Stealing attempt - ACTION REQUIRED - Reminder to verify the accuracy of Whois data

by Nuno

Posted: 9 years ago 10 replies

INTERNET MARKETING

Please check if you received any email from: support@domains.godaddy.com
(Godaddy doesn't use this address, it's a phishing attempt).

Does the email says you need to verify by using OpenID? If yes, it's the same person trying to get the password for your email account.
They will direct you to the domain godaddyauthentication.com , which of course isn't from Godaddy.

I have Two Step authentication factor on Gmail so he/she can never enter. Yahoo also has the sms security system.

I have reported this to NameBay (where the domain was registered yesterday), Godaddy and Gmail.

If it helps I can create a pdf with all the details so that you can send to your friends.

I knew these new ICANN rules would lead this way, many domains will be stolen, many email accounts will be hacked. I warned about his, few cared. Many people are scared that now in 2014 if they don't verify their email accounts their domains will be frozen, and many scammers will use this fear.

If that person has access to your email... you have more at risk than just your domains.

What is your opinion?

#accuracy #action #attempt #data #phish #phishing #reminder #required #steal #stealing #stolen #verify #whois

nicelife 9 years ago

Well I guess it's just a matter of being observant about this, but they will probably manage to steal some domains.

Thanks
- Thanks
Signature
>>> Free WordPress Theme Detector <<<

>>> Top 1000 WordPress Themes <<<
{{ DiscussionBoard.errors[8838062].message }}
Nuno 9 years ago

Not just domains...

They now sent another email, asking people to deactivate the two step authentication!

Second Alert : ERROR - Turn off 2-step verification

Error : 2-Step verification

Solution : Turn off 2-step verification

P.S. Godaddy needs to expand their 2-step protection to other countries as well. There are lots of international sms gateway providers...
- Thanks
Signature
I have 15+ years of experience & millions of visitors (I'm also a warrior since 2002)!
NunoAlex.com explains how I can help. I'm looking for a limited number of serious partners.
{{ DiscussionBoard.errors[8838342].message }}
BlairDesigns 9 years ago

This is exactly why I DO NOT answer anything through email when it comes to business or accounts. If the company I'm dealing with "emails" me I call to ask directly what the issue and email was about. 100% of the time it has been a failed phishing attempt. In recent months I have taken pleasure in respond to these emails to see what type of response I get, never once have I given the information they've asked for but it's fun to see them squirm hahaha
- Thanks
- 1 reply
Signature

[[Hot Deal]] New Year's Special! Adsense/Affiliate Busting ANS with FREE Bonus Sites
{{ DiscussionBoard.errors[8838464].message }}
- Nuno 9 years ago
  
  The problem is that in 2014 you have to click on emails Godaddy sends, or your domain will be suspended.
  The only difference is that they don't ask you to login.
  
  Thanks
  
  1 reply
  
  Signature
  I have 15+ years of experience & millions of visitors (I'm also a warrior since 2002)!
  NunoAlex.com explains how I can help. I'm looking for a limited number of serious partners.
  
  {{ DiscussionBoard.errors[8838558].message }}
  
  Teravel 9 years ago
  
  Originally Posted by Nuno
  
  The problem is that in 2014 you have to click on emails Godaddy sends, or your domain will be suspended.
  The only difference is that they don't ask you to login.
  
  I don't have to open emails from GoDaddy, and my domains won't be suspended. I also can't find it anywhere on their site that says otherwise, though I didn't look for long as I have never liked GoDaddy. They were a cheap company when they started, and they haven't improved much since.
  
  Also, they can't suspend your domain simply because you didn't open an email. You purchased legal rights to the domain. It's yours. GoDaddy doesn't own it. If they did, you wouldn't be able to transfer your domain from one registrar to another.
  
  Please, post a link to the information on GoDaddy that says you are required to open all emails from them in order to retain your current domains.
  
  Thanks
  
  1 reply
  
  Signature
  
  "Failure is feedback. Feedback is the breakfast of champions." -Fortune Cookie
  
  PLR Packages - WSO
  
  {{ DiscussionBoard.errors[8838570].message }}
  
  Nuno 9 years ago
  
  Teravel, all registrars are forced to do that starting 2014.
  
  Here is Godaddy's info on this:
  Verifying Contact Information for ICANN Validation | Go Daddy Help | GoDaddy Support
  
  Trying to change anything in your whois registrant information, or registering a new domain, will force that right now.
  
