Beware of such carefully crafted phishing emails in the name of GoDaddy


This is the email I received today. At first, it really looks like an email we receive from Godaddy for verification of domain ownership. 

If I was not paying attention (digitally toxic), I was going to click on that link. Normally the verification email IDs have some weird email IDs (example, transfer-verify etc.) I would have easily overlooked this one:

Usually it is very easy to spot phishing email because of textual errors in the content, domain mismatches etc, but the scammer has done a good job on this one. He has registered the domain in the .name extension. He added a .com left of the dot.

A whois search reveals this domain name is registered couple of days ago at Reseller Club and the registrant belongs to China.

Whois com

The verification link in the text uses another domain name The whois is below, belongs to a Chinese national, also at Reseller Club, registered in March of this year. It may not necessary be a Chinese national; it could be someone from another country using fake info.

Whois godaddy


Clicking on the link will lead you to a Godaddy login clone page.

My Account Login

If you do not have 2fa enabled, your assets are at potential risk. Some people use same password everywhere, so this can compromise your account that does not have 2fa.

I was not using gmail. I think Gmail has better security features which takes this kind of emails to spam already.

Always double check from which domains the emails are coming from. Check it’s whois. Check the domains in verification links, check their whois. Enable 2fa. Use good email service. Be safe! 

The post Beware of such carefully crafted phishing emails in the name of GoDaddy appeared first on DN.DOMAINS.