I got 3 emails at my webmaster email today that were pretty much the same scam, actually they were phishing emails. One I got pretended to be from Enom.com, and the other two (below) pretended to be from Network Solutions.
PHISHING/SCAM EMAIL #1
Subject: Attention: domain is expired.
From: networksolutions.com [mailto:firstname.lastname@example.org]
Dear Network Solutions Customer,
We recently notified you that the registration period for your Network Solutions domain name had expired. As a benefit of having previously registered a domain name(s) with Network Solutions, you are eligible to receive a percentage of the net proceeds that were generated from the renewal and transfer of the domain name you chose not to renew. Since you have chosen not to renew the domain name listed below during the applicable grace period, we were successful in securing a backorder for this domain name on your behalf and it has been transferred to another party in accordance with the Service Agreement.
Renew your domain now – http://www.networksolutions.com
You must click on the following link, enter your domain name, and confirm your contact information in order to claim these funds. If your contact information is not correct, you must enter Account Manager and make the appropriate changes prior to clicking “submit” from the confirmation screen. If you do not do this, you will be confirming inaccurate information and will not receive any payment. Checks will only be made payable and mailed to the Account Holder of record.
Network SolutionsŽ Customer Support
In the email the link that said http://www.networksolutions.com actually linked to http://www.networksolutions.com.com42.asia – and I won’t click that sucker to see where it goes. Fortunately Gmail caught all of the ones emailed to me in my spam filter, but others at my office got these emails also and forwarded them to me. Here’s the other one:
PHISHING/SCAM EMAIL #1
Subject: Inaccurate whois information. [IncidentID:86011]
From: networksolutions.com Tech Support
Dear Network Solutions. Customer,
On Fri, 31 Oct 2008 11:46:55 +0300 we received a third party complaint of invalid domain contact information in the Whois database for this domain Whenever we receive a complaint, we are required by ICANN regulations to initiate an investigation as to whether the contact data displaying in the Whois database is valid data or not. If we find that there is invalid or missing data, we contact both the registrant and the account holder and inform them to update the information.
Please note: ICANN (the Internet Corporation for Assigned Names and Numbers) regulations state that the WHOIS Administrative Contact may initiate and approve domain name registration transfers from your Network Solutions account to other Registrars. If you are not listed as the WHOIS Administrative Contact a transfer can occur without your knowledge if Domain Protect is not enabled for the domain name registrations listed above.
To change the WHOIS Administrative Contact Information for any of your domains, please login to Account Manager:
1. Log in to Account Manager at: http://www.networksolutions.com.
2. Click on the “Profile & Accounts” tab in the left navigation menu to be taken to a page listing your account details.
3. Click on “Accounts” and select the account you wish to edit.
4. Click “View/Edit WHOIS Contacts” to make your updates.
If you believe someone requested this change without your consent, please contact Customer Service.
If you would like to order additional services or to update your account, please visit us online.
Thank you for choosing Network Solutions. We are committed to providing you with the solutions, services, and support to help you succeed online.
Network Solutions. Customer Support
In this one the clickable link to http://www.networksolutions.com actually went to http://www.networksolutions.com.sys58.biz and I also did not check that one out. Although I did not click on either of the links in the email I can tell youi that most likely there was a copy of the Network Solutions site and when you attempted to log in as instructed their copycat website would collect your login, and then send you to a VALID Network Solutions error logging in page, or at the very least you’d be sent to Network Solutions’ home page. Either way you’d assume ther was some glitch or you’d mis-typed your login and simply try logging in again, never realizing you’d been had until someone later broke into your account using your stolen login info and stole your domains.
UNRELATED – NEW GMAIL FEATURE TEMPORARY “RECALL”
Here’s my compulsory Gmail blog “news bit of the minute”. Even though I don’t use SMS or text messaging on my cell phone I know some of you do. Check out Almost new in Labs: SMS Text Messaging for chat.