[RGkiiing]

I got one of these today. I was drinking today so made me extra confused lol. I just copy and pasted the body of the email and found this thread. It shows it came from donotreply@godaddy com somehow. Figured it was bogus once I saw the "dear valued godaddy"

 

[Jack09]

This is who he/she is


Name Markushina Elena
Organization Markushina Elena
Email markushina1 at yandex dot ru
Address 5/3 Medikov pr.
City Saint-Petersburg
State na
Country Russian Federation
Phone +7.9213052828
Fax +7.9213052828

 

[Omar Negron]

This is who he/she is


Name Markushina Elena
Organization Markushina Elena
Email markushina1 at yandex dot ru
Address 5/3 Medikov pr.
City Saint-Petersburg
State na
Country Russian Federation
Phone +7.9213052828
Fax +7.9213052828

Noooo idea....did you get a similar email to what I got before?

-Omar

 

[andom]

New phishing email targeting Godaddy. It is the most classic Renewal Notice. But if you check the included links they lead to domain godadbby.com.

BE AWARE!!!!

 

[Omar Negron]

New phishing email targeting Godaddy. It is the most classic Renewal Notice. But if you check the included links they lead to domain godadbby.com.

BE AWARE!!!!

Thanks for the update!