This morning I received an inbound offer for one of my domain names. The email address used was a person’s name @companyname.info. I did a Google search for the person and the company name, and there was a match. The person is a senior executive at the company in the email. The .info extension set off an alarm bell in my head though.
A Whois search at DomainTools shows the .info domain name was created less than a month ago. The company where this prospective buyer appears to work operates on the company .com domain name. The .info and .com domain names are registered at different domain registrars. The phone number that was left is not a valid number.
I was curious about the phone number, and a Google search yielded just one result. I found a website that was posting emails sent via its contact form (another issue altogether). Someone had submitted a comment with that email address and phone number asking for more information about requests for proposal.
From what I can gather, and I am certainly not a cybersecurity expert, it would seem that someone is filling out forms while impersonating a senior executive at a legitimate company. The goal seems to be to get people to think they can win business from this company. I don’t know what the ultimate aim is, but I would imagine the perpetrator filled out my form without realizing it is a domain name inquiry form.
If you received an inbound inquiry like this, would you make an effort to reach out to the person who appears to be impersonated? I would imagine there is a high likelihood the person would be very confused if I let him know what happened. Further, beyond pointing out the UDRP policy, I can’t offer any assistance on how it can be resolved. What would you do?