I’d question their strategy of sending an email response to a phishing email, given that e-mail as a communications channel is not trusted by many consumers. For those that don’t know how to distinguish between the fake email and the real one, I have posted both of them below.

Here is a phishing tip that will save your bacon: Don’t click on links in emails! Use your browser and type in the address that you know manually. If you are one of the (un)lucky ones who has logged into your Network Solutions account recently after clicking on a link from the phishing email below, then you need to change your password AND your security question. Oh… and hope that your domains haven’t been transferred to Siberia.

— this is the evil phishing email —

Return-Path: <laavspeqob@bobrea.plus.com>
From: “networksolutions.com” <support@networksolutions.com>
Subject: Inaccurate whois information.
Date: Thu, 30 Oct 2008 22:03:17 -0500

Dear Network Solutions® Customer,

On Thu, 30 Oct 2008 22:03:17 -0500 we received a third party complaint of invalid domain contact information in the Whois database for this domain Whenever we receive a complaint, we are required by ICANN regulations to initiate an investigation as to whether the contact data displaying in the Whois database is valid data or not. If we find that there is invalid or missing data, we contact both the registrant and the account holder and inform them to update the information.

Please note: ICANN (the Internet Corporation for Assigned Names and Numbers) regulations state that the WHOIS Administrative Contact may initiate and approve domain name registration transfers from your Network Solutions account to other Registrars. If you are not listed as the WHOIS Administrative Contact a transfer can occur without your knowledge if Domain Protect is not enabled for the domain name registrations listed above.

To change the WHOIS Administrative Contact Information for any of your domains, please login to Account Manager:

1. Log in to Account Manager at: http://www.networksolutions.com.sys67.biz.
2. Click on the “Profile & Accounts” tab in the left navigation menu to be taken to a page listing your account details.
3. Click on “Accounts” and select the account you wish to edit.
4. Click “View/Edit WHOIS Contacts” to make your updates.

If you believe someone requested this change without your consent, please contact Customer Service.

If you would like to order additional services or to update your account, please visit us online.

Thank you for choosing Network Solutions. We are committed to providing you with the solutions, services, and support to help you succeed online.

Sincerely,

Network Solutions® Customer Support

— ends —

— this is the real Network Solutions email —

From: “Network Solutions”

Subject: Important: Phishing and Security

Dear Valued Network Solutions(R) Customer:

We’ve recently become aware of a phishing scam targeting domain name customers of a small number of registrars including Network Solutions(R). We wanted to alert you of this situation. Phishing is the practice of luring unsuspecting Internet users to a fake Web site by using an authentic-looking e-mail in an attempt to steal passwords, account information or other sensitive data.

At this time, we know that fraudulent e-mails are being sent to some domain name customers, regardless who the registrar of record is, which include links to sites that look like networksolutions.com or other domain provider sites; however they are fake Web sites. These e-mails are attempting to capture login information. For more information and tips on identifying phishing scams, please visit our blog at www.blog.networksolutions.com/.

If you believe you have received an e-mail of this type, have clicked on the link, and provided your login information, we recommend the following for security purposes:

1. Log in to your account from the Network Solutions Web site.
2. Review your account information for accuracy
3. Choose a new password security question and answer
4. Change your password

Thank you for your attention to this message.

Sincerely,
Network Solutions(R) Customer Support

*****************************************************

This e-mail was sent from a notification-only address. Please do not reply to this message. For Network Solutions customer service inquiries, please visit: http://www.networksolutions.com/help/index.jsp

Please note, in accordance with our Privacy Policy, we will continue to send you notices and other important information affecting your account or services in order to fulfill our service obligations to you.

Access our Privacy Policy: customersupport.networksolutions.com/article.php?id=3D306

Access our Service Agreement:
http://www.networksolutions.com/legal/static-service-agreement.jsp

(c) 2008 Network Solutions, LLC. All rights reserved. Network Solutions, 13861 Sunrise Valley Drive, Dept ACQM, Herndon, VA 20171

— ends —

The domain name that the phishing email diverts to is com62.biz - I have provided the whois details below.

——————————————————

From: “eNomCentral Support” <support@enom.com>

Subject: Inaccurate whois information.

Dear user,

On Wed, 29 Oct 2008 00:13:32 +0300 we received a third party complaint of  invalid domain contact information in the Whois database for this domain  Whenever we receive a complaint, we are required by ICANN regulations to initiate an investigation as to whether the contact data displaying in the Whois database is valid data or not. If we find that there is invalid  or missing data, we contact both the registrant and the account holder and inform them to update the information.

The contact information for the domain which displayed in the Whois database was indeed invalid. On Wed, 29 Oct 2008 00:13:32 +0300 we sent a notice to you at the admin/tech contact email address and the account email address informing you of invalid data in breach of the domain registration agreement and advising you to update the information or risk cancellation of the domain. The contact information was not updated within the specified period of time and we canceled the domain. The domain has subsequently been purchased by another party. You will need to contact them for any further inquiries regarding the domain.

