legal Beware:

[ImageAuthors]

Please bump this thread to the top in order to warn people.

BEWARE OF THIS PHISHING SCHEME:

Beware of emails ostensibly from "GoDaddy" with titles like this:

[h=1]ACTION REQUIRED - Reminder to verify the accuracy of Whois data[/h]
Despite the GoDaddy logo and graphics, this appears to be a phishing scam.

You will be directed to a GoDaddy clone website on a domain such as this one:

GoDaddyAuthentication.com

You are prompted to log in, and I'm guessing your password will be used later on to steal your domains.

GoDaddyAuthentication.com shows the following in Whois:

Domain Name: GODADDYAUTHENTICATION.COM
Registrar: NAMEBAY
Whois Server: whois.namebay.com
Referral URL: http://www.namebay.com
Name Server: NS1.ISPFR.NET
Name Server: NS2.ISPFR.NET
Status: ok
Updated Date: 04-jan-2014
Creation Date: 04-jan-2014
Expiration Date: 04-jan-2015

[h=2]godaddyauthentication.com registrar whois[/h]

Updated 1 second ago

Domain Name : GODADDYAUTHENTICATION.COM
Created On : 2014-01-04
Expiration Date : 2015-01-04
Status : ACTIVE
Registrant Name : denis Alain
Registrant Street1 : 26 rue auguste blanche
Registrant City : puteaux
Registrant State/Province :
Registrant Postal Code : 92800
Registrant Country : FR
Admin Name : NUXIT
Admin Street1 : 400 avenue Roumanille
Admin City : Sophia Antipolis
Admin State/Province : FR
Admin Postal Code : 06903
Admin Country : FR
Admin Phone : +33.899563600
Admin Email :

@nuxit.com
Tech Name : NUXIT
Tech Street1 : 400 avenue Roumanille
Tech City : Sophia Antipolis
Tech State/Province : FR
Tech Postal Code : 06903
Tech Country : FR
Tech Phone : +33.899563600
Tech Email :

@nuxit.com
Billing Name : NUXIT
Billing Street1 : 400 avenue Roumanille
Billing City : Sophia Antipolis
Billing State/Province : FR
Billing Postal Code : 06903
Billing Country : FR
Billing Phone : +33.899563600
Billing Email :

@nuxit.com
Name Server : NS1.ISPFR.NET
Name Server : NS2.ISPFR.NET
Registrar Name : Namebay

 

[angel69]

I agree w/ImageAuthors, great warning since those scams by email involving YoDaddy look so authentic even to a trained eye that any of us could fall for them. There are so many that look so legitimate from so m any different sources that it's impossible to post every single one on domain forums, and if you fwd them to GD's fraud or security depts one doesn't even know that they even get looked at. Since they're the biggest one expects the most number of scams to target them, and so many domains end up being stolen from GD rather easily sometimes, in fact I'm trying to recall the last email that appeared to be fraud which targeted another registrar, I can't

I've heard of Sedo, SnapNames and Escrow.com having had these aimed at them but not often, or at least not many instances for each lately

 

[ImageAuthors]

For the record, I was on the phone with a GoDaddy account rep earlier this morning. So they definitely are aware of the scam.

I don't know how many people have been targeted, but GoDaddy has so many customers that potentially thousands of people could have their passwords harvested without even being aware they've been hacked.

 

[domain4profits]

Wow!! thank you! I just got an email from godaddy this morning and now I am ignoring all.

I can not even imagine loosing my domains.

Thanks again for the warning.

 

[karpok]

I too received this email today. Checked into the link, got a doubt and deleted.

 

[acronym007]

I got the email also... It's very good, grrrrr....

 

[silentg]

Try to report the domain to the registrar: Namebay > http://www.namebay.com/spam-report/spam-report.aspx
Hosting company: Nuxit : http://www.nuxit.com/support/

 

[Theo]

There is, however, a legitimate GoDaddy email going out, that asks you to verify your email address - it's sent out as soon as you register a domain name with a particular email address, and only once.

 

[DNabc]

I wasn't aware of this thread and created another after searching for a few keywords and founding nothing...

This morning I reported this to all related companies except Nuxit as it's the same whois info of the scammer.

 

[Shane]

I also got this email. Almost entered my information until I realized I was no longer on the GoDaddy website.

 

[Theo]

The legitimate email from GoDaddy does not require any login.

 

[Biggie]

every time these phishing emails are sent, soon after, you can expect to see a few stolen domains appear on the market.


they will always be priced at a steal.


and someone will always post sold

thinking they got a great deal

so beware...

cuz we've seen it happen year after year.

imo...

