Oct 30

Network Solutions Phishing Scam

Biz Thoughts No Comments »

Network Solutions is listed as #3 by registrar domain count with more than 6.5 million domains. Today, phishers have turned their attention from Enom to Network Solutions and are sending an email scam with subject lines that indicate your domain will expire or be deleted soon. Here’s an example of the body of one such phishing email:

    Dear Network Solutions Customer,

    We recently notified you that the registration period for your Network Solutions domain name had expired. As a benefit of having previously registered a domain name(s) with Network Solutions, you are eligible to receive a percentage of the net proceeds that were generated from the renewal and transfer of the domain name you chose not to renew. Since you have chosen not to renew the domain name listed below during the applicable grace period, we were successful in securing a backorder for this domain name on your behalf and it has been transferred to another party in accordance with the Service Agreement.

    Renew your domain now – http://www.networksolutions.com ( <---this isn't the actual link you are directed to)

    You must click on the following link, enter your domain name, and confirm your contact information in order to claim these funds. If your contact information is not correct, you must enter Account Manager and make the appropriate changes prior to clicking “submit” from the confirmation screen. If you do not do this, you will be confirming inaccurate information and will not receive any payment. Checks will only be made payable and mailed to the Account Holder of record.

    Sincerely,
    Network Solutions® Customer Support

It’s still on the early side of this phishing scam campaign, and if you’ve not received an email such as this one, don’t be surprised if/when you do. As with every current top spam campaign, the registration WHOIS information indicates the registrant as being “Shestakov Yuriy” AKA Alexey Vasiliev – the registrant behind all the top ‘Russian girls’ spam domains and most of the Canadian pharmacy spam domains. Simply delete the email, don’t click on the link and continue to delete them as they filter in through your inbox.

UPDATE: This phishing scam is also being sent as a fax.