Home Enom Page 2

Enom

Warning: eNom Spear Phishing Email

0

I want to share a warning with you regarding a spear phishing email I received that claimed to be from eNom and even used a “eNom” branded ccTLD domain name to carry out this scam. I consider it spearphishing rather than phishing because it contained information specific to the domain name that was mentioned, and these types of targeted phishing campaigns can be more confusing for recipients.

From what I know, phishing emails are the likely culprit for the majority of domain name thefts. Once a thief has access to a registrar account, he can change account details and begin the process of stealing domain names without the owner’s knowledge. It is important to remember that this type of email can target domain name owners at other registrars. Thieves can also use any domain name that looks official, so shutting this down is not as easy as turning off the domain name that is being used to carry out this campaign.

To best protect domain registrar accounts, it is important to turn on two factor authentication (2FA), which is offered by many domain registrars. eNom uses Google Authenticator as well as a two question account validation login for security. Other registrars use different methods of 2FA.

If you do find yourself a victim of domain theft,

Enom Spear Phishing Email Received

9

Andrew Allemann wrote about a phishing email he received purporting to by from Dynadot, and I received a very similar email purporting to be from Enom. The email was caught by Gmail in the spam/junk filter, so it looks like some mail providers have been catching on to these phishing attempt.

By my own observations, it seems that domain registrar phishing attempts are on the rise. This particular attack looks like it is more along the lines of a spear phishing attempt since it mentioned a specific domain name that is owned by my company rather than being randomly sent.

When a hacker is able to obtain account login information due to a successful phishing attempt, they can easily steal domain names from the account. While most seasoned domain investors would not fall prey to this, I would imagine there are people who own just a few domain names that might.

The best thing to do to secure domain registrar accounts, in my opinion, is to have two factor authentication enabled. Many registrars offer it, and it’s very important to set up.

I have published the email below so you can see what it looks like:

Official Statement From Enom Regarding Outage

0

This morning, I noticed that some of my domain name for sale landing pages were not resolving. My corporate website was online, so I assumed it was an issue at Enom because I use Enom’s nameservers to forward the domain names to their respective listings on my website.

I did a bit of investigating, and I saw that The Register had published an article about a DNS outage at Enom earlier this morning. I reached out to a couple of contacts at Enom and its Rightside parent company to get an update on the outage, and they provided an official statement:

Warning: Enom Phishing Email Making the Rounds

0

I want to share a warning that I received from a reader about an apparent phishing email that seems to be targeting domain names registered at Enom.  The domain name that was used has Enom in it, but it was not Enom.com.

The person who reported the email to me said, “I received 4 today for different domains. All CCC,com domains.” This may indicate that the person is targeting a specific type of domain name, so be on the lookout!

Phishing emails are dangerous because they can lead to stolen domain names. They tend to look like authentic emails from a domain registrar, and this leads to people clicking on them and entering information that would likely  compromise their accounts. Domain thieves can then steal the domain names more easily.

I recommend that you use two factor authentication at your domain registrar and not click on any links within emails to ensure that you don’t fall prey to a phishing attempt. I also recommend reporting phishing attempts to the domain registrar so they can be aware of these phishing attempts.

Thank you to Richard for sharing this warning with me. The email he received is below, with the verification code and domain name removed from the email:

Name.com Wins Rightside Hackathon (Video)

0

The first company-wide Rightside Hackathon was held last month, and I was sent a link to a video of the winning team. A team from Name.com created the nBox, which helps a user create an “instant branded email.” The email address can be used for free for one month, at which point the user would need to pay for the email service in order to continue. There are also upgrades available to help them start a website.

This offering seems to be aimed at job seekers and others who may be using a less than professional email address to communicate with others for business purposes. nBox would give users a more professional-looking email, using an available new gTLD domain name offered for sale at Name.com.

Obviously, nBox is in

Listen to Rightside Earnings Call

0

Shortly after the stock market closed today, Rightside issued its first-ever earnings report as an independent company. The earnings report covered the second quarter of 2014.

I will let the financial gurus discuss some of the numbers and how the results compared to what was expected, but here are a few highlights of Rightside’s results for the most recent quarter, as published by the company:

Recent Posts

Poll: Which Design Do You Like Better?

I think you already know how important Dana-Farber Cancer Institute and the Pan-Mass Challenge are to me. I ride in the PMC to raise...

DomainMarket.com Removes Prices from Landing Pages

About a month ago, I noticed a change to the standard DomainMarket.com landing pages. Mike Mann added a photo of domain broker Tracy Fogarty...

MakeMeaning.com Sells for $710

A couple of months ago, I wanted to check on the hours of Make Meaning, a once popular and growing children's shop where I...

Uniregistry Launches Blog with Industry Writers

Uniregistry launched a new corporate and domain industry blog yesterday called Uni Blog. Of particular interest to readers is that Jamie Zoch, Alvin Brown,...

Escrow.com Releases Q1 2019 Domain Investment Index

As the largest escrow provider in the domain name business, Escrow.com is in the unique position of being able to see and analyze domain...