arrow_upward

Pages (2):
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Fake ICANN Emails
#1
Today as usual I was checking my mails and one of them had this:
Spoiler Expand
[Image: 8fa2430d42.png]
Author: [email protected]

At a glance, I thought It was real, but wait then I again realized that Post4VPS.com is no longer provided by ICANN.
then I tried to find out about icann-monitor.org domain owner via whois Info but it was whois protected.
Spoiler Expand
Raw WHOIS Record

Domain Name: ICANN-MONITOR.ORG
Domain ID: D402200000001096932-LROR
WHOIS Server:
Referral URL: http://www.enom.com
Updated Date: 2016-12-29T21:48:10Z
Creation Date: 2016-12-28T20:19:57Z
Registry Expiry Date: 2017-12-28T20:19:57Z
Sponsoring Registrar: eNom, Inc.
Sponsoring Registrar IANA ID: 48
Domain Status: clientHold https://icann.org/epp#clientHold
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited
Domain Status: addPeriod https://icann.org/epp#addPeriod
Registrant ID: 4446f13b1ff14188
Registrant Name: WhoisGuard Protected
Registrant Organization: WhoisGuard, Inc.
Registrant Street: P.O. Box 0823-03411
Registrant City: Panama
Registrant State/Province: Panama
Registrant Postal Code: 0
Registrant Country: PA
Registrant Phone: +507.8365503
Registrant Phone Ext:
Registrant Fax: +51.17057182
Registrant Fax Ext:
Registrant Email: [email protected]
Admin ID: 4446f13b1ff14188
Admin Name: WhoisGuard Protected
Admin Organization: WhoisGuard, Inc.
Admin Street: P.O. Box 0823-03411
Admin City: Panama
Admin State/Province: Panama
Admin Postal Code: 0
Admin Country: PA
Admin Phone: +507.8365503
Admin Phone Ext:
Admin Fax: +51.17057182
Admin Fax Ext:
Admin Email: [email protected]
Tech ID: 4446f13b1ff14188
Tech Name: WhoisGuard Protected
Tech Organization: WhoisGuard, Inc.
Tech Street: P.O. Box 0823-03411
Tech City: Panama
Tech State/Province: Panama
Tech Postal Code: 0
Tech Country: PA
Tech Phone: +507.8365503
Tech Phone Ext:
Tech Fax: +51.17057182
Tech Fax Ext:
Tech Email: [email protected]
Name Server: NS1.ICANN-MONITOR.ORG
Name Server: NS2.ICANN-MONITOR.ORG
DNSSEC: unsigned
>>> Last update of WHOIS database: 2016-12-30T15:00:35Z <<<
but wait, when i saw creation Date:
Created Date: 2016-12-28
then I became more suspicious and started searching about it and got to know that its happening frequently:
http://www.webhostingtalk.com/showthread.php?t=1620770
https://www.namepros.com/threads/fake-ic...ce.992273/

so do anyone else has got similar Emails last night ?
Its looking like a Scam.
 Administrator
admin@post4vps.com


#2
Man there are alot of emails in my trash similar to abuse reports, domain expiration, etc. They probably send you these emails from an older whois database(whois databases can be found on darknet/deepweb/TOR) look like these scammers are sending infected files by the help of mass email. Make sure you not downloaded that file.
[Image: a3ad5cfbf5.png]
[Image: trk1]
#3
Obviously this is comes from some scammer. What you say about ICANN though, is not true. Every .com, .net, etc. is registered by ICANN. They are the only registry who can announce these domains to the global DNS system. You may buy your domain at GoDaddy or NameCheap or some other registrar, but this registrar only "resells" the domains from ICANN.
#4
mine got really funny icann emails . im not even having that domain name but i get those email alot . but luckly the spammer doesnt spam me now
Spoiler Expand
[Image: Wbx5Yjz.png]
[Image: vN4IJ4i.png]
[Image: c47cb6a064944f1cb690fe1e3cb21d26.png]