PLEASE VERIFY YOUR CONTACT INFORMATION - http://www.enom.com.com62.biz

If you find any invalid contact information for this domain, please respond to this email with evidence of the specific contact information you have found to be invalid on the Whois record for the domain name. Examples would be a bounced email or returned postal mail. If you have a bounced email, please attach or forward with your reply or in the case of returned postal mail, scan the returned letter and attach to your email reply or please send it to:

Attn: Domain Services
14455 N Hayden Rd
Suite 219
Scottsdale, AZ 85260

LINK TO CHANGE INFORMATION - http://www.enom.com.com62.biz

Thank you,
Domain Services

[IncidentID:33499]

——————————————————

Domain Name      COM62.BIZ
Domain ID     D27867299-BIZ
Sponsoring Registrar     ONLINENIC, INC. D/B/A CHINA-CHANNEL.COM
Sponsoring Registrar IANA ID     82
Domain Status     clientTransferProhibited
Registrant ID     OLNI_175212_0_1
Registrant Name     Shestakov Yuriy
Registrant Organization     Shestakov Yuriy
Registrant Address1     Lenina 21 16
Registrant City     Mirniy
Registrant State/Province     MSK
Registrant Postal Code     102422
Registrant Country     Russian Federation
Registrant Country Code     RU
Registrant Phone Number     +7.9218839910
Registrant Facsimile Number     +7.9218839910
Registrant Email     alexeyvas@safe-mail.net
Administrative Contact ID     OLNI_175212_1_1
Administrative Contact Name     Shestakov Yuriy
Administrative Contact Organization     Shestakov Yuriy
Administrative Contact Address1     Lenina 21 16
Administrative Contact City     Mirniy
Administrative Contact State/Province     MSK
Administrative Contact Postal Code     102422
Administrative Contact Country     Russian Federation
Administrative Contact Country Code     RU
Administrative Contact Phone Number     +7.9218839910
Administrative Contact Facsimile Number     +7.9218839910
Administrative Contact Email     alexeyvas@safe-mail.net
Billing Contact ID     OLNI_175212_3_1
Billing Contact Name     Shestakov Yuriy
Billing Contact Organization     Shestakov Yuriy
Billing Contact Address1     Lenina 21 16
Billing Contact City     Mirniy
Billing Contact State/Province     MSK
Billing Contact Postal Code     102422
Billing Contact Country     Russian Federation
Billing Contact Country Code     RU
Billing Contact Phone Number     +7.9218839910
Billing Contact Facsimile Number     +7.9218839910
Billing Contact Email     alexeyvas@safe-mail.net
Technical Contact ID     OLNI_175212_2_1
Technical Contact Name     Shestakov Yuriy
Technical Contact Organization     Shestakov Yuriy
Technical Contact Address1     Lenina 21 16
Technical Contact City     Mirniy
Technical Contact State/Province     MSK
Technical Contact Postal Code     102422
Technical Contact Country     Russian Federation
Technical Contact Country Code     RU
Technical Contact Phone Number     +7.9218839910
Technical Contact Facsimile Number     +7.9218839910
Technical Contact Email     alexeyvas@safe-mail.net
Name Server     NS1.XWHLWWW.COM
Name Server     NS2.XWHLWWW.COM
Name Server     NS3.XWHLWWW.COM
Name Server     NS4.XWHLWWW.COM
Name Server     NS5.XWHLWWW.COM
Created by Registrar     ONLINENIC, INC. D/B/A CHINA-CHANNEL.COM
Last Updated by Registrar     ONLINENIC, INC. D/B/A CHINA-CHANNEL.COM
Domain Registration Date     Mon Oct 27 00:45:13 GMT 2008
Domain Expiration Date     Mon Oct 26 23:59:59 GMT 2009
Domain Last Updated Date     Mon Oct 27 06:04:52 GMT 2008

Here is a classic example of a story that is unfolding right now about one of my domain names.

The registrar in question, eNom is using the Sgt Schultz defense of “I know nothing” and its driving me crazy. Has this ever happened to you?

Timeline

1. Win NameJet auction on December 4, 2007 and the domain goes into my eNom account.

2. Receive renewal notice on October 20, 2008 from eNom saying that my domain name will expire on 11-30-2008.

3. Try to transfer the domain name out to another registrar. When I try to release the lock at eNom I get “Failed to get Registrar Lock Status“. When I click on “Email Auth Code to Registrant” it says “Domain does not have an AuthInfo key“. Very strange - so I contact eNom support.

4. eNom support say “This domain is not registered with eNom at this time” and that its with “Registrar: DOMAIN JINGLES, INC.”. This is interesting, because I can SEE THE DOMAIN IN MY ACCOUNT !!! I also don’t have an account with Domain Jingles.

5. I check the Domain Jingles whois and it says my domain is “Registration Service Provided By: eNom, Inc.” Hmmm….

6. I update the support ticket with these new facts and receive this response from eNom: “We have forwarded this ticket to our senior technical support staff to research further. Depending on what we find it might be a few days before we have a solution or additional questions for you. I have requested a resolution as quickly as possible to minimize your wait time.”

7. Today I login to my eNom account and the domain name is no longer there. It’s just disappeared! I have received no notices to transfer it out. The whois data is registered under my name and my contact email address. Nothing has changed except that its no longer in my account.

