Warning: Enom Phishing Email Making the Rounds

I want to share a warning that I received from a reader about an apparent phishing email that seems to be targeting domain names registered at Enom.  The domain name that was used has Enom in it, but it was not Enom.com.

The person who reported the email to me said, “I received 4 today for different domains. All CCC,com domains.” This may indicate that the person is targeting a specific type of domain name, so be on the lookout!

Phishing emails are dangerous because they can lead to stolen domain names. They tend to look like authentic emails from a domain registrar, and this leads to people clicking on them and entering information that would likely  compromise their accounts. Domain thieves can then steal the domain names more easily.

I recommend that you use two factor authentication at your domain registrar and not click on any links within emails to ensure that you don’t fall prey to a phishing attempt. I also recommend reporting phishing attempts to the domain registrar so they can be aware of these phishing attempts.

Thank you to Richard for sharing this warning with me. The email he received is below, with the verification code and domain name removed from the email:

As of Feb 1, 2015, the Internet Corporation for Assigned Names and Numbers (ICANN) has mandated that all ICANN accredited registrars begin verifying the WHOIS contact information for all new domain registrations and Registrant contact modifications.

You have registered one or more domains from Enom Inc. and verification of the Registrant email address is required for these domain name(s) to remain active. Please click the link below to verify the email address. You have until 03/01/2015 to verify this email address. After this date, the domain name(s) will be suspended until the email address is verified. please cut-and-paste the following URL into an open web browser to complete the verification process:


Once you click the link, your email address will be instantly verified and there is nothing further for you to do on the following domains:



Enom Inc.

Elliot Silver
Elliot Silver
About The Author: Elliot Silver is an Internet entrepreneur and publisher of DomainInvesting.com. Elliot is also the founder and President of Top Notch Domains, LLC, a company that has closed eight figures in deals. Please read the DomainInvesting.com Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest. Reach out to Elliot: Twitter | Facebook | LinkedIn
  1. This sounds like a legitimate request.


    i.the email address of the Registered Name Holder (and, if different, the Account Holder) by sending an email requiring an affirmative response through a tool-based authentication method such as providing a unique code that must be returned in a manner designated by the Registrar, or

    ii.the telephone number of the Registered Name Holder (and, if different, the Account Holder) by either (A) calling or sending an SMS to the Registered Name Holder’s telephone number providing a unique code that must be returned in a manner designated by the Registrar, or (B) calling the Registered Name Holder’s telephone number and requiring the Registered Name Holder to provide a unique code that was sent to the Registered Name Holder via web, email or postal mail.


    • Yes, it does sound legitimate, which is why there is the potential for confusion.

      The domain name used in this email for the “verification” is not owned by Enom, which gives away that it is not legitimate.

  2. The dead give-away that the verification was not legit was the whois for the domain the enom email instructed receiver to use to verify the email accuracy of the domain. Plus, all of the multiple emails were concerning CCC,com domains. (2 red flags (no pun intended))

    Updated Date: 2014-12-31 T08:29:14Z
    Creation Date: 2014-12-31 T08:29:14Z
    Registrar Registration Expiration Date: 2015-12-31 T08:29:14Z
    Registrar: eName Technology Co.,Ltd.
    Registrant Name: gaoxiaofeng
    Registrant Organization: gaoxiaofeng
    Registrant Street: kunmingshi
    Registrant City: Kunmingshi
    Registrant State/Province: Yunnan
    Registrant Postal Code: 650000
    Registrant Country: CN
    Registrant Phone: +86.13062442027
    Registrant Fax: +86.13062442027
    Registrant Email: gaoxiaofeng67890@gmail.com

  3. Softwares alert Registrars in real time, practically, when domain infringes its trademark. Form c&d emails have been sent for years. Why, now, are Registars allowing exact match domains to be registered and kept by third parties? ugly reality is they are in on secret deals to transfer your assets to China for their profit.

Leave a Reply

Recent Posts

Escrow.com Announces 2023 Master of Domains

During the NamesCon conference today, Escrow.com announced its Master of Domains winners. The annual award celebrates "the highest grossing domain name brokers for deals...

How to Buy a Domain Name That is Owned by Someone

For a domain investor, buying a domain name is second nature. Investors hand register domain names, purchase domain names via expiry and private auctions,...

My 2023 Domain Industry PMC Jersey

For a number of years, I have created a domain industry Pan-Mass Challenge jersey to raise funds for Dana-Farber Cancer Institute. Many domain industry...

Chat.com Profitably Resold for 8 Figures

In March of this year, I reported on the sale of Chat.com. The domain name was acquired by HubSpot Co-Founder Dharmesh Shah for more...

First Look at my 2023 Domain Industry PMC Jersey

This August, I will be riding in my 10th Pan-Mass Challenge ride to raise funds for Dana-Farber Cancer Institute. I will be riding...