Com92.biz

Template:Phishing Site

Title

eNom - domain name, web site hosting, email, registration

Description

A phishing site, looking for Enom account details.

Additional Information

From: http://www.domainnamenews.com/news/warning-enom-phishing-scam/3002

10|28|2008 6:28 pm EDT WARNING: Enom Phishing Scam

by Adam Strong in Categories: News - 15 Comments

We have received several reports of phishing scam emails that at first glance appear to be coming from domain name registrar Enom.com. The emails warn of a complaint for invalid whois information and ask the user to login. Of course the link that the email directs you to is not a valid Enom domain name. The site is likely harvesting user names and passwords to access legitimate Enom accounts.

The link in the email actually takes you to the domain name com92.biz . When we attempted to visit the site McAfee put up a warning page that said

Reported Web Forgery! This web site at www.enom.com.com92.biz has been reported as a web forgery and has been blocked based on your security preferences.

Web forgeries are designed to trick you into revealing personal or financial information by imitating sources you may trust.Entering any information on this web page may result in identity theft or other fraud.

If you do get to the site it is designed to look exactly like the enom home page. The domain is registered by a Russian at the Chinese registrar OnlineNic . A copy of the email is below.

On Tue, 28 Oct 2008 23:25:34 +0300, “eNom Team” said: Dear user,

On Tue, 28 Oct 2008 23:25:34 +0300 we received a third party complaint of invalid domain contact information in the Whois database for this domain. Whenever we receive a complaint, we are required by ICANN regulations to initiate an investigation as to whether the contact data displaying in the Whois database is valid data or not. If we find that there is invalid or missing data, we contact both the registrant and the account holder and inform them to update the information.

The contact information for the domain which displayed in the Whois database was indeed invalid. On Tue, 28 Oct 2008 23:25:34 +0300 we sent a notice to you at the admin/tech contact email address and the account email address informing you of invalid data in breach of the domain registration agreement and advising you to update the information or risk cancellation of the domain. The contact information was not updated within the specified period of time and we canceled the domain. The domain has subsequently been purchased by another party. You will need to contact them for any further inquiries regarding the domain.

PLEASE VERIFY YOUR CONTACT INFORMATION – http://www.enom.com.com92.biz

If you find any invalid contact information for this domain, please respond to this email with evidence of the specific contact information you have found to be invalid on the Whois record for the domain name. Examples would be a bounced email or returned postal mail. If you have a bounced email, please attach or forward with your reply or in the case of returned postal mail, scan the returned letter and attach to your email reply or please send it to:

Attn: Domain Services 14455 N Hayden Rd Suite 219 Scottsdale, AZ 85260

LINK TO CHANGE INFORMATION – http://www.enom.com.com72.biz

Thank you, Domain Services

[IncidentID:14166]

Share

Tags: Tags: domain theft , enom , identity theft , phishing. Related Posts

   * eNom registrants target of phishing scam
   * WARNING: Network Solutions Phishing Scam
   * TrafficZ customers targeted by phishing scam
   * Network Solutions Proactive in Fighting Recent Phishing Attack
   * eNom Changes Website and Increases Registration Fees

15 Comments

Tony Toews

October 28, 2008 @ 9:36 pm EDT

There are other URLs in the phishing emails I received. sys52.net, com94.net, com82.biz, com62.biz and com72.biz.

Also there is a variation stating “we will be conducting maintenance on our database and datacenter resulting in the following sites and services being unavailable: …” “For access your account follow this link – com72.biz”

Jason

October 29, 2008 @ 12:40 am EDT

Thank you for the post. I was just about to click on it and thought I will check to see if there is anything about the email that I needed to know about first (suspicious). A quick search in google brought me to you so thank you for posting this to let us know All The Best Jason

David

October 29, 2008 @ 2:35 am EDT

Ditto. just rcvd this email with slightly different date/time. As with most phishing messages, actally reading it reveals how phony it is. In this case, the date and time mentioned in three different places is the same exact time stamp. Makes no sense. If the people who engage in this fraud were actually bright, they would probably choose to do something more productive with their lives than attempting to defraud others. In the end, most criminals are too lazy and stupid to actally master their craft.

James

October 29, 2008 @ 9:47 am EDT

They almost got me. Only thing that really stopped me was that the email said that they sent a notice with a date/time in the future and even if that were a mistake, no group would require instant response to an email like that. Whew!!

Nancy

October 29, 2008 @ 10:49 am EDT

I got this email as well but what tipped me off is that they didn’t tell me which of my website had incorrect info. I think enom would have put information about what website they were talking about in their email to their customer. The one I got says my contact info was found to be incorrect so they had sold my website URL to someone else and I would need to contact the new owner to discuss…but again they didnt’ include who that new person was. They aren’t too bright. I NEVER click links in emails; I go to the website by typing in the original URL manually and check my account to verify there are no problems. I wonder why no government agency is pursuing and prosecuting these scammers.

Kyle

October 29, 2008 @ 11:46 am EDT

same things here, i was about to see what it was until i found this site. thanks for informing me.

Dor

October 29, 2008 @ 12:16 pm EDT

Me too, but please keep it to yourself what was wrong with the email, if not they will get better..

Chris

October 29, 2008 @ 1:08 pm EDT

I have received a number of these today. They are quite convincing. Thank you for posting this and preventing me from responding to them.

Dustin Erickson

October 29, 2008 @ 1:13 pm EDT

They almost got me too :)

I moused over the link which gave it away for me – enom.com62.biz…

Pretty sneaky though!!

Pete

October 29, 2008 @ 1:17 pm EDT

I had just renewed my domain so was nearly suckered in, but the email had inaccuracies which led me to check and here.

Mark

October 29, 2008 @ 3:18 pm EDT

hmmmm…nice try but i always laugh when i get this crap in my inbox addressed to an e-mail address i set up solely as a contact point for an online game that has the same made up character name as the e-mail address.

Steve Marino

October 31, 2008 @ 12:03 pm EDT

If you get an email from your bank, Enom or anyone else, don’t follow the link in the email. Type the address in directly. If you find a phishing scam, report it to the company being spoofed.

Tom M McIntyre

October 31, 2008 @ 3:33 pm EDT

Thanks, guys. It smelled bad to me, but not REAL bad. Glad I googled it and very glad you folks had the straight info. Thank you.

Jason

November 1, 2008 @ 5:36 am EDT

Received the same using an ssl45.mobi

Carmen

December 12, 2008 @ 9:49 pm EDT

I received an email supposedly from E-nom telling me that the free domain that I’ve had with AOL for several years will be discontinued and all info lost if I don’t register with E-nom by January 31. This seems like a scam since I did not get a direct answer to my question when I questioned them by email. Does anyone know more information about this? Thanks for the help.

Related Domains

External Links

• Alexa: Com92.biz
• WHOIS for Com92.biz