<<<
Chronological Index
>>> <<<
Thread Index
>>>
[registrars] Phishing scams targetting domain accounts now
- To: registrars@xxxxxxxx
- Subject: [registrars] Phishing scams targetting domain accounts now
- From: Mark Jeftovic <markjr@xxxxxxxxxxx>
- Date: Fri, 9 Jan 2004 08:40:51 -0500 (EST)
- Sender: owner-registrars@xxxxxxxxxxxxxx
We had a report from a user who received a fake "Verify your account"
forged email to look like it was from us, to an email harvested from his
whois record.
It directed him to:
https://easysdns.sslpowered.com/SSLSecurePage/AccountRenew
Which was (it is now cancelled) a mockup of our member signup form,
layout, etc.
We created a bogus account and filled out the form, it redirected us
back to our own site, indicating they are collecting the data (as
opposed to trying to init a reg transfer, slam the domain, etc)
Sure enough, within the hour two accesses to the bogus account were
attempted from IP's in California and Viet Nam.
This is clearly a phishing scheme designed to access domain holder
accounts, beyond that, we don't know. Maybe they think they'll find
credit card data in a compromised account (they won't) or they are
trying to actually hijack domains.
In any case, its something to keep an eye out for.
-mark
--
Mark Jeftovic <markjr@xxxxxxxxxxx>
Co-founder, easyDNS Technologies Inc.
ph. +1-(416)-535-8672 ext 225
fx. +1-(416)-535-0237
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|