Domain phishing attacks: have you been targeted?

By James C | Sunday, 25 October 2015

Around the world this week, domain name customers of multiple registrars - including our own - have been targeted with malicious "phishing" emails. Have you been targeted?

Domain Phishing Attacks

First reported by internet publication Domain Name Wire, the emails falsely claim that the recipient's domain has been suspended and that they should download a file to see details of the complaints.

The emails being received by our customers look like this:

We've written before here about spam - and why spam emails can seem obviously and immediately wrong. Spam is sent out in incredibly large quantities, aiming for just the 1% of people who will click their links, so it is designed to weed out anyone who might question it.

How Did They Get My Details?

Domain Name Wire reports "Over the past couple years, a number of companies and fly-by-night operators have begun selling very cheap copies of whois data. This is part of the reason you receive lots of spam after registering a new domain name."

Think of WHOIS as a database, and when you register a domain all the information about it goes into this database. Some unscrupulous companies are downloading this information and selling it on to spammers and criminals.

Domain privacy can help hide or reduce the information that is shared about your domain, and it is a good first step to protecting your contact details and identity. Talk to one of our team about if this is right for your account today.

How Do I Know If An Email Is Legit?

At Crazy Domains, we do not send any notices regarding your domains without your account number or invoice number in the email, and will always address you by name. Please check for these details in emails you receive from us to confirm they are real.

Crazy Domains do not send our customers notices with links to download files regarding your domains.

If you are ever in any doubt about any email you receive you should check the email headers to determine the source and return path for the email address. If this information does not match with what you expect, that should be a warning.

Who Can I Contact?

Got doubts about an email you have received that claims to be from Crazy Domains? Contact our team for help and more information using details found on our website. We're available 24 hours a day, 7 days a week, with staff on the telephone, replying to emails, on social media and live chat.

You should not reply to any suspicious emails, and should never call any telephone numbers included in the messages.