Post4VPS Forum | Free VPS Provider
Fake ICANN Emails - Printable Version

+- Post4VPS Forum | Free VPS Provider (https://post4vps.com)
+-- Forum: General Chat (https://post4vps.com/Forum-General-Chat)
+--- Forum: General (https://post4vps.com/Forum-General)
+--- Thread: Fake ICANN Emails (/Thread-Fake-ICANN-Emails)

Pages: 1 2

Fake ICANN Emails - Dynamo - 12-30-2016

Today as usual I was checking my mails and one of them had this:
Spoiler Expand
[Image: 8fa2430d42.png]
Author: [email protected]

At a glance, I thought It was real, but wait then I again realized that Post4VPS.com is no longer provided by ICANN.
then I tried to find out about icann-monitor.org domain owner via whois Info but it was whois protected.
Spoiler Expand
Raw WHOIS Record

Domain Name: ICANN-MONITOR.ORG
Domain ID: D402200000001096932-LROR
WHOIS Server:
Referral URL: http://www.enom.com
Updated Date: 2016-12-29T21:48:10Z
Creation Date: 2016-12-28T20:19:57Z
Registry Expiry Date: 2017-12-28T20:19:57Z
Sponsoring Registrar: eNom, Inc.
Sponsoring Registrar IANA ID: 48
Domain Status: clientHold https://icann.org/epp#clientHold
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited
Domain Status: addPeriod https://icann.org/epp#addPeriod
Registrant ID: 4446f13b1ff14188
Registrant Name: WhoisGuard Protected
Registrant Organization: WhoisGuard, Inc.
Registrant Street: P.O. Box 0823-03411
Registrant City: Panama
Registrant State/Province: Panama
Registrant Postal Code: 0
Registrant Country: PA
Registrant Phone: +507.8365503
Registrant Phone Ext:
Registrant Fax: +51.17057182
Registrant Fax Ext:
Registrant Email: [email protected]
Admin ID: 4446f13b1ff14188
Admin Name: WhoisGuard Protected
Admin Organization: WhoisGuard, Inc.
Admin Street: P.O. Box 0823-03411
Admin City: Panama
Admin State/Province: Panama
Admin Postal Code: 0
Admin Country: PA
Admin Phone: +507.8365503
Admin Phone Ext:
Admin Fax: +51.17057182
Admin Fax Ext:
Admin Email: [email protected]
Tech ID: 4446f13b1ff14188
Tech Name: WhoisGuard Protected
Tech Organization: WhoisGuard, Inc.
Tech Street: P.O. Box 0823-03411
Tech City: Panama
Tech State/Province: Panama
Tech Postal Code: 0
Tech Country: PA
Tech Phone: +507.8365503
Tech Phone Ext:
Tech Fax: +51.17057182
Tech Fax Ext:
Tech Email: [email protected]
Name Server: NS1.ICANN-MONITOR.ORG
Name Server: NS2.ICANN-MONITOR.ORG
DNSSEC: unsigned
>>> Last update of WHOIS database: 2016-12-30T15:00:35Z <<<
but wait, when i saw creation Date:
Created Date: 2016-12-28
then I became more suspicious and started searching about it and got to know that its happening frequently:
http://www.webhostingtalk.com/showthread.php?t=1620770
https://www.namepros.com/threads/fake-icann-email-domain-abuse-notice.992273/

so do anyone else has got similar Emails last night ?
Its looking like a Scam.

RE: Fake ICANN Emails - TrK - 12-31-2016

Man there are alot of emails in my trash similar to abuse reports, domain expiration, etc. They probably send you these emails from an older whois database(whois databases can be found on darknet/deepweb/TOR) look like these scammers are sending infected files by the help of mass email. Make sure you not downloaded that file.

RE: Fake ICANN Emails - RickB - 12-31-2016

Obviously this is comes from some scammer. What you say about ICANN though, is not true. Every .com, .net, etc. is registered by ICANN. They are the only registry who can announce these domains to the global DNS system. You may buy your domain at GoDaddy or NameCheap or some other registrar, but this registrar only "resells" the domains from ICANN.

