Scammers Pretend To Be Domain Registrars For Conning Innocent Organizations

Security investigators at Sophos the security company caution that scam e-mails pretending to be alert messages that registrars of domain names have supposedly sent are presently circulating in the wild, while targeting the mailboxes of unwitting owners of domain names.

State the reports that the fake electronic mails that Sophos has detected bear the header "URGENT Registration Notice For [company name]." They direct recipients that they must inform the CEO of their organizations alternatively the authorized person for handling the situation by forwarding them the messages.

Furthermore, the rogue e-mail states that a formal application [dated] came to the e-mail sender wherein a certain firm [fake firm name] had requested to register [the e-mail recipient's organization name] as Network Brand along with the domain names: [name].org.cn and [name].com.hk.

The bogus e-mail then continues that following the e-mail sender's preliminary examination, the sender discovered that the names resemble that of the recipient's organization; therefore it's necessary to verify if the latter has approved the said firm for registering those domain names.

Remarking about the cleverness the fake electronic mails have been crafted with, Senior Technology Consultant Graham Cluley at Sophos observes that the recipients of these e-mails may begin feeling grateful that this generous registrar of domain names cautioned them about the so-called danger. Cluley further says that he should himself buy the domain at the earliest for stopping any shenanigans. Nakedsecurity.sophos.com published Cluley's statement on November 19, 2010.

The Technology Consultant continues that like always these fake e-mails too hurry the recipients saying that since there's very little time, they (the organizations receiving the e-mails) require deciding fast otherwise they will have their domains lost for good.

He adds that to him it appears this entire episode may be framed to trick the e-mail recipient into paying this registrar some money prior to having an intermediate party snatch it.

Subsequently, he says that privately he wouldn't pay anything to the spamming firm. If at all he desires to register with the domain company, he'd take the help of another Internet agent for the purpose and pay through it, Cluley concludes on his blog.

Related article: Scammers Exploit Tax System Resulting in ID Theft

» SPAMfighter News - 12/1/2010