Orange County, CA - I want to thank Alvaka Network engineer Alex Estevez for bringing the e-mail below to my attention. One of his clients got this bogus message from GoDaddy. The scams on the internet know no ends for creativity and treachery.
This message looks so authentic and it can be so easy to go ahead and pay for a scam renewal and give up your domain login credentials too. Once you give up those credentials the thief(s) can potentially sell your domain name. For many businesses that would be devastating even if it only lasted a short time while the theft gets corrected. On top of the charge on your card they could potentially sell your credit card information as well.
Alex said, “What made me suspicious was the fact that the email came from a company called “Intranetregistrarnetwork.com” which just sounded bogus to me.“ That site is now shutdown, but count on another one to pop-up soon.
Here is what the e-mail looked like. As you can see it looks quite legitimate. It does not contain the spelling errors and poor grammar associated with so many e-mail scams.
How can you protect yourself?
1. Be alert. It is too bad, but today we must be suspicious.
2. Use spam a spam filtering service like Alvaka’s Mailworx. That is not a guarantee, but like all cybersecurity measures you must have multiple layers of protection. Mailworx is the frontline.
3. Look for e-mail addresses and other such indicators that don’t match your domain registrar.
4. This is the most important step, don’t click on any links in the e-mail. Instead, go directly to the registrar for your domain registration from the URL bar of your browser. Then look up your registration status. The image below is what Alex saw for this client when he was suspicious.
5. If you have any concerns, contact Alvaka Networks and let your concerns be known. We can help you look into the issue. In this case no one spotted this as a scam until Alex was asked about it.
As you can see in the blue circles, the domain in question does not expire until 2019.
Be safe out there!