I want to share a warning with you regarding a spear phishing email I received that claimed to be from eNom and even used a “eNom” branded ccTLD domain name to carry out this scam. I consider it spearphishing rather than phishing because it contained information specific to the domain name that was mentioned, and these types of targeted phishing campaigns can be more confusing for recipients.
From what I know, phishing emails are the likely culprit for the majority of domain name thefts. Once a thief has access to a registrar account, he can change account details and begin the process of stealing domain names without the owner’s knowledge. It is important to remember that this type of email can target domain name owners at other registrars. Thieves can also use any domain name that looks official, so shutting this down is not as easy as turning off the domain name that is being used to carry out this campaign.
To best protect domain registrar accounts, it is important to turn on two factor authentication (2FA), which is offered by many domain registrars. eNom uses Google Authenticator as well as a two question account validation login for security. Other registrars use different methods of 2FA.
If you do find yourself a victim of domain theft,