Warning: Enom Phishing Email Making the Rounds

I want to share a warning that I received from a reader about an apparent phishing email that seems to be targeting domain names registered at Enom.  The domain name that was used has Enom in it, but it was not Enom.com.

The person who reported the email to me said, “I received 4 today for different domains. All CCC,com domains.” This may indicate that the person is targeting a specific type of domain name, so be on the lookout!

Phishing emails are dangerous because they can lead to stolen domain names. They tend to look like authentic emails from a domain registrar, and this leads to people clicking on them and entering information that would likely  compromise their accounts. Domain thieves can then steal the domain names more easily.

I recommend that you use two factor authentication at your domain registrar and not click on any links within emails to ensure that you don’t fall prey to a phishing attempt. I also recommend reporting phishing attempts to the domain registrar so they can be aware of these phishing attempts.

Thank you to Richard for sharing this warning with me. The email he received is below, with the verification code and domain name removed from the email:

As of Feb 1, 2015, the Internet Corporation for Assigned Names and Numbers (ICANN) has mandated that all ICANN accredited registrars begin verifying the WHOIS contact information for all new domain registrations and Registrant contact modifications.

You have registered one or more domains from Enom Inc. and verification of the Registrant email address is required for these domain name(s) to remain active. Please click the link below to verify the email address. You have until 03/01/2015 to verify this email address. After this date, the domain name(s) will be suspended until the email address is verified. please cut-and-paste the following URL into an open web browser to complete the verification process:

[REDACTED]

Once you click the link, your email address will be instantly verified and there is nothing further for you to do on the following domains:

[REDACTED]

Sincerely,

Enom Inc.

Elliot Silver
Elliot Silver
About The Author: Elliot Silver is an Internet entrepreneur and publisher of DomainInvesting.com. Elliot is also the founder and President of Top Notch Domains, LLC, a company that has closed eight figures in deals. Please read the DomainInvesting.com Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest. Reach out to Elliot: Twitter | Facebook | LinkedIn
  1. This sounds like a legitimate request.

    f.Verify:

    i.the email address of the Registered Name Holder (and, if different, the Account Holder) by sending an email requiring an affirmative response through a tool-based authentication method such as providing a unique code that must be returned in a manner designated by the Registrar, or

    ii.the telephone number of the Registered Name Holder (and, if different, the Account Holder) by either (A) calling or sending an SMS to the Registered Name Holder’s telephone number providing a unique code that must be returned in a manner designated by the Registrar, or (B) calling the Registered Name Holder’s telephone number and requiring the Registered Name Holder to provide a unique code that was sent to the Registered Name Holder via web, email or postal mail.

    https://www.icann.org/resources/pages/approved-with-specs-2013-09-17-en#whois

    • Yes, it does sound legitimate, which is why there is the potential for confusion.

      The domain name used in this email for the “verification” is not owned by Enom, which gives away that it is not legitimate.

  2. The dead give-away that the verification was not legit was the whois for the domain the enom email instructed receiver to use to verify the email accuracy of the domain. Plus, all of the multiple emails were concerning CCC,com domains. (2 red flags (no pun intended))

    Updated Date: 2014-12-31 T08:29:14Z
    Creation Date: 2014-12-31 T08:29:14Z
    Registrar Registration Expiration Date: 2015-12-31 T08:29:14Z
    Registrar: eName Technology Co.,Ltd.
    Registrant Name: gaoxiaofeng
    Registrant Organization: gaoxiaofeng
    Registrant Street: kunmingshi
    Registrant City: Kunmingshi
    Registrant State/Province: Yunnan
    Registrant Postal Code: 650000
    Registrant Country: CN
    Registrant Phone: +86.13062442027
    Registrant Fax: +86.13062442027
    Registrant Email: gaoxiaofeng67890@gmail.com

  3. Softwares alert Registrars in real time, practically, when domain infringes its trademark. Form c&d emails have been sent for years. Why, now, are Registars allowing exact match domains to be registered and kept by third parties? ugly reality is they are in on secret deals to transfer your assets to China for their profit.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Recent Posts

Handoff to Dan on Imported Leads Can be Confusing

0
I've been using the lead import option at Dan.com more regularly. Although the 5% commission is not ideal, transactions tend to move more quickly...

ArtificialIntelligence.com Goes Up for Sale

7
I tried to buy the ArtificialIntelligence.com domain name multiple times over the last 10 years. The emails I sent to the registrant went unanswered,...

EU Gives More IP Protection to Food & Drink Producers

0
Did you know that some well-known food and drink varieties are protected intellectual property regulations? Popular types of drinks and foods that are protected...

Price Testing

1
In 2022, my wife and I decided our kids were ready for some big mountain skiing and we planned a trip to the Rocky...

GoDaddy Making You Sign in to See What You Renewed (Updated)

3
This morning, I noticed something different in a domain name renewal email from GoDaddy. Instead of telling me exactly what domain names I renewed...