Stolen Domains Not The Only GoDaddy Phishing Threat

I’ve written a number of articles about phishing attempts made to induce GoDaddy customers into giving up their login credentials. I think phishing is one of the leading causes of domain name theft, and it appears  to have reached a crescendo in the last year. It seems that domain theft isn’t the only objective of phishing attackers.

Jeremy Kirk published an article on  CIO.com warning that attackers are using hijacked domain registrar accounts to  infect computers with malware.  “Hundreds of hacked domain name accounts registered through GoDaddy are being used as part of a highly effective campaign using the Angler exploit kit to infect computers with malware,” wrote Kirk. The article cited a blog post written by Nick Biasini, an outreach engineer with Cisco Systems.

Kirk went on to explain what is happening with the subdomains:

An Angler attack starts when someone views a malicious advertisement. That advertisement then redirects the person to one of the hacked subdomains, which either delivers the exploit kit or redirects to another website hosting the kit.

Based on my understanding of this, it does not seem like the issue is uniquely associated with GoDaddy. My understanding is that because GoDaddy has the largest customer base, phishing attacks typically target  GoDaddy customers more regularly. If the recipient is not  able to distinguish a phishing email from a legitimate communication, they may give up their information unknowingly.

It’s important that GoDaddy customers and customers of other domain registrars use two factor authentication or other security measures offered by the registrar. Based on this article, it is clear that domain name theft is not the only issue one needs to be concerned about related to phishing.

If you receive an email you believe is a phishing attempt, you should consider reporting it to GoDaddy. This can help the company thwart the attack and save others from falling prey to it.

Elliot Silver
Elliot Silver
About The Author: Elliot Silver is an Internet entrepreneur and publisher of DomainInvesting.com. Elliot is also the founder and President of Top Notch Domains, LLC, a company that has closed eight figures in deals. Please read the DomainInvesting.com Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest. Reach out to Elliot: Twitter | Facebook | LinkedIn
  1. That the more reasons why I chose GoDaddy , they have the 2 authentication methods.
    NameCheap.com uses the authentication too—good for them

    We should give a shout out to those registrars that use the 2 authentication methods -I only do business with them.

    What good about Godaddy is that when you talked to their support, they will send you the code on the phone to make sure you are the rightful owner. They even ask you for your personal code.

    GoDaddy -Excellent customer service!!

  2. I dislike Godaddy’s system for the following reasons:

    1. The two factor doesn’t memorize your desktop or mobile device. Instead, you must enter the text message code every time you login. And Godaddy logs you out automatically pretty fast. And text messages sometimes arrive late. So just like the Godaddy interface, the Godaddy authentication is highly annoying.

    2. If your account is somehow compromised, almost EVERY hack report begins the same way: “I saw an email from Godaddy saying my domain was being transferred and that I had until [6 days from today] to stop it, but when I logged in, the *domains were already gone*.” Godaddy lets you immediately release the domains for transfer, which is great when YOU want to transfer them out, but bad when your account has been compromised as there is not enough time for you to react. Their release feature releases it that second.

    3. For the love of God, in your security settings, turn off the last 4 digits of your credit card validation. Otherwise, hackers can use that in lieu of the 2 factor authentication.

Leave a Reply

Recent Posts

2024 ICA Member Meeting in Las Vegas

2
The Internet Commerce Association, an organization that advocates on behalf of domain investors and industry service providers, announced it would be hosting its 2024...

Be Mindful of TMs on AI + 3rd Party Generated Content

0
One semi-recent advance in relationship to domain name sales is the ability to create artificial intelligence content on landing pages. In addition to this...

Escrow.com Announces 2023 Master of Domains

1
During the NamesCon conference today, Escrow.com announced its Master of Domains winners. The annual award celebrates "the highest grossing domain name brokers for deals...

How to Buy a Domain Name That is Owned by Someone

2
For a domain investor, buying a domain name is second nature. Investors hand register domain names, purchase domain names via expiry and private auctions,...

My 2023 Domain Industry PMC Jersey

0
For a number of years, I have created a domain industry Pan-Mass Challenge jersey to raise funds for Dana-Farber Cancer Institute. Many domain industry...