A very convincing, extremely deceitful phishing email has been making its way round some of our clients, targeting the admin addresses of clients who have their domain with us.
The email itself looks pretty official, informing you that your domain name has been suspended ‘for violation of the Melbourne IT Ltd Abuse Policy’. Even going as far as to reference your domain name, registrar information and registrant name.
Following this there is a link, a ‘click here’ link. DO NOT CLICK HERE. In the case of this particular email, the link asks you to ‘Click here and download a copy of complaints we have received’, this will most likely lead you to a malware-infested site that will compromise your computer and files.
Melbourne IT Ltd. have said about this:
‘Some of your customers may have received an email from firstname.lastname@example.org with a download link to an external website along with an external phone contact number. Please be advised that this is a phishing attempt and not sent or authorized by Melbourne IT. We have also discovered that a number of registrars have also been affected by this. If any of your customers contact you about this, please advise them to delete the email immediately. If you are unsure of the validity of the emails please check the email headers to determine the source and return path for the email address. If you require any assistance or have any questions regarding the email please contact your account manager or the reseller support team.’
If you have any concerns about the legitimacy of an email you’ve received regarding your domains please get in touch and we’ll be happy to take a look and let you know if there are any issues with your account.
General Advice on spotting phishing scams
Phishing scams in general are on the rise. By being aware of how these scams operate, and how to detect them, you can hopefully protect yourself from the Internet’s many bad guys.
Watch the links. Be wary of clinking on links sent to you over email, text message or social media sites. Most are harmless, but the ones sent to you by someone you don’t know, or a business that you didn’t sign up for, could send you to a malware-infested site.
Double check the URL address. Most of the time, a phishing URL will have some reference to what it is pretending to be, but with a subtle variation. For example: in this case instead of being sent from the official Melbourne IT Ltd address (currently email@example.com) it’s been sent from firstname.lastname@example.org. It’s super easy to miss this difference and could easily mistake this for genuine and click the link.