warning Phishing scam targeting domain name owners

[GeorgeK]

As I noted on Twitter:

https://twitter.com/x/status/1506408065020702721

there's a very convincing phishing scam, targeting domain name owners, coming from a domain name lawyer's email address. Don't open the link!

Folks need to be vigilant --- I wasted an hour, creating a Linux virtual machine under Hyper-V, just to see what it was (as I was worried it might be real; the lawyer might be hoping for a default victory, if I didn't respond to an actual legal threat).

Impersonating a lawyer is a very clever tactic for the scammers/hackers/phishers. You almost feel compelled to open the link, as ignoring a real legal threat has potential consequences (default, etc.).

 

[GeorgeK]

Theo blogged about it today, as he got the email:

https://domaingang.com/domain-crime...-domain-investors-using-law-firm-as-the-bait/

and so did Joe Uddeme. So, someone is definitely targeting the domain name community!

 

[Clover]

Thank you for the insight!

For everyone that doesn't know what a phisher is, it's basically an exact copy of another website with functions in the login form that will send an email to the "hacker" with the text you typed in to the "username" and "password" text fields.

OP, you should be able to view the page source and find the email that the logs are being sent to, might help you somehow or might not, could at least try to get said email account temp locked, chances are is has a pw that is easy to brute force, also.