Subscribe to RSS Feed

10|29|2008 09:19 pm EDT

WARNING: Network Solutions Phishing Scam

by Adam Strong in Categories: Miscellaneous

Fast on the heels of the recent Enom phishing scam, another phishing attack attempting to con domain name registrants into providing their customer information is under way. Network Solutions (NSI) domain customers are the target this time.  The spam email messages being sent out warn the user of their domain expiring.  Current reports show that the domain name com42.asia is being used and disguises itself as a site that looks identical to NetworkSolutions.com.  As the public and internet providers become aware of the abuses, both the Enom and NSI phishing attackers are adapting to these reports by changing the domain name addresses they use.  See full phishing email after the link.

Dear Network Solutions Customer,

We recently notified you that the registration period for your Network
Solutions domain name had expired. As a benefit of having previously
registered a domain name(s) with Network Solutions, you are eligible to
receive a percentage of the net proceeds that were generated from the
renewal and transfer of the domain name you chose not to renew. Since you
have chosen not to renew the domain name listed below during the
applicable grace period, we were successful in securing a backorder for
this domain name on your behalf and it has been transferred to another
party in accordance with the Service Agreement.

Renew your domain now – http://www.networksolutions.com.com42.asia

You must click on the following link, enter your domain name, and confirm
your contact information in order to claim these funds. If your contact
information is not correct, you must enter Account Manager and make the
appropriate changes prior to clicking “submit” from the confirmation
screen. If you do not do this, you will be confirming inaccurate
information and will not receive any payment. Checks will only be made
payable and mailed to the Account Holder of record.

Sincerely,

Network Solutions® Customer Support

Tags: , , , , ,

  • http://Blog.networksolutions.com Shashi Bellamkonda at Network Solutions

    Hi Adam,

    Its good to be able to warn people about this phishing scam. We posted our own alert a few hours back http://tinyurl.com/5ojysg.

    Shashi Bellamkonda

    • Denise

      I just got this one:

      (If you are not the right person, please transfer this urgent email to your CEO. Thanks )
       
      Dear President/CEO,
       
      We are a top network solution provider in Asia-Pacific region. Now we have something urgent to confirm with you. Today we received a formal application from a company called “Fortune Investment Co.,Ltd.”, who tried to apply for “auraminerals” as Brand Name and following Domain Names from our organization:
       
      auraminerals.cn / .com.cn / .tw / .com.tw / .hk / .com.hk / .in / .jp /  .kr / .asia 
       
      But after checking it, we find this name conflict with your company. so we need to check with you whether your company has authorized that company to register these names or not. If you have authorized this, we will finish the registration at once. If you haven’t authorize, please let us know within 7 workdays, so that we will handle this issue better. Exceeding the limited time, we will unconditionally finish the registration for “Fortune Investment Co.,Ltd.”.
       
      Best Regards,
       
      Edward
      ____________________
      Edward Wang
      Senior Manager

      2012-6-4

  • Tony Toews

    Note that domains other than com42.asia are being used for this and the Enom phishing scam.

    Of course this one was obvious as I would never, ever use Network Solutions as a domain registrar after they unilaterally mucked with the DNS system a few years back.

  • Adam Strong

    Thanks Tony . . I mentioned in the article that the scammers are changing domains as fast as they get figured out.

  • Cartoonz

    I got one using a .MOBI as a target… I guess .MOBI has finally found its niche?

  • Pingback: Network Solutions Proactive in Fighting Recent Phishing Attack | Domain Name News

  • Paul

    JUST got that scam email one minute ago and Googled this up. Everyone wants to get something for nothing. There are nickel auctions held on eBay now for crap like recipes or whatever that are solely for matching up eBay id’s to full names, full addresses, and email. All of that together makes for a damn convincing phishing email from “PayPhal”. Just NEVER link from within emails. EVER EVER EVER. Sticking to that one rule will stop most of the pickpocket attempts.

  • Chris

    Sedo sold me a domain 3 days ago and then cancelled the order today so they could raise the price by several hundred dollars. What kind of scam is this? Is this normal business practice for these people? They said they would refund my money, but I want the domain! It’s not worth several hundred dollars more though! What a scam deal!!!!

  • Pingback: WARNING: Network Solutions Phishing Scam | Domain Name News | Conning Us

  • Pingback: Seo Swap » Blog Archive » Network Solutions Proactive in Fighting Recent Phishing Attack

  • http://morephishing--differentletter Fred

    Dear Network Solutions

  • Fred

    Ooops. Last post should have indicated that this was the latest phishing letter I got.

  • gb

    Howdy,

    Got one just like Fred. Got the Enom one, too.

    Very lame to have posted that with the included link.

    How about wrecking the link in fred’s posting?

  • Adam Strong

    gb, thanks i fixed it.

  • Martenfisher

    I got hacked by this company. They told me the only way they will help me is if I turn my information over to them. I already sent it to the FBI internet fraud. They blocked me from going to a website and now I can never go back and they have it for sale even though it is an active site. Not even registered with them. This is locked in my computer since this page does not come up for this site when I use other computers. Just in mine.

  • http://www.facebook.com/profile.php?id=100001049775463 สุภา วงค์เมือง

    they are  big time crooks,  I hope someone finds their  owners home address and publishes it,   I will be one  the first ones on their doorstep to   “discuss”  the problem.