IDN Domain Contest

Possible Namepros Phishing Attempt

NameprosThis morning I received an email that appears to be a Namepros domain forum phishing attempt, which I posted below. There are a couple of things domain investors and developers can learn from this:

1) Have different user names and passwords for forums, blogs, registrar logins…etc.

2) Don’t click links in an email as they can be cloaked.

3) If you suspect that you have clicked to a phishing website, tell the webmaster and change your password on the real site

4) Protectively register similar domain names to prevent confusion – especially if your website allows people to sign up.

It appears this email refers to a site at wwwnamepros.com rather than www.namepros.com, and the phishing domain name is registered at Godaddy. The spoofed website has already been taken down. However, you should be aware of this now and for the future. It should also be noted that the Whois information on the domain name is not private.

Here’s the email:

DO NOT REPLY TO THIS EMAIL!
***************************

Dear UserName,

You have received a new private message at NamePros.com from steelejones, entitled “Trader Rating Notification”.

To read the original version, respond to, or delete this message, you must log in here:

http://www.namepros.com/private.php

This is the message that was sent:
***************
You have received a new Positive rating or comment from steelejones.

Details about this transaction can be found *on your iTrader page* (http://wwwnamepros.com/itrader.php?u=88275).

Note: This is an automated message.
***************

Again, please do not reply to this email. You must go to the following page to reply to this private message:

http://www.namepros.com/private.php

All the best,
NamePros.com

Related posts:

  1. Check Out NamePros at 3pm… I have it on good authority that something neat is...
  2. Follow Up Post: Anti Phishing Legislation I just read Mike Berken’s blog post about the proposed...
  3. More on Anti-Phishing Legislation Thank you to Larry Fischer at DirectNavigation.com for analyzing and...
  4. Report Suspicious Emails Most people immediately delete spoofed phishing emails that make it...
  5. One Reason to Not Offer Vanity Email Addresses Yesterday afternoon, someone asked me my thoughts on the topic...

Written by Elliot on July 3, 2009 in Godaddy, Legal News
Tags: , ,

Comments (3)

Reece Berg

July 3rd, 2009 at 9:47 pm    

gravatar

Elliot,

You’re right — there is a phishing attempt going on. I’m not sure how many people have been affected, however it is severe enough that all Namepros accounts now have a warning about it when they go to their private message page. If everyone followed the advice you gave above, there would probably be a whole lot less phishing attempts because nobody would become a victim of them.

Bryan Walde

July 4th, 2009 at 12:59 pm    

gravatar

I have seen this many times with various forums, but never before with NamePros..

I have learned to never click the links in the email, and instead go to the website and respond to the PM (if there is one) from my UserCP.

It has become my habit to do this, and should become yours as well.

kfink

July 5th, 2009 at 9:17 pm    

gravatar

I got f’d.

Usually, I’m 200% careful, but this time – I logged in. Briskly changed my password when I realized what had happened. Contacted support so I can forward the email if need be.

The email looks official; but the landing page the link takes you to (not to mention the url now that I glance at it again) looks fake as all-hell…

Careful, folks!

Leave a reply

Name *

Mail *

Website