A phishing email is currently being sent to domain owners, pretending to arrive from Joe Uddeme of DomainHoldings.
The email is not being sent by Joe and it links to a page that asks for a user’s log in to various email accounts: Yahoo, Gmail, Windows Live, AOL and others.
It’s a password stealer, so do not click on the link.
The email reads as follows:
Copyright © 2024 DomainGang.com · All Rights Reserved.Hello,
Please view the document i uploaded for you using Google docs. VIEW HERE for immediate access and security reasons sign on with your email to view the document its very important.— Joe UddemeDomain Holdings Inc.
Director of Business Development
777 E. Atlantic Ave., Suite 312
Delray, Beach, FL 33483410-977-0693
www.DomainHoldings.com
Joe is aware of this issue and has taken measures to limit its effect.
I’ve got that shit as well.
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of joe@domainholdings.com designates 2607:f8b0:400e:c01::22e as permitted sender) smtp.mail=joe@domainholdings.com;
dkim=pass header.i=@domainholdings.com
Mark – Joe’s regained control of the situation, that’s what I was told. ๐
I just wanted to say that it seems to be sent from Joe’s account, so subject “pretends to arrive from Joe Uddeme” is I believe incorrect, as most likely message was sent from his account, obviouslyโ hacked by someone else.
Mark – Although email headers can be forged, after talking to Joe he mentioned he regained control of his account. That conversation occurred after the article was composed to get the message out.