Below are two fake emails claiming to be from eNom (a domain name and web hosting provider). The emails are worded such that they sound technical and that they require immediate action.
Both emails contain a link you’re supposed to click on, however if you examine the link closely you’ll see they actually point to someone else’s site. This is sneaky and you really need to be aware how to distinguish real links from malicious ones like these.
In this case the link is displayed as: http://www.enom.com – but if you place the mouse pointer over the link and wait a second, you’ll see the real link displayed (depending on which browse and email client you’re using). In this case the link really points to httpz: // w ww.enom.com.com92. _biz – See what they did there? They added a few characters to the end. This is enough to make it point to a completely different site. Even though is has part of eNom’s address in there, it’s different. (Note that I broke up the URL to stop you from accidently clicking on it).
The second email is similar, it really points to h ttp :/ / www. enom. comcom94._com – Again this is different, even though it has part of eNom’s address. Even one letter or number is enough to make it go somewhere else. (Again I broke up the address to stop you clicking on it).
How can they do this? Unfortunately at this time nobody stops scammers registering an address that is very similar to a legitimate address. It’s up to you to take care what you click on.
Another couple of tips to protect you from these tactics:
- Use a good antivirus package that checks every web page you load. These days they have a list of good and bad sites, and it’ll warn you if you’re going to a known “bad” site.
- If your web browser or email client doesn’t let you see the real link (by hovering the mouse pointer over the link) then upgrade to another browser or email client.
- Use some kind of spam filtering with your email. This is fairly common these days.
- Use an alternative browser, such as FireFox, Opera, Chrome, or Safari. This isn’t always enough these days, as we’ve seen with Flash malware. But it helps a little.
Below are the two emails. I’m putting them here so that people can search Google and get to this page to learn what they really are.
Email 1:
Dear eNom Customer,
Starting at 1 AM PT on Saturday, November 1st, 2008 until 4 AM PT, we will be conducting maintenance on our database and datacenter resulting in the following sites and services being unavailable:
* Main site
* All web hosting services
* Email services
* Communication with the registry affecting new registrations, renewals, and transfers
For access your account follow this link – http://www.enom.com
The following services will not be affected and will continue to be fully operational:
* DNS will resolve normally – although operational through this downtime, any changes to DNS settings may be delayed intermittently for a period of up to 24 hours from the start of the maintenance period
* Email forwarding and site redirection will operate normally
We anticipate the maintenance will only last up to 3 hours. We apologize for any inconvenience during this short maintenance and thank you for your patience.
Sincerely,
eNom Tech Support
Second email:
Dear eNom Customer,
Starting at 1 AM PT on Saturday, November 1st, 2008 until 4 AM PT, we will be conducting maintenance on our database and datacenter resulting in the following sites and services being unavailable:
* Main site
* All web hosting services
* Email services
* Communication with the registry affecting new registrations, renewals, and transfers
For access your account follow this link – http://www.enom.com
The following services will not be affected and will continue to be fully operational:
* DNS will resolve normally – although operational through this downtime, any changes to DNS settings may be delayed intermittently for a period of up to 24 hours from the start of the maintenance period
* Email forwarding and site redirection will operate normally
We anticipate the maintenance will only last up to 3 hours. We apologize for any inconvenience during this short maintenance and thank you for your patience.
Sincerely,
eNom Tech Support