Phishing fraud emails target domain name owners

By

Domain name owners are the target of a sophisticated scam disclosed by the US SANS Internet Storm Center late last week.

Phishing fraud emails target domain name owners
According to a report received by the nonprofit organisation, scammers initially sent victims an email with an offer to purchase a domain name.

Recipients were then directed to what appeared to be a forum discussion page addressing the most reliable appraisal services for domain names, according to SANS researcher Lenny Zeltser.

The bogus email read, "Of course we must be sure that you are engaging a reputable appraisal company. I heard many appraisal companies often made inaccurate appraisals. I will only accept appraisals from independent sources I trust," and then links recipients to a forum page.

After fake forum inquiries are made about appraisal services, a user named "NameSeller" corresponded with other users, and a consensus was reached naming securenamesale[dot]com as the winner, according to the Saturday SANS post.

Securenamesale[dot]com is likely not a legitimate service, according to Zeltser’s citations of victim reaction on public forums. The website sells domain appraisal software for US$99, he said.

Scams targeting the owners of domain names are nothing new.

In February 2001, the Federal Trade Commission (FTC) asked a US District Court to halt a scam duping consumers into registering variations of existing domain names. The FTC estimated that at least 27,000 website owners were victims of that scam.

Web-based fraud cases cost consumers about US$200 million during 2006, according to just-released statistics from the FBI.

Ron O’Brien, senior security analyst at Sophos, told SCMagazine.com that this scam could be considered spear phishing.

"The fact that someone is effectively trolling for someone else who would sell his or her domain name is a form of phishing," he said. "And then when you go to a particular domain name to find out that it’s a static web page, it’s basically a form of false advertising or fraud."

O’Brien added that the primary motivation of the fraudster was to take US$99 payments while knowing the domain name won’t be sold, although other motives are possible.
Got a news tip for our journalists? Share it with us anonymously here.
Tags:

Most Read Articles

NSW Police to embark on $126m IT overhaul

NSW Police to embark on $126m IT overhaul

CBA looks to GenAI to assist 1200 'security champions'

CBA looks to GenAI to assist 1200 'security champions'

Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Log In

  |  Forgot your password?