If you are new to domains and looking to buy, sell and learn about domains then you have come to the right place. DNForum is the largest domain name community on the internet and continues to grow every day. There are over 105,000 domainers on DNForum doing everything from buying domains, selling domains, learning about domains and discussing domains. Take a minute and Register.
Register Today on DNForum IT'S FREE!
Warning: Phishing attempts via email claiming to be from Moniker
I received the following email today, claiming to be from Moniker:
--- start email --------------
From info@moniker.com Wed Aug 29 04:49:23 2007
X-Apparently-To: [REDACTED] via 206.190.38.16; Wed, 29 Aug 2007 04:49:27 -0700
X-Originating-IP: [209.191.85.97]
Return-Path: <re.weiss@yahoo.com>
Authentication-Results: mta245.mail.re4.yahoo.com from=yahoo.com; domainkeys=pass (ok)
Received: from 209.191.85.97 (HELO web37012.mail.mud.yahoo.com) (209.191.85.97) by mta245.mail.re4.yahoo.com with SMTP; Wed, 29 Aug 2007 04:49:27 -0700
Received: (qmail 53702 invoked by uid 60001); 29 Aug 2007 11:49:23 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Receivedate:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=TpPhDeag/8kqRX5lkOeaIcRVHvL/vkUJ+uE6A0s0Dbf0Cnaf6qWmYCTNUBqjDnl+eAGfU6V72hoOQ3 oLabunoAD21QZg/+PrcG4/2DOuXK1BOpbmpWln34l9wF9WoTFpZuFR8f/XxjwK4X2ZFtbLivaSeuXAVQJGjXe2aTX+Gz0=;
X-YMail-OSG: LMawMwwVM1niEwCMrXOtPXFXiouttWUG9U.Pe0mt53MfHz9_BU 8bE4aCgBurXOxwP6nje16Idt_ZBaWX5gNd4.sAqek8CMketIZ8 UanO_49blWgxZg_P20VqhCSllw--
Received: from [64.251.19.130] by web37012.mail.mud.yahoo.com via HTTP; Wed, 29 Aug 2007 04:49:23 PDT
Date: Wed, 29 Aug 2007 04:49:23 -0700 (PDT)
From: "info@moniker.com" <re.weiss@yahoo.com> Add to Address Book Add Mobile Alert
Yahoo! DomainKeys has confirmed that this message was sent by yahoo.com. Learn more
Subject: Affiliate Summit 2007
To: list@domainers-summit.com
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="0-1328096676-1188388163=:53679"
Content-Transfer-Encoding: 8bit
Message-ID: <526363.53679.qm@web37012.mail.mud.yahoo.com>
Content-Length: 857
Why you should work with us :
[REDACTED LINK TO A YOUTUBE VIDEO]
------ end email ------
However, the actual target of the link was much more complex, appear to be an encrypted form to change one's password and submit it to a site in Asia.
This appears to be some form of Phishing attempt, using Moniker's good name to steal/take control of domain admin account email addresses, etc. Fortunately, I'm too paranoid to click on links in emails. lol
I've sent an email to Monte, but wanted to bring this to the attention of members here too. It would obviously affect accounts not at Moniker, i.e. if they control your email address, they can try to steal a domain held at any registrar.
Feel free to repost this warning to other domain boards/blogs.
Last edited by GeorgeK; 08-29-2007 at 09:49 AM.
George Kirikos
Home Page
Thanks for the info
Posting Permissions
View Profile
View Forum Posts
View Forum Threads
View Friends
View Blog Entries
Reply With Quote
Bookmarks