We’ve been notified by our domain registrar, Enom.com, that they have been experiencing a new malware scam/phishing attempt that is being carried out. This scam is attempting to look like an email being sent out from a registrar’s email address (for example, firstname.lastname@example.org) saying that a customer’s domain name has been suspended for a violation of an abuse policy. In order to find out what the abuse is you have to click on a link which will attempt to download something to your computer. The email looks like this:
The following domain names have been suspended for violation of the ENOM, INC. Abuse Policy:
Domain Name: [redacted]
Registrar: ENOM, INC.
Registrant Name: [name on whois information]
Multiple warnings were sent by ENOM, INC. Spam and Abuse Department to give you an opportunity to address the complaints we have received.
We did not receive a reply from you to these email warnings so we then attempted to contact you via telephone.
We had no choice but to suspend your domain name when you did not respond to our attempts to contact you.
Click here [LINK] and download a copy of complaints we have received.
Please contact us by email at mailto:email@example.com for additional information regarding this notification.
Spam and Abuse Department
Abuse Department Hotline: 480-124-0101
According to several online forums, it looks like other registrars are being spoofed as well. If you do happen to receive an email like this it is important that you do not click on any links inside, and do not download anything on to your computer.
As always, it’s important to be wary of an email that comes from an address you don’t recognize, and even sometimes from addresses that you do recognize. Spammers are always trying to find newer, better ways of getting you to open their emails and potentially infect your computer. If you ever receive an email that you aren’t sure about you can contact our support team and we’d be happy to help sort it out.