Go Daddy Phishing Email

Posted on April 8, 2009 by Jose

I received an email from Go Daddy earlier today, which informed me that numerous failed login attempts have been detected on my account and that I need to verify my information to ensure account security. It sounded like Go Daddy really cares about my account security and that I should do as the email instructed. Except the email message is not from Go Daddy — it’s a phishing email.

Here’s the phishing email text:

Dear Customer,

This notification is generated automatically as a service to you.

Because of unusual number of invalid login attempts on you account, we had to believe that, their might be some security problem on you account. So we have decided to put an extra verification process to ensure your identity and your account security.
Please click on sign in to domain servers {link removed} to continue to the verification process and ensure your account security. It is all about your security. Thank you. and visit the customer service section.

please contact us within 1 days.

If you need to address this matter, or in any way need further assistance or technical support, call us any time at (480) 505-8877 or email us at support@godaddy.com. We appreciate your business!

Sincerely,
GoDaddy.com DomainAlert team

How did I know that it was a phishing email? There were a few indicators:

  • Grammatical errors in the email message (“on you account”, “their might be some security problem on you account”, etc.). These scammers really need to invest on hiring better copywriters or, at least, proofreaders.
  • Link to the Go Daddy verification site resembles Go Daddy’s Web site (www.godaddy.com), but it’s not. If you receive a similar email, just hover your mouse pointer on the verification link and you’ll see that the URL is not www.godaddy.com.

The “verification page” will prompt you for your Go Daddy user name and password. Once you enter your user name and password on the page, the phisher or scammer will use it to log in to your account and transfer your domains to his account.

If you receive a similar email, delete it immediately. Do not even click the link as visiting the fake verification page will install a cookie on your computer — something that the phisher or scammer might use later on to gather information about you.

Here’s a screen shot of the phishing email, so you’ll have an idea of how deceiving and official-looking it may seem. Just be careful, use a hard-to-guess password, and change it periodically.

Posted in Domain Name Phishing | Tagged , | Leave a comment

Spam Sell Offers for Domain Names

Posted on March 13, 2009 by Jose

For a couple of months now, I’ve been getting spam messages that offer to sell me .COM versions of domain names that I own. I imagine these guys scan the drop lists for .COM domains that already registered in other TLDs, register these domains, and email the owners of the domain name in other TLDs. They most certainly scan the WHOIS records to check and retrieve the email addresses of the owners of the other TLDs. Then, they spam them.

At first, I didn’t mind because I thought that these guys are just trying to make some money. And then more and more “offers” started arriving for other domain names that I own. And it started getting annoying.

Here’s the email that they send:

We are selling the domain name {your-domain-name}.com.  Since you own {your-domain-name}.org if you would also like the more desirable .com we are making it available.  The cost is $99.97.  That includes a year of registration and transfer of ownership to you.  To purchase or to learn more go to:

http://www.{theirwebsite}.com/checkout.php?domain={your-domain-name}.com

If you pass on this opportunity someone else could purchase this domain and it may not be available again. For questions contact us or go to:

http://www.{theirwebsite}.com/faq.html

If you are not interested there is no need to respond.  We will not contact you again regarding this domain.

Almost a hundred bucks for a domain name that they registered for $7.00. They use the email address domains@dcinchq.com to send this spam offer.

So what do you do?

  • If you don’t have time in your hands, just mark the message as spam and add the sender to your blocked list.
  • If you are bored and you want some entertainment, write back to them and ask for information that answer bots are unlikely to answer. For example, ask for details like how to pay, how long is the registration for, how will the domain name be transferred, how you can be assured that they will indeed transfer the domain name, etc. Ask short questions but demand long answers.  The objective is to waste their time and have fun. You won’t be wasting yours because you’re bored and have nothing better to do, remember?

I used to do this to Nigerian 419 scammers, back when I had nothing else to do. I’d actually get them to send me documents like scanned copies of their passport, driver’s license, etc. as proof that they are legitimate individuals that I can “do business with”. Sure, those documents were probably fake, but that’s not the point. The point is they spent some time to prepare those documents. And for what? N-O-T-H-I-N-G. I was hoping that f they get nothing from their scamming efforts, they’d do something else, something honest.

I think the same thing goes for these spam offers. If you have time to kill, have fun with these spammers!

Posted in Domain Name Scams | Tagged , | Leave a comment

Stolen Domains! VioletUnderground.com, DvlmfDonations.org, Guzman-GuzmanLawOffice.com

Posted on January 21, 2009 by Jose

I know, I know… I never learn. But it is really quite a challenge to distinguish scammers from legitimate buyers. You don’t know who’s who until after it hits you in the face. Anyway, on to the story. The following domains have been scammed from me last night:

violetunderground.com (PR5)
dvlmfdonations.org (PR5)
guzman-guzmanlawoffice.com (PR5)

These were scammed from me on v7n.com by user manhattan122, who later contacted me as user -d-. He admitted being the same person and to scamming me last night and last month. You can see how he gloats in the private message that he sent to me on V7n.

The scammer uses the email address ldarushl@yahoo.com and the Paypal account legia_cwks@yahoo.com. If you get offers to buy any of these domain names, please DO NOT buy them. I am in the process of trying to recover them.

It looks like this blog is becoming a domain scam registry. Let’s hope that this doesn’t happen again to me or you. Ciao!

Posted in Domain Name Scams | Tagged , , , , | 2 Comments

PageRank 6 and PageRank 5 Domains Stolen

Posted on December 15, 2008 by Jose

The following PageRank 6 and PageRank 5 domains have been stolen from me yesterday:

MEDIARECALLDIGITAL.COM
BIKERSBIKEPLACE.COM
EMBAVENEMEX.COM
IMSSURVEY.ORG
SOCAL-ICON.COM
GNUCHILE.ORG
WOCN2008.ORG
REDPOG.COM
MARCUSESTES.COM
COMETOGETHERFOUNDATION.ORG

I have posted the details on DigitalPoint.com where the scammers operate.

If someone offers to sell these stolen domains to you, please do not buy them. Thanks!

Posted in Domain Name Scams | Tagged , , , , , , , , , , | Leave a comment