eNom Phishing Email – Beware!
October 29, 5 CommentsToday I received a phishing email masquerading as eNom. While the from address is supp...@enom.com, the return address is actually a...@bobjanes.com.
The domain name that the phishing email diverts to is com62.biz – I have provided the whois details below.
——————————————————
From: “eNomCentral Support” <support@enom.com>
Subject: Inaccurate whois information.
Dear user,
On Wed, 29 Oct 2008 00:13:32 +0300 we received a third party complaint of invalid domain contact information in the Whois database for this domain Whenever we receive a complaint, we are required by ICANN regulations to initiate an investigation as to whether the contact data displaying in the Whois database is valid data or not. If we find that there is invalid or missing data, we contact both the registrant and the account holder and inform them to update the information.
The contact information for the domain which displayed in the Whois database was indeed invalid. On Wed, 29 Oct 2008 00:13:32 +0300 we sent a notice to you at the admin/tech contact email address and the account email address informing you of invalid data in breach of the domain registration agreement and advising you to update the information or risk cancellation of the domain. The contact information was not updated within the specified period of time and we canceled the domain. The domain has subsequently been purchased by another party. You will need to contact them for any further inquiries regarding the domain.
PLEASE VERIFY YOUR CONTACT INFORMATION – http://www.enom.com.com62.biz
If you find any invalid contact information for this domain, please respond to this email with evidence of the specific contact information you have found to be invalid on the Whois record for the domain name. Examples would be a bounced email or returned postal mail. If you have a bounced email, please attach or forward with your reply or in the case of returned postal mail, scan the returned letter and attach to your email reply or please send it to:
Attn: Domain Services
14455 N Hayden Rd
Suite 219
Scottsdale, AZ 85260
LINK TO CHANGE INFORMATION – http://www.enom.com.com62.biz
Thank you,
Domain Services
[IncidentID:33499]
——————————————————
Domain Name COM62.BIZ
Domain ID D27867299-BIZ
Sponsoring Registrar ONLINENIC, INC. D/B/A CHINA-CHANNEL.COM
Sponsoring Registrar IANA ID 82
Domain Status clientTransferProhibited
Registrant ID OLNI_175212_0_1
Registrant Name Shestakov Yuriy
Registrant Organization Shestakov Yuriy
Registrant Address1 Lenina 21 16
Registrant City Mirniy
Registrant State/Province MSK
Registrant Postal Code 102422
Registrant Country Russian Federation
Registrant Country Code RU
Registrant Phone Number +7.9218839910
Registrant Facsimile Number +7.9218839910
Registrant Email alex...@safe-mail.net
Administrative Contact ID OLNI_175212_1_1
Administrative Contact Name Shestakov Yuriy
Administrative Contact Organization Shestakov Yuriy
Administrative Contact Address1 Lenina 21 16
Administrative Contact City Mirniy
Administrative Contact State/Province MSK
Administrative Contact Postal Code 102422
Administrative Contact Country Russian Federation
Administrative Contact Country Code RU
Administrative Contact Phone Number +7.9218839910
Administrative Contact Facsimile Number +7.9218839910
Administrative Contact Email alex...@safe-mail.net
Billing Contact ID OLNI_175212_3_1
Billing Contact Name Shestakov Yuriy
Billing Contact Organization Shestakov Yuriy
Billing Contact Address1 Lenina 21 16
Billing Contact City Mirniy
Billing Contact State/Province MSK
Billing Contact Postal Code 102422
Billing Contact Country Russian Federation
Billing Contact Country Code RU
Billing Contact Phone Number +7.9218839910
Billing Contact Facsimile Number +7.9218839910
Billing Contact Email alex...@safe-mail.net
Technical Contact ID OLNI_175212_2_1
Technical Contact Name Shestakov Yuriy
Technical Contact Organization Shestakov Yuriy
Technical Contact Address1 Lenina 21 16
Technical Contact City Mirniy
Technical Contact State/Province MSK
Technical Contact Postal Code 102422
Technical Contact Country Russian Federation
Technical Contact Country Code RU
Technical Contact Phone Number +7.9218839910
Technical Contact Facsimile Number +7.9218839910
Technical Contact Email alex...@safe-mail.net
Name Server NS1.XWHLWWW.COM
Name Server NS2.XWHLWWW.COM
Name Server NS3.XWHLWWW.COM
Name Server NS4.XWHLWWW.COM
Name Server NS5.XWHLWWW.COM
Created by Registrar ONLINENIC, INC. D/B/A CHINA-CHANNEL.COM
Last Updated by Registrar ONLINENIC, INC. D/B/A CHINA-CHANNEL.COM
Domain Registration Date Mon Oct 27 00:45:13 GMT 2008
Domain Expiration Date Mon Oct 26 23:59:59 GMT 2009
Domain Last Updated Date Mon Oct 27 06:04:52 GMT 2008
Top 10 Tips To Keep Your Domains Safe From Thieves and Hijackers
May 7, 1 CommentFor more than 14 years I’ve had a privilege of working in the Information Security industry, protecting various companies from fraud, damage to their reputation and their assets. A domain name is just another asset. So what steps can you take to protect it?
1. Turn on transfer / lock protection at your registrar. Companies such as Network Solutions call this “Domain Protect”, others such as Moniker calls it “Lock”. Both registrars automatically turn it on.
2. Turn on “auto-renew”. That way your domain name will automatically be registered when the expiry date comes around. Of course, don’t forget to have a valid credit card or automatic paypal agreement in place. If your credit card expires before your domain names, then your domains may expire as they have not been paid for (renewed).
3. Add your registrars domain name to your email whitelist or friends list. If your anti-spam software decides to go crazy and block half the universe, the only thing that might save you is your whitelist. In the event your registrar sends you a reminder email, then you should get it.
4. Use whois protection. When you register or renew a domain, buy the add-on privacy guard, shield or whatever your registrar calls it. The key here is to protect your personal information so as to make it difficult for someone to misuse it.
5. Change the default “whois protection”. Some whois privacy providers have the feature of changing the default email address contact every X number of days. This should be changed to “1″ as it may reduce the number of spam email messages you receive.
6. Register your domain names under different names and companies. While there are strict rules to follow in this regard, this particular method has one huge advantage. It makes it very difficult for a person to get an understanding of your domain name portfolio. In the event a thief compromises your account at a registry then its difficult for them to rely on whois data to find your other domains and where they are located.
7. Trademark your domain name in the USA and your country of residence. This may provide a level of protection from 3rd parties who feel they have a right to your domain. The first thing you should do in this instance, is to consult a reputable trademark attorney.
8. Use multiple domain name registrars. That way if a registrar collapses, then you won’t lose your entire domain name portfolio.
9. Use different user id’s and strong passwords (min 8 characters, alpha numeric with special characters) for each registrar. If you need something bullet-proof to manage your passwords then use Password Safe. It’s a must have tool. Use the automatic password generating feature.
10. When you receive an email saying that your domain name has expired, DONT CLICK ON THE LINK. Visit the registrar web site by typing the name into your web browser. This will help to avoid you becoming the latest victim of a phishing scam.
