Tips on how to avoid a phishing attack or scam
Over the last week or two, I’ve received several emails from various domain registrars reminding me of ICANN’s requirement of keeping Whois information accurate. It’s important that you keep your information up to date, but it’s even more important to realize that some criminals use these mandatory emails as an opportunity for phishing attacks to steal account information.
Some of the subject lines from the emails are:
- Action Required: Notice Regarding Your Domain Name(s) – Network Solutions
- {MONIKER.COM} [Account xxxx] Action Required: Your Annual Whois Update Notification – Moniker
- Important Notice Regarding Your Domain Name(s) – Go Daddy
- Important Notice Regarding Your Domain Name(s) – Enom
If you receive an email from your domain registrar with a subject line like this, it’s probably a legitimate request, but here are a couple of ways to determine whether it’s real or not.
I think just about all registrars personalize these emails to you. They won’t say “Dear Customer” but they will say “Dear Elliot.” Please keep in mind that someone could specifically target individuals, so this is not the best indicator.
Most emails will have the names of domain names you own listed within the email. Again, this is not fail proof either because someone could do this manually and list a few of your domain names.
Finally, many registrars will list your account number within the email. This is likely the most difficult thing for a scammer to obtain since it’s more of an internal number than something someone could get elsewhere. It’s not fail proof either, as it’s possible for someone to find out this number if they’ve done business with you and had a domain name pushed from their account to yours.
Ultimately the best advice is to not click on the links in these emails. Visit the domain registrar’s website and there should generally be a link within your account or on the home page to ICANN’s update. If you keep your Whois information accurate, you should be fine.