Monday, December 18, 2017
Domain Expiration Spam Fraud: Phishing for Payments from Domain Owners

Domain Expiration Spam Fraud: Phishing for Payments from Domain Owners

0
642

Interesting spam campaign to lure and defraud domain owners.

Legitimate looking Spam email asks for 'renewal' of 'expired domain SEO'

Spam email sent to domain owner asking for ‘domain registration renewal’, whereas the domain is not actually up for a renewa.

” This spammer USES contact information of the domain owner (presumably from WHOIS) & e-mail address and uses misleading wording to lure the target

The Lure

I received this email (which was dutifully filtered by my webmail spam blocker) on 7th February, 2016.

The interesting points about this email are:

  • It is an unwanted email. I.e a Spam.
  • It refers to a domain name that is indeed owned by myself.
  • It includes the postal address which is indeed registered against the domain on WHOIS database.
  • It uses the phrase ‘expiration notice of your domain registration‘ but then continues on to say ‘for <domian.com> search engine optmization submission’.
  • It asks for a payment of $61 for ‘domain SEO registration

As we can imagine, it is designed to mislead and possibly confuse the domain owner to think that his/her domain is indeed due its renewal and lure him/her to pay up the ‘renewal fee‘.

WHOIS data on the spammer's domain

Looking at the WHOIS registration information on the lure domain used in the spam showed that the spammer domain has been registered since 3rd February, 2016. I.e. Only for five days (at the time of writing).

WHOIS data on Spammer's domain

If a spammed victim clicks on the ‘Secure Payment’ link on the spam mail, the link takes him/her to the spammer’s landing page:

h–p://senstraff[.]com/redirect.php/x=l  (screenshot attached)

This page asks the victim for his contact information and then it redirects to the payment page on a legitimate payment processing site (see screenshot).

 

NO COMMENTS

This website uses cookies so that we can provide you with the best user experience and to deliver advertising messages and offers on the website that are relevant to you. To read more about the cookies we use and to change your settings see our policy, please click on the link next:

Our Cookie Policy.

This website uses cookies so that we can provide you with the best user experience and to deliver advertising messages and offers on the website that are relevant to you. By continuing to use the site, you agree to the use of cookies.

What are 'COOKIES' ?

Web Browser Cookies

A cookie is a small text file that is sent by a website to your computer or mobile/tablet where it is stored by your web browser. A cookie contains limited non-personal data, usually a unique identifier and the name of the site. This enables a website to recognise you as you move around the site and/or each time you revisit. Cookies are used for a wide variety of purposes such as to keep you logged in or to remember what's in your basket if you're shopping online, to remember your preferences and settings, to analyse how the site is used by you, and to serve advertising to you.

Cookies which are served by the website you are visiting are called "first party cookie". If they are served by another web-site providing services to that website, such as an analytics company or advertising network then they are called "Third party cookies". They will either be stored for the duration of your visit called a "session cookie" or they might remain for a fixed period, which could be months or even years, to remember you across multiple browsing sessions (known as a "persistent cookie").

Google Analytics

We use 'Google Analytics' to collect statistical information about how our websites are used. They use information such as your IP address, browser type and unique identifiers stored in (first party) cookies on your device to record how you interact with our website. We also use 'Google Demographics' data to help us tknow how many users we have, which parts of our sites are most popular, what browsers are used (so we can maximise compatibility), the country or region where our users are located, and the demographics and interests of our users. This enables us to better understand who is using our site and to ensure we are reaching our target demographic, and to improve and tailor our services accordingly.

NOTE:

For more information on cookies and privacy, please visit the UK Information Commissioner's Offce web-site at:

ICO Cookie and Privacy Information

Close