i think it is because i click in the facebook ad that say "get your own .net domain " and then i register there and i type humanpuff69.net and i not even realizing . and the spam ended up with message that i cannot get the domain . really strange
Terminal
humanpuff69@FPAX:~$ Thanks To Shadow Hosting And Post4VPS for VPS 5
#5
(06-05-2017, 02:24 PM)humanpuff69 Wrote: mine got really funny icann emails . im not even having that domain name but i get those email alot . but luckly the spammer doesnt spam me now
Spoiler Expand
[Image: Wbx5Yjz.png]
[Image: vN4IJ4i.png]
[Image: c47cb6a064944f1cb690fe1e3cb21d26.png]

i think it is because i click in the facebook ad that say "get your own .net domain " and then i register there and i type humanpuff69.net and i not even realizing . and the spam ended up with message that i cannot get the domain . really strange

Your one actually not like what I had showed at the forum..
In your mails, the user tried to advertise his/her SEO services nothing else.
 Administrator
admin@post4vps.com


#6
How about sending a report to it's registrar eNom Inc. about this issue or maybe direct a report to .ORG registry to have this domain be suspended.
#7
I've gotten worser emails. I've gotten emails that have been made to look like my registar's, and made look like it is expiration of a domain, only to it being SEO registration or whatnot.

Ignore all emails unless it comes from the official ICAAN domain, and your domain's registrar.

In regards to what @TrK said, these people do get it from WHOIS databases, but these are recent. There are sites out there have recent and live data, as soon as you register go up, and are available for you to purchase. Note, ever wonder why there are such registars that PUSH and PUSH to sell you WHOIS protection? Take a look at their TOS and respective documents, and you will see why. At least there are some that straight out tell you that they are basically selling your info.
#8
Actually ICANN doesn't provide domains. .com domains are belongs to .com Registry. But again they don't provider domains for end users either. Only domain registrars sell domains to end users. Time to time Domain registrar send you a mail asking you to check your domain owner details and update those if those needed to be. Apart from that only mail you get from them are promos and renewal reminders.

There are several Chinese companies which send you mail asking you to renew your domains. What they do is try to make to transfer the domain to their registrar. Usually those mails are made to panic inexperience users to get to to transfer the domain to them so they can earn money from renewal charges. Also there are some who try to steal the domain making you send it to their account and then ask you to pay higher price if u need domain again.


~ Be yourself everybody else is taken ~




#9
(06-06-2017, 01:39 AM)xdude Wrote: Actually ICANN doesn't provide domains. .com domains are belongs to .com Registry. But again they don't provider domains for end users either. Only domain registrars sell domains to end users. Time to time Domain registrar send you a mail asking you to check your domain owner details and update those if those needed to be. Apart from that only mail you get from them are promos and renewal reminders.

There are several Chinese companies which send you mail asking you to renew your domains. What they do is try to make to transfer the domain to their registrar. Usually those mails are made to panic inexperience users to get to to transfer the domain to them so they can earn money from renewal charges. Also there are some who try to steal the domain making you send it to their account and then ask you to pay higher price if u need domain again.

it pretty much just like ransomware . they try to encrypt your file for free then ask you to pay much much higer price to decrypt
Terminal
humanpuff69@FPAX:~$ Thanks To Shadow Hosting And Post4VPS for VPS 5
#10
In extreme cases yes. But it rarely happens since you can't get away with that kind of stuff when it comes to domain names. You can complain ICANN and domain registrar and get it sorted out and bust the thief too. Also in most cases its about domain re-sellers and registrars who try to increase the number of domains under them. If someone stupid enough to fall for this kinda trick then they would pay high renewal prices without thinking much. I have seen that happen.


~ Be yourself everybody else is taken ~




Pages (2):


Possibly Related Threads…
Thread
Author
Replies
Views
Last Post
1,510
09-16-2020, 04:24 AM
Last Post: Arkiven4

person_pin_circle Users browsing this thread: 1 Guest(s)
Sponsors: VirMach - Host4Fun - CubeData - Evolution-Host - HostDare - Hyper Expert - Shadow Hosting - Bladenode - Hostlease - RackNerd - ReadyDedis - Limitless Hosting