Someone just generated a report in my Enom account?

[aww]

I just got a mysterious email from enom (which is authenticated because of the source IP/domain) that says I requested a report of my domains from support.

This is creepy because no such thing has happened by me.

I changed my password on both my email and enom but wow I am freaking out.

You'd think anyone who was smart enough to generate the report (which most should know where to do manually) would first change email addresses and password if they had access.

I've done this report once in the past and I compared emails and it's identical.

So what do you think is going on? Should I contact enom?

(I am directly under a big reseller for years now that should be trustworthy)

 

[John Doe]

Makes sense to contact Enom :imho:

 

[Earthian]

as I can see from the eNom "contact us" page , anyone can take your data (name , email , phone) from the whois and request a support ticket regarding your account ... of course there is no security breach since YOU can only access your email and read the answer to the question of the support ticket ...


is the email address where the email was sent the same with the email in the whois ?

​

 

[aww]

as I can see from the eNom "contact us" page , anyone can take your data (name , email , phone) from the whois and request a support ticket regarding your account ... of course there is no security breach since YOU can only access your email and read the answer to the question of the support ticket ...


is the email address where the email was sent the same with the email in the whois ?

​

That's an interesting insight. I can also imagine if it was done manually that someone made a typo as my account name ends in a numeric sequence - one number off and it might be another account.

It is indeed the same as the whois.
What's unusual is that I have a different internal address listed with enom for admin purposes.

The report is a simple flat text file, it's definitely enom generated. It also looks like the default settings and nothing advanced was turned on.

 

[Earthian]

if it was a typo (eg. on the email address) all the other details would be different from your own ... what do you mean typo on your account name ? for you to receive the email by a typo , the typo must be in the email address ... alternatively if the name was typed wrongly and the (other person's) address correctly , you would not receive the email ...



maybe they correlate the support-ticket-requesting-email with either the internal email or the whois email since both would end up to the authorized person to administer the domains or the receive the related info ... but it would be strange (and a possible privacy problem) if they did not correlate the support-ticket-requesting-email with the whois email ...



what do you mean report ? a list of the domains under your account ? maybe you accidentally initiated an email like that ... eg. an email with a text file with all the domains in your account (if there is such a feature in eNom)

​

 

[Name Trader]

Best thing to do is change your password (just in case) and forget it.

 

[AdoptableDomains]

If you are not a direct enom retail or an ETP top level reseller, the reseller(s) above you can access your account in order to give support. They could probably also run a report of your domains if they needed to for some reason. They have limited access and can't change critical information, but they can read most of it and run reports. There are legitimate reasons they may do so for promotions, pricing, or otherwise.

 

[aww]

I asked the ETP if for some reason they did it, but what I *really* don't like is what they answered me with - that ETP's don't have access to reseller accounts under them.

As anyone who has setup an enom sub-reseller knows, you can go into their account and do a whole bunch of things.

Unless ETPs have some kind of special restriction?

(update: they insist ETP's cannot even see the domains that their sub-resellers have - so this might be true)

 

[AdoptableDomains]

I asked the ETP if for some reason they did it, but what I *really* don't like is what they answered me with - that ETP's don't have access to reseller accounts under them.

As anyone who has setup an enom sub-reseller knows, you can go into their account and do a whole bunch of things.

Unless ETPs have some kind of special restriction?

(update: they insist ETP's cannot even see the domains that their sub-resellers have - so this might be true)

They might be right on sub-resellers, I don't know if you can see two levels deep, and I don't have resellers below mine who have any below them. However, I do know they can see the domain lists, run reports, and see but not change whois contacts for accounts directly under them. I don't think they can see payment info such as credit cards, so don't worry too much if you have someone above you. Any enom reseller is expected to be the first line of support for the accounts under them. This means they at least need to see the records to do that, before either recommending Enom fix something or decide the problem is the user rather than the system.