New domain registration scam intends to spread malware, ransomware

Directnic

A new domain registration scam is attempting to spread malware and ransomware via email.

The emails, sent by cybercriminals in Russia and Ukraine, pretend to bear domain registration notices.

The spear-phishing email reads:

Whois Data Reminder <support@fromhost%>

Dear customer:

You have successfully registered ***.com. Order ID: [redacted]

Domain registered date: 2017-01-09

Domain expired date: 2018-01-09

If you use our company’s DNS, you can login and use our DNS Manager on our website or go to your Domain Control Panel to do domain resolution and other domain management.

Please remember that under the terms of your registration agreement, the provision of false Whois information can be grounds for cancellation of your domain name registration.

The link points to mic.qb-i.ru, a rogue or compromised Russian domain, that is hosted in Germany, with an IP of 95.169.190.222.

The domain supposedly registered does not even exist.

Such domain-related scams prey on unsuspected domain owners that are not familiar with the domain registration and email verification process imposed by ICANN 3 years ago.

The end result, can be the loss of a domain, stolen personal information, or the complete lock-up of personal computers or Android devices.


Facebooktwittergoogle_plusredditpinterestlinkedinmail
Copyright © 2017 DomainGang.com · All Rights Reserved.

Leave a Reply

Your email address will not be published. Required fields are marked *

 characters available