Today I received a phishing email masquerading as eNom. While the from address is support@enom.com, the return address is actually axri@bobjanes.com.
The domain name that the phishing email diverts to is com62.biz - I have provided the whois details below.
——————————————————
From: “eNomCentral Support” <support@enom.com>
Subject: Inaccurate whois information.
Dear user,
On Wed, 29 Oct 2008 00:13:32 +0300 we received a third party complaint of invalid domain contact information in the Whois database for this domain Whenever we receive a complaint, we are required by ICANN regulations to initiate an investigation as to whether the contact data displaying in the Whois database is valid data or not. If we find that there is invalid or missing data, we contact both the registrant and the account holder and inform them to update the information.
The contact information for the domain which displayed in the Whois database was indeed invalid. On Wed, 29 Oct 2008 00:13:32 +0300 we sent a notice to you at the admin/tech contact email address and the account email address informing you of invalid data in breach of the domain registration agreement and advising you to update the information or risk cancellation of the domain. The contact information was not updated within the specified period of time and we canceled the domain. The domain has subsequently been purchased by another party. You will need to contact them for any further inquiries regarding the domain.
PLEASE VERIFY YOUR CONTACT INFORMATION - http://www.enom.com.com62.biz
If you find any invalid contact information for this domain, please respond to this email with evidence of the specific contact information you have found to be invalid on the Whois record for the domain name. Examples would be a bounced email or returned postal mail. If you have a bounced email, please attach or forward with your reply or in the case of returned postal mail, scan the returned letter and attach to your email reply or please send it to:
Attn: Domain Services
14455 N Hayden Rd
Suite 219
Scottsdale, AZ 85260
LINK TO CHANGE INFORMATION - http://www.enom.com.com62.biz
Thank you,
Domain Services
[IncidentID:33499]
——————————————————
Domain Name COM62.BIZ
Domain ID D27867299-BIZ
Sponsoring Registrar ONLINENIC, INC. D/B/A CHINA-CHANNEL.COM
Sponsoring Registrar IANA ID 82
Domain Status clientTransferProhibited
Registrant ID OLNI_175212_0_1
Registrant Name Shestakov Yuriy
Registrant Organization Shestakov Yuriy
Registrant Address1 Lenina 21 16
Registrant City Mirniy
Registrant State/Province MSK
Registrant Postal Code 102422
Registrant Country Russian Federation
Registrant Country Code RU
Registrant Phone Number +7.9218839910
Registrant Facsimile Number +7.9218839910
Registrant Email alexeyvas@safe-mail.net
Administrative Contact ID OLNI_175212_1_1
Administrative Contact Name Shestakov Yuriy
Administrative Contact Organization Shestakov Yuriy
Administrative Contact Address1 Lenina 21 16
Administrative Contact City Mirniy
Administrative Contact State/Province MSK
Administrative Contact Postal Code 102422
Administrative Contact Country Russian Federation
Administrative Contact Country Code RU
Administrative Contact Phone Number +7.9218839910
Administrative Contact Facsimile Number +7.9218839910
Administrative Contact Email alexeyvas@safe-mail.net
Billing Contact ID OLNI_175212_3_1
Billing Contact Name Shestakov Yuriy
Billing Contact Organization Shestakov Yuriy
Billing Contact Address1 Lenina 21 16
Billing Contact City Mirniy
Billing Contact State/Province MSK
Billing Contact Postal Code 102422
Billing Contact Country Russian Federation
Billing Contact Country Code RU
Billing Contact Phone Number +7.9218839910
Billing Contact Facsimile Number +7.9218839910
Billing Contact Email alexeyvas@safe-mail.net
Technical Contact ID OLNI_175212_2_1
Technical Contact Name Shestakov Yuriy
Technical Contact Organization Shestakov Yuriy
Technical Contact Address1 Lenina 21 16
Technical Contact City Mirniy
Technical Contact State/Province MSK
Technical Contact Postal Code 102422
Technical Contact Country Russian Federation
Technical Contact Country Code RU
Technical Contact Phone Number +7.9218839910
Technical Contact Facsimile Number +7.9218839910
Technical Contact Email alexeyvas@safe-mail.net
Name Server NS1.XWHLWWW.COM
Name Server NS2.XWHLWWW.COM
Name Server NS3.XWHLWWW.COM
Name Server NS4.XWHLWWW.COM
Name Server NS5.XWHLWWW.COM
Created by Registrar ONLINENIC, INC. D/B/A CHINA-CHANNEL.COM
Last Updated by Registrar ONLINENIC, INC. D/B/A CHINA-CHANNEL.COM
Domain Registration Date Mon Oct 27 00:45:13 GMT 2008
Domain Expiration Date Mon Oct 26 23:59:59 GMT 2009
Domain Last Updated Date Mon Oct 27 06:04:52 GMT 2008
Share and Enjoy:
These icons link to social bookmarking sites where readers can share and discover new web pages.
Tags: domain hijacking, domain name security, enom, phishing
October 29th, 2008 at 6:32 am
[...] Domainer Income Possibly related posts: (automatically generated)Whois Expireback from the deadHost Monster Domain ReviewsHow Telnic Will Revolutionize Dialing [...]
October 29th, 2008 at 7:30 am
[...] email that is designed to have people divulge their …Jim Plumb - http://jimplumb.com/wp/|||eNom Phishing Email - Beware!Today I received a phishing email masquerading as eNom. While the from address is support@enom.com, [...]
October 29th, 2008 at 1:56 pm
I got the same sort of e-mail. It got me worried and gald I found your article.
October 29th, 2008 at 2:53 pm
Thanks Mabon - good to know you are safe!
October 30th, 2008 at 5:32 am
just received the above email, thanks for the heads up, got me a little worried at first!