CAREFUL! eNom phishing email on the loose!

Theo · Mar 17, 2008

I received an email from "enomcentral" requesting me to login in order to verify the WHOIS info of my domains "per ICANN" regulations. The email points to:

en0mcentral.com (that's a zero!)

The domain is hosted with Yahoo.

Biggie · Mar 17, 2008

yeah

i just got one and deleted it

copper · Mar 17, 2008

Me too.
I never click on link within email anyway.
If I want to see the site, I copy the link and paste
it to notepad and check the url first

Theo · Mar 17, 2008

Just spoke with an eNom person at their abuse dpt and they are aware of it.

acronym007 · Mar 17, 2008

Great catch! I just deleted that one myself.

Theo · Mar 17, 2008

Looks like email was sent from [FONT=Arial, Helvetica]213.232.95.73
It appears to be a compromised machine. The domain it hosts is hcd.homecare-direct.co.uk
Would someone in the UK inform homecare-direct.co.uk that their box/mailserver is hijacked?
[/FONT]

PRED · Mar 17, 2008

yep, just got the email and deleted before saw post. cheers for heads up anyway Acro :yes:

tekz999 · Mar 17, 2008

Thanks for the heads up!

draggar · Mar 17, 2008

The sad part is that most likely they already have a few dozen login and passwords.

GAMEFINEST · Mar 17, 2008

Does it say

Dear ( USERNAME)

some people do fall for that

Devil Dog · Mar 17, 2008

Damn, why don't I ever get these kinds of emails?

Theo · Mar 17, 2008

If you visited that page and you were already logged in to your eNom account, change your password. Some scripts are able to steal such login information.

wikes82 · Mar 17, 2008

when eNom sends e-mail to verify whois information, you don't need to enter your enom login information. I had few of those e-mail asked me to verify whois, and the site to verify enom whois is http://wdrp.name-services.com/
not in enomcentral.com or enom.com

DomainName · Mar 17, 2008

Thank you Acro for the info! Just received the e-mail.

VTEC · Mar 17, 2008

thx Acro ! were there any fake DNF emails sent to anyone in the past ?

JB7 · Mar 19, 2008

tinner666 · Mar 19, 2008

Got one from GD. I copied the ICANN #, logged out and closed the browser. Shortly thereafter, I reopened a browser and logged in normally and pasted the # in the ICANN box. Paranoid here!

Focus · Mar 19, 2008

I only direct navigate to login to sites...don't click on any links!

DomainName · Apr 8, 2008

Another Fake enom e-mail is on the loose. Be on the look out!!!! Just received it.

Theo · Apr 8, 2008

Correct, already posted here.
These bastards don't give up.

CAREFUL! eNom phishing email on the loose!

Level 20

DNForum Moderator

Level 9

Level 20

Thankful!

Level 20

Level 11

tekz999

Guest

þórr mjǫlnir

PURE SAVAGE

Level 9

Level 20

Level 2

Live, Eat, Breathe Names

Flying at 9.200 rpm...

Level 4

Level 5

Making Everything Click

Live, Eat, Breathe Names

Level 20

Similar threads