Possible Namepros Phishing Attempt | DomainInvesting.com

Possible Namepros Phishing Attempt

3

NameprosThis morning I received an email that appears to be a Namepros domain forum phishing attempt, which I posted below. There are a couple of things domain investors and developers can learn from this:

1) Have different user names and passwords for forums, blogs, registrar logins…etc.

2) Don’t click links in an email as they can be cloaked.

3) If you suspect that you have clicked to a phishing website, tell the webmaster and change your password on the real site

4) Protectively register similar domain names to prevent confusion – especially if your website allows people to sign up.

It appears this email refers to a site at wwwnamepros.com rather than www.namepros.com, and the phishing domain name is registered at Godaddy. The spoofed website has already been taken down. However, you should be aware of this now and for the future. It should also be noted that the Whois information on the domain name is not private.

Here’s the email:

DO NOT REPLY TO THIS EMAIL!
***************************

Dear UserName,

You have received a new private message at NamePros.com from steelejones, entitled “Trader Rating Notification”.

To read the original version, respond to, or delete this message, you must log in here:
http://www.namepros.com/private.php

This is the message that was sent:
***************
You have received a new Positive rating or comment from steelejones.

Details about this transaction can be found *on your iTrader page* (http://wwwnamepros.com/itrader.php?u=88275).

Note: This is an automated message.
***************

Again, please do not reply to this email. You must go to the following page to reply to this private message:
http://www.namepros.com/private.php

All the best,
NamePros.com


About The Author: Elliot Silver is an Internet entrepreneur and publisher of DomainInvesting.com. Elliot is also the founder and President of Top Notch Domains, LLC, a company that has sold seven figures worth of domain names in the last five years. Please read the DomainInvesting.com Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest.


Reach out to Elliot: Twitter | | Facebook | Email

Comments (3)

    Reece Berg

    Elliot,

    You’re right — there is a phishing attempt going on. I’m not sure how many people have been affected, however it is severe enough that all Namepros accounts now have a warning about it when they go to their private message page. If everyone followed the advice you gave above, there would probably be a whole lot less phishing attempts because nobody would become a victim of them.

    July 3rd, 2009 at 9:47 pm

    Bryan Walde

    I have seen this many times with various forums, but never before with NamePros..

    I have learned to never click the links in the email, and instead go to the website and respond to the PM (if there is one) from my UserCP.

    It has become my habit to do this, and should become yours as well.

    July 4th, 2009 at 12:59 pm

    kfink

    I got f’d.

    Usually, I’m 200% careful, but this time – I logged in. Briskly changed my password when I realized what had happened. Contacted support so I can forward the email if need be.

    The email looks official; but the landing page the link takes you to (not to mention the url now that I glance at it again) looks fake as all-hell…

    Careful, folks!

    July 5th, 2009 at 9:17 pm

Leave a Reply

Name *

Mail *

Website