8. I called eNom phone support in the USA. They tell me that the domain is with DomainJingles (who is  an eNom reseller) and that I should call them. The support staff also tell me that they will flag this ticket and ask their techo’s to investigate. I explain the obvious concerns I have about:

• Having a domain in my account that suddenly disappeared.
• The fact that the domain name expires in a months time and nobody can tell me where it went!
• The registrar asks me (their customer) to contact THEIR reseller, who I don’t know.

I’ve tried to make contact with Domain Jingles, and will keep you all posted on further developments. In the meantime, if you can think of anything feel free to post a comment.

Namecheap

• For the next 72 hours only, transfer most domains for just $6.99 with coupon code: TRANSCHEAP.
• For the next 48 hrs get $8.88 Renewals and Registrations with coupon code: OCTNEWS.

Godaddy

• $7.39 .com registrations with the coupon code: DNF2

Given some of the issues I’ve been experiencing of late with other registrars, I’m thinking that now might be the time to start transferring names across.

If you know about any others please post a comment.

On Feb 2, 2008 I won a Snapnames auction with a final price of US$173. The domain has more than made its money back, yesterday it made US$1.50.

When I won the name at Snapnames, the registration provider was ItsYourDomain.com. The domain expires in December 2008 - so I thought it was about time that I transferred it out to another provider.

Over the past few weeks I’ve been trying to get the name transferred. The domain is in my account, I have the auth code, transfer shield was disabled - everything is ready to go.

The only problem was that it appeared that SecureWhois appeared to be on and therefore my new registrar couldn’t send emails to the admin and technical contacts. Here is what it looked like:

Registrant
Pending Renewal or Deletion
SecureWhois, Inc.
pending-renewal@onlineaccess.net
96 Mowat
Toronto, ON M6K 3M1 CA
+1.4165385428
+1.4163520113 (FAX)

After a number of failed requests to disable SecureWhois, I received this email from their Technical Support staff:

“It looks like the domain had expired long time ago and was deleted from our system, it is now in pending delete status at the Registrar level. If you are interested we can check the price to get the domain back from the registrar.”

I was thinking… wait a minute…. something isn’t right here… I won this thing in Feb! So after writing back to their support dept asking them to “get the domain back immediately” - I decided to give them a call…. and by some miracle, they answered their support number!

It turns out that I never received the domain in the first place! Although the name appeared in my registrar account and I could make changes to it, the domain was “marked in the system” as being a backorder, and not actually “allocated” to me. After feeling somewhat in the twilight zone, I was told that they would immediately put a request through to allocate it to me and that I should see the change in the whois record. Sure enough, the change went through. That domain in my account that I’ve been making $$ from is now… well… mine.

What’s the lesson learned from all of this? Just because you see a domain in your account at your registrar, doesn’t mean its yours! Check the whois record.

P.S. Yes, this is a separate issue from yesterday. I don’t know whether its the “law of attraction” here, but everything seems to be happening at once!

—

Dear Simon,

The registrar was Moniker. They have informed us that they have put a
system in place to prevent this from happening again.

Sincerely,

SnapNames

—

I’d like to keep an eye on this issue. If you find yourself in the same position, with Snapnames or any other backordering company (NameJet / Godaddy) then please let me know or post a comment up here.

In the meantime, who’s really to blame here? Moniker for not passing the name onto Snapnames (I wonder what their contract says) OR Snapnames for not checking that they can auction a domain name?

What do you think?

—-

Dear Simon,
I am sorry to have to inform you of this, but there was a mistake in the auction for <SNIP>. The registrar informed us that this name was available for us to send to auction; unfortunately, the name was renewed at the last minute and we were not informed in time to stop the auction. We apologize for this inconvenience. It is a rare occurrence but it unavoidably happens from time to time. Of course, a refund has been issued to you for the $<SNIP> that you paid for the name.

If you have any questions, please let us know.

—-

Snapnames - the obvious questions are:

1. Who was the registrar?
2. What process have you and the registrar put in place to prevent this happening to other people?

Has this happened to you at Snapnames or anywhere else? Feel free to post and let me know.

Kids - come and get your .COM.CM, .NET.CM, and .CO.CM.

Applications must be made through an accredited registrar. You can also get some great bedtime reading flicking through the rules and registration policies.

Here are the launch details:

• Sunrise Period Opens - 15 Oct 2008 (10.00 UTC) - Registered trademarks to apply
• Sunrise period closes - 31 Oct 2008
• Sunrise challenge period - 1 Nov 2008 - to 14 Nov 208
• General Registrations - 15 November 2008 (10.00 UTC) on a first-come-first-served basis

Here comes the next gold mine, revolution, never to be repeated land rush, land grab, extravoganza to get all those names you just need to have.

So who will be the first registrar to spam the hell out of me with this crap send me opt-in advertising for related services?

Thiele wants $500k. The Miccosukee (who live in the Everglades and operate a casino on the Tamiami Trail near Miami) have offered him $100,000. Apparently the tribal name is trademarked.

Good luck with that.