A new GoDaddy phishing scheme is spreading quickly now, I personally received 4 identical emails from them just an hour ago. Many other domainers reported receiving these, some 5-7 at a time. The email, which appears to come from email@example.com but it points to: http://18.104.22.168/~ytrindic/ It’s a server in Pakistan mzwebhost.com
Domain Registration Confirmation
This notification is generated automatically as a service to you.
Because of unusual number of invalid login attempts on you account, we had to believe that, their might be some security problem on you account. So we have decided to put an extra verification process to ensure your identity and your account security.
Please click on sign in to domain servers to continue to the verification process and ensure your account security. It is all about your security. Thank you. and visit the customer service section.
please contact us within 1 days.
If you need to address this matter, or in any way need further assistance or technical support, call us any time at (480) 505-8877 or email us at firstname.lastname@example.org. We appreciate your business!
GoDaddy.com DomainAlert team
The emails also have the “regular” legal addition which makes them look rather authentic:
*Free hosting, photo album and blog services are ad-supported. Ad-supported Web sites contain
relevant online advertising on a small portion of the site, but DO NOT include obtrusive pop-up ads.
**Not applicable to premium domains, bulk domain purchases, discounted domain products, Sunrise/Landrush domain registrations, .ME domain registrations, discounted memberships or maintenance plans; additional disk space and bandwidth renewals, custom page layouts, custom headers, posters or gift cards. Discount reflected in your shopping cart – cannot be used in conjunction with any other offer or promotion.
Copyright © 2009 GoDaddy.com, Inc.. All rights reserved.
In general these emails look pretty good, much better than the regular scams, where after seeing the “dear sir/madam” you can figure it’s a scam right away. This email even had a smaller frame with a 10% off code and a few real links to GoDaddy.com
Take 10%** off your next order at GoDaddy.com.
Simply enter gdbb366 in your shopping cart or mention the offer code when you call (480) 505-8877.
The question remains however will these guys ever learn to spell and actually write in decent English? However many people don’t read email and just check the title, open it and click the link if it looks authentic.
Last, but not least – be sure to mouse over all links in email before clicking them!