 

[DanB]

There is also a legit email that goes like this: " Important Notice Regarding Your Domain Name(s)"

[FONT=arial, helvetica]Dear xxxx,

It's that time of year. Because you are the ADMINISTRATIVE CONTACT for the following domain names registered at GoDaddy as of xxxx, ICANN, the Internet Corporation for Assigned Names and Numbers (and/or the associated ccTLD authority), requires that we ask you to review your contact data and make any changes necessary.

[FONT=arial, helvetica] To review/update your contact information, click here.

If you find that your domain contact data is current and accurate, there's no need to take action. If, however, your domain contact information is inaccurate, you must correct it. (Under ICANN and ccTLD WHOIS rules and the terms of your registration agreement, PROVIDING FALSE CONTACT INFORMATION CAN BE GROUNDS FOR DOMAIN NAME CANCELLATION.) To review the ICANN policy, visit: http://www.icann.org/en/whois/wdrp-registrant-faq.htm[/FONT][/FONT]

 

[angel69]

That's right, it is legit but it's a new thing from YoDaddy (thanks, acro, you're a lifesaver lol), I had never received one before (not with that exact wording) and it only happens when you handreg a name there, receive a push or transfer some name in, apparently. I would've thought it was a hoax and ignored it, no question, hovering over the links isn't nearly enough anymore, you will get the true godaddy.com domain many times in the real destination URL you're being sent to (bottom of the browser) when it's a scam, they get more and more hard to spot as fraud

Although it looked legit and it was sent to me simultaneously w/another email that I added a domain, I decided to log in and see if any functions were disabled, I still didn't click on the email link. And there is actually a text highlighted in orange in your CP/DDC that reads YOU MUST VERIFY YOUR EMAIL ADDRESS if you just added a domain to your acct

God knows which other legit emails I ignored thinking it was a domain thief and it actually was MoDaddy. But better safe and being prevented from doing some acct activity later than clicking w/o much thought. Remember, scammers are also reading these threads ! A smart scammer will also have a DNF acct (even Exclusive) so always watch what you say. Many times I choose not to warn people here about registrar deficiencies in security (when I should) exactly because you may be assisting thieves and scammers at the same time (posting security flaws/warnings in Exclusive or even some restricted Platinum forums is always preferable, at least those posts don't come up for everyone on the net to read with the right Google search)

There is, however, a legitimate GoDaddy email going out, that asks you to verify your email address - it's sent out as soon as you register a domain name with a particular email address, and only once.

 

[Theo]

To reiterate: ICANN now wants registrars to verify the registrant's email upon registering new domains. Scammers are expected to take advantage of such confirmation emails, by spoofing the overall look and feel of emails sent out by major registrars, such as GoDaddy. As of now, the GoDaddy emails for verification require NO LOGGING IN - the phishing emails do.

 

[DNabc]

Those ... sent another email, asking people to deactivate Gmail's two step authentication! The nerve!

Second Alert : ERROR - Turn off 2-step verification

Error : 2-Step verification

Solution : Turn off 2-step verification

https://support.google.com/accounts/answer/1064203?hl=en

 

[airmax]

Those ... sent another email, asking people to deactivate Gmail's two step authentication! The nerve!

Second Alert : ERROR - Turn off 2-step verification

Error : 2-Step verification

Solution : Turn off 2-step verification

https://support.google.com/accounts/answer/1064203?hl=en

Which most likely means they have gained access to some accounts, and have encountered this error on some of the more valuable accounts.

 

[DNabc]

Thanks to that Google now has their IP. There needs to be consequences for this.

 

[DNabc]

I've just read people saying that they don't need to click on ANY Godaddy email because the domain is his property and no one can suspend it. What a surprise I'll have.

 

[Midnight Silver]

#1 -- RED FLAGS -- Always Look at who sent you any E-Mail -- and "Google Search" it ( Nuxit.com Scams ) if things don't right for Scams & Fraud...
#2 Godaddy is not going to use some unknown fly by night Scam Artist like Nuxit.com to handle Personal id information for it's Godaddy Customers.
#3 For Security They will always use Godaddy.com -- Note: -- Some Better Scam artists will try to Modify the Godaddy.com with things not to noticeable to you like e.godaddy.com - igodaddy.com - emailfromgodaddy.com and Many more variations to make it look like a a legitimate Godaddy E-Mail and / or whatever company is being used for the scam.