  Here are other places where you can confirm this:
  http://www.hover.com/blog/icann-regi...s-coming-soon/
  http://www.theverge.com/2013/6/29/44...n-registration
  
  I can give you many more examples. If your registrar sends the verification email, and you don't confirm it, your domain WILL be supended by ICANN's new rules.
  
  Thanks
  
  1 reply
  
  Signature
  I have 15+ years of experience & millions of visitors (I'm also a warrior since 2002)!
  NunoAlex.com explains how I can help. I'm looking for a limited number of serious partners.
  
  {{ DiscussionBoard.errors[8838607].message }}
  
  Teravel 9 years ago
  
  Originally Posted by Nuno
  
  I can give you many more examples. If your registrar sends the verification email, and you don't confirm it, your domain WILL be supended by ICANN's new rules.
  
  I went through your links and read everything I could find. Then I searched for ICANN's ruling on this, and I think everyone is making this bigger than it is.
  
  Lets break this down into a few basic concepts.
  
  First, how many accounts do you need with your preferred Domain Registrar? If you said any number higher than one, you're wasting your time. You may have multiple accounts if you use multiple registrars, but to have multiple accounts on a single registrars site is silly.
  
  Second, you need to Verify your Email OR Phone for your ACCOUNT. This means you have to do this ONE TIME, unless you are wasting your time as above, or if you are using multiple registrars.
  
  Third, you want your business information to be correct and visible for anyone that wants to find it. Not only does this make you look like a real business, it gives people a way to contact you.
  
  I have yet to receive contact from the Registrar I use. I just went into my account, and I have no warnings or errors that would give sign to this either. This is most likely due to the fact that I run a business, and verified my business information years ago when I set the account up.
  
  Thanks
  
  1 reply
  
  Signature
  
  "Failure is feedback. Feedback is the breakfast of champions." -Fortune Cookie
  
  PLR Packages - WSO
  
  {{ DiscussionBoard.errors[8838898].message }}
  
  Nuno 9 years ago
  
  Because of this yesterday there was a massive phishing operation that already made real damage and it's just the first.
  
  The problem is, and I already read people stating this:
  
  - some people will be tricked to click on phishing emails, giving access to their domain and email accounts.
  
  - some will never click the real mandatory registrar's email, their domain will be suspended, the website will be offline. Why? Thinking they don't need to click it, it will go to spam folders, or because they will think it's phishing.
  
  In conclusion: how does a valid but throw away email in the whois protects anyone? This opened the doors to lots of scams but it does no good at all. I'm not against valid info, not forcing everyone to click on email links leading to many problems especially for the less savvy.
  
  This applies to everyone, business or not.
  
  You only have to verify your email address once (when you change any detail on your current domains or register a new one) but it just started in 2014.
  
  Update:
  
  Many verification emails have been going to spam and sometimes the confirmation process doesn't work.
  Meanwhile close to 1 million domains were suspended and many websites are/were broken.
  I warned this would happen...
  
  Thanks
  
  Signature
  I have 15+ years of experience & millions of visitors (I'm also a warrior since 2002)!
  NunoAlex.com explains how I can help. I'm looking for a limited number of serious partners.
  
  {{ DiscussionBoard.errors[8839402].message }}
davezan 9 years ago

Originally Posted by Nuno

many domains will be stolen

More like suspended, rather than stolen. At least, for new domain registrations.

Originally Posted by Nuno

What is your opinion?

Many people are going to be angry, and the registrars know that.

If it's any consolation, even registrars aren't keen on requiring people to verify
their new domain registrations starting 2014. They and ICANN are forced to do
so because of law enforcement.
- Thanks
- 1 reply
Signature

David
{{ DiscussionBoard.errors[8838680].message }}
- Nuno 9 years ago
  
  Not just suspended, I think that today some domains were indeed stolen. I believe they managed to get access to a few email or Godaddy accounts.
  
  Even today a representative for domain interests told that when negotiating with ICANN they told these forced email verifications would increase phishing, but they were adamant.
  A correct throw away email doesn't protect anyone...
  
  Thanks
  
  Signature
  I have 15+ years of experience & millions of visitors (I'm also a warrior since 2002)!
  NunoAlex.com explains how I can help. I'm looking for a limited number of serious partners.
  
  {{ DiscussionBoard.errors[8838696].message }}

Stealing attempt - ACTION REQUIRED - Reminder to verify the accuracy of Whois data

Trending Topics

Greetings all!

Why isn't the audio on the website I'm working on, which isn't yet live?

Multiple Marketing Techniques for Site

How to optimise product pages on your Google Merchant listing

Silly Walks Day