Reported GoDaddy Account Phishing Email: Status Alert: Code
Neustar Domain Names

Reported GoDaddy Account Phishing Email: “Status Alert: Code”

8

A few months ago, I reported what seems to be a Register.com account phishing email. This morning, Bill Sweetman from Name Ninja reported a similar type of phishing email. The difference with this reported email is that it is targeting GoDaddy account customers. I presume there may be similar emails targeting customers of other domain registrars, so if you see something similar, it is most likely an illegitimate phishing email.

With domain registrar account phishing emails, the sender tries to get people to click a link to a website they control that asks for account information (or may possibly download malware) from a domain name registrant. Once a hacker has the account holder’s login credentials, they may be able to make changes to the account or even hijack / steal domain names from the account. Oftentimes, they are able to do this without the domain owner even knowing, making it even more problematic.

To reduce the chance of this happening to you, I recommend adding the highest level of security at your accounts. This includes two factor authentication and additional account or domain name locks to prevent unauthorized transfers. In addition, you want to use different passwords (and logins) at different registrars, and you should not click on links within marketing or other emails from registrars unless you are certain the email is legitimate.

Here is the content of the email Bill sent to me. I removed the link and url so nobody accidentally clicks. I presume Bill alerted GoDaddy about this phishing email, and you should do the same if you receive one.

Subject: Status Alert: Code: 2382

Dear Valued GoDaddy Customer Domain Administrator.

Your account contains more than 6553 directories and may pose a potential performance risk to the server.
Please reduce the number of directories for your account to prevent possible account deactivation.

In order to prevent your account from being locked out we recommend that you create special tmp directory.

Or use the link below:
[redacted]

Sincerely,
GoDaddy technical support.

– – – – – – – – – – – – – – – – – – – – – – – – –
Copyright (C) 1999-2014 GoDaddy.com, LLC. All rights reserved.


About The Author: Elliot Silver is an Internet entrepreneur and publisher of DomainInvesting.com. Elliot is also the founder and President of Top Notch Domains, LLC, a company that has sold seven figures worth of domain names in the last five years. Please read the DomainInvesting.com Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest.


Reach out to Elliot: Twitter | | Facebook | Email

Comments (8)

    Raider

    Nice of Bill Sweetman to share this, and he get’s his name and gTLD mentioned on a blog and a link to boot.. If the suggestion is that hackers are targeting .ninja domains, I have more than a hard time believing it.

    November 2nd, 2014 at 2:10 pm

      Elliot Silver

      Bill didn’t ask for a link to his website, and this isn’t related to a .ninja domain name or any gTLD domain name.

      Bill’s company is called Name Ninja, and as you can see from the link, his website is located on NameNinja.COM.

      Bill worked for Tucows for many years, and he has a domain consulting firm. He is one of the very few people I would trust and recommend for corporate domain consulting services.

      Perhaps you should re-read the article and maybe even apologize for the inaccurate comment?

      In reply to Raider | November 2nd, 2014 at 2:14 pm

      Angela

      “Raider”, I just got an email just like this, and I’m a new GoDaddy user, I’ve only owned my domain name for a couple weeks, so this is definitely a real thing. I ended up here because I googled the subject line of the email

      In reply to Raider | December 6th, 2014 at 10:36 pm

    Alvin Brown

    Hi Elliot,

    We definitely have to be careful. I received the same email with a different title back in September: http://www.kickstartcommerce.com/godaddy-phishing-email-potential-risk-server.html.

    November 2nd, 2014 at 6:32 pm

    Picas

    Another Scam GD email is a very kindly promotion with 1,99 /0,99 coupon to all GD clients …with perfect design and it looks very like GD promotion email…

    November 2nd, 2014 at 9:44 pm

    John

    I got this one tonight:

    Status Alert: Code: 6037

    Same deal as above.

    November 6th, 2014 at 11:50 pm

    cal

    Just got this one:

    Your account contains more than 3101 directories and may pose a potential performance risk to the server.
    Please reduce the number of directories for your account to prevent possible account deactivation.

    In order to prevent your account from being locked out we recommend that you create special tmp directory.

    November 8th, 2014 at 6:50 am

Leave a Reply

Name *

Mail *

Website