1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Godaddy fraud phishing

Discussion in 'BlackHat Lounge' started by ppd47, Sep 23, 2015.

  1. ppd47

    ppd47 Registered Member

    Joined:
    Sep 10, 2015
    Messages:
    51
    Likes Received:
    9
    Perhaps this is just me, but I think this is the most convincing phishing email I have ever seen

    phishing.png

    The text in the email appears to link to godaddy but it leads to a different domain, with the exact styling of godaddy's login page... so you put your username and password in and thats you passed your details over. Serves me right for not taking domain privacy.

    Apologies in advance if this is a useless newbie post about something everyone else is aware of, but I've been managing domains for years and this is the most convincing scam I've seen.

    ________________________

    Dear Valued GoDaddy Customer

    This notification is generated automatically as a service to you.

    We have received a request that the name servers be changed for the following domain name(s):

    asdfasdf.net

    If you are monitoring this name with Domain Backorders, the above change is also displayed in the Monitoring and Backordering section of your Account Manager.

    Use the link below:
    https://sso.godaddy.com/domain.aspx?rid=59b5a32ef22091b6057d844141c0bafd

    (this links to http://mariaelenamexia.com/login/sso/godaddy/19d47109e3c9e2c1423eac228aff27d119d47109e3c9e2c1423eac228aff27d1/0d441de75945e5acbc865406fc9a25590d441de75945e5acbc865406fc9a2559/qbivvmlirq.aspx?qbivvmlirq=59b5a32ef22091b6057d844141c0bafd )


    Sincerely,
    GoDaddy Domain Backorders team.
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

    Copyright (c) 1999-2015 GoDaddy.com, LLC. All rights reserved.
     
    • Thanks Thanks x 1
  2. ambushiv11

    ambushiv11 Jr. VIP Jr. VIP

    Joined:
    Apr 13, 2013
    Messages:
    601
    Likes Received:
    284
    I've received this shit too but I've noticed is has been sent through some russian crap server and I figured it our it was something wrong.

    Reminder: before accessing any links, check for any suspicious thing in an email.