RE: Fake ICANN Emails - humanpuff69 - 06-05-2017

mine got really funny icann emails . im not even having that domain name but i get those email alot . but luckly the spammer doesnt spam me now
Spoiler Expand
[Image: Wbx5Yjz.png]
[Image: vN4IJ4i.png]
[Image: c47cb6a064944f1cb690fe1e3cb21d26.png]

i think it is because i click in the facebook ad that say "get your own .net domain " and then i register there and i type humanpuff69.net and i not even realizing . and the spam ended up with message that i cannot get the domain . really strange

RE: Fake ICANN Emails - Dynamo - 06-05-2017

(06-05-2017, 02:24 PM)humanpuff69 Wrote: mine got really funny icann emails . im not even having that domain name but i get those email alot . but luckly the spammer doesnt spam me now
Spoiler Expand
[Image: Wbx5Yjz.png]
[Image: vN4IJ4i.png]
[Image: c47cb6a064944f1cb690fe1e3cb21d26.png]

i think it is because i click in the facebook ad that say "get your own .net domain " and then i register there and i type humanpuff69.net and i not even realizing . and the spam ended up with message that i cannot get the domain . really strange

Your one actually not like what I had showed at the forum..
In your mails, the user tried to advertise his/her SEO services nothing else.

RE: Fake ICANN Emails - Vuluts - 06-05-2017

How about sending a report to it's registrar eNom Inc. about this issue or maybe direct a report to .ORG registry to have this domain be suspended.

RE: Fake ICANN Emails - Mr.Monkey - 06-05-2017

I've gotten worser emails. I've gotten emails that have been made to look like my registar's, and made look like it is expiration of a domain, only to it being SEO registration or whatnot.

Ignore all emails unless it comes from the official ICAAN domain, and your domain's registrar.

In regards to what @TrK said, these people do get it from WHOIS databases, but these are recent. There are sites out there have recent and live data, as soon as you register go up, and are available for you to purchase. Note, ever wonder why there are such registars that PUSH and PUSH to sell you WHOIS protection? Take a look at their TOS and respective documents, and you will see why. At least there are some that straight out tell you that they are basically selling your info.

RE: Fake ICANN Emails - xdude - 06-06-2017

Actually ICANN doesn't provide domains. .com domains are belongs to .com Registry. But again they don't provider domains for end users either. Only domain registrars sell domains to end users. Time to time Domain registrar send you a mail asking you to check your domain owner details and update those if those needed to be. Apart from that only mail you get from them are promos and renewal reminders.

There are several Chinese companies which send you mail asking you to renew your domains. What they do is try to make to transfer the domain to their registrar. Usually those mails are made to panic inexperience users to get to to transfer the domain to them so they can earn money from renewal charges. Also there are some who try to steal the domain making you send it to their account and then ask you to pay higher price if u need domain again.

RE: Fake ICANN Emails - humanpuff69 - 06-06-2017

(06-06-2017, 01:39 AM)xdude Wrote: Actually ICANN doesn't provide domains. .com domains are belongs to .com Registry. But again they don't provider domains for end users either. Only domain registrars sell domains to end users. Time to time Domain registrar send you a mail asking you to check your domain owner details and update those if those needed to be. Apart from that only mail you get from them are promos and renewal reminders.

There are several Chinese companies which send you mail asking you to renew your domains. What they do is try to make to transfer the domain to their registrar. Usually those mails are made to panic inexperience users to get to to transfer the domain to them so they can earn money from renewal charges. Also there are some who try to steal the domain making you send it to their account and then ask you to pay higher price if u need domain again.

it pretty much just like ransomware . they try to encrypt your file for free then ask you to pay much much higer price to decrypt

RE: Fake ICANN Emails - xdude - 06-06-2017

In extreme cases yes. But it rarely happens since you can't get away with that kind of stuff when it comes to domain names. You can complain ICANN and domain registrar and get it sorted out and bust the thief too. Also in most cases its about domain re-sellers and registrars who try to increase the number of domains under them. If someone stupid enough to fall for this kinda trick then they would pay high renewal prices without thinking much. I have seen that happen.