It is almost too late!
Russian Phishing Scam
There have been an inordinate amount of e-mails coming to individuals not only on the coast but all over the country. These e-mails say they're from your Internet registrar (even if you don't have a website) and they're asking you to update your information. This is criminal Internet activity and it should be stopped.
An e-mail that looks like it comes from a registrar, for example, Network Solutions looks legitimate in every way on the face. But in actuality it's a clever way to trick individuals into giving up their financial data and registrar login information.
Unthinking people will click on a link that takes them to a ghost site that looks exactly like the registrar and login with their user ID and password. What happens is at that point you have given the keys to your home or your business to some unscrupulous criminal that will login and get your account information and possibly spoof your site by redirecting to their site that looks like yours, or they'll destroy your website, or they will take it off-line altogether.
I received an e-mail from Network Solutions, my registrar commenting on, and pointing out that this phishing scam exists. (Not that I did not already know). I have also received a fake e-mail from one of these Internet criminal
This is the e-mail I received from network solutions it explains the scam and points out some of the security measures that can be taken just in case you were duped into clicking on a link and exposing yourself to these phishing freaks.
Dear Valued Network Solutions® Customer:
We’ve recently become aware of a phishing scam targeting domain name customers of a small number of registrars including Network Solutions®. We wanted to alert you of this situation. Phishing is the practice of luring unsuspecting Internet users to a fake Web site by using an authentic-looking e-mail in an attempt to steal passwords, account information or other sensitive data.
At this time, we know that fraudulent e-mails are being sent to some domain name customers, regardless who the registrar of record is, which include links to sites that look like networksolutions.com or other domain provider sites; however they are fake Web sites. These e-mails are attempting to capture login information. For more information and tips on identifying phishing scams, please visit our blog at http://www.blog.networksolutions.com/.
If you believe you have received an e-mail of this type, have clicked on the link, and provided your login information, we recommend the following for security purposes:
- Log in to your account from the Network Solutions Web site.
- Review your account information for accuracy
- Choose a new password security question and answer
- Change your password
Thank you for your attention...
Sincerely,
Network Solutions® Customer Support
Network Soloutions Privacy Policy:
http://customersupport.networksolutions.com/article.php?id=306Network Soloutions Service Agreement:
http://www.networksolutions.com/legal/static-service-agreement.jspI've included the links above to network solutions service agreement and their privacy policy. they are a stellar organization with excellent employees and customer service.
What follows is some source code from an e-mail I received this morning attempting to do me in. a weak attempt, but it looks convincing. what you see following is not the face of the e-mail is the source code and I'm attempting to expose the fake link which I will not activate in this article..
Dear Network Solutions® Customer,
On Thu, 30 Oct 2008 21:24:57 -0400 we received a third party complaint of invalid domain contact information in the Whois database for this domain Whenever we receive a complaint, we are required by ICANN regulations to initiate an investigation as to whether the contact data displaying in the Whois database is valid data or not. If we find that there is invalid or missing data, we contact both the registrant and the account holder and inform them to update the information.
Please note: ICANN (the Internet Corporation for Assigned Names and Numbers) regulations state that the WHOIS Administrative Contact may initiate and approve domain name registration transfers from your Network Solutions account to other Registrars. If you are not listed as the WHOIS Administrative Contact a transfer can occur without your knowledge if Domain Protect is not enabled for the domain name registrations listed above.
To change the WHOIS Administrative Contact Information for any of your domains, please login to Account Manager:
1. Log in to Account Manager at: http://www.networksolutions.com.
2. Click on the "Profile & Accounts" tab in the left navigation menu to be taken to a page listing your account details.
3. Click on "Accounts" and select the account you wish to edit.
4. Click "View/Edit WHOIS Contacts" to make your updates.
If you believe someone requested this change without your consent, please contact Customer Service.
If you would like to order additional services or to update your account, please visit us online.
Thank you for choosing Network Solutions. We are committed to providing you with the solutions, services, and support to help you succeed online.
Sincerely,
Network Solutions® Customer Support
The above is an example of a fake e-mail representing itself as A Network Solutions communiqué to a legitimate customer.. In Fact, the e-mail is from the Russian Federation. And the link to network solutions does not take you there! (I've italicized and made the text red... in addition I have disabled the link ) It looks pretty good. Don't Be Duped
The image that follows, is some of the source code from the message above showing the BOGUS link.
What is that behind networksoloutions.com .sys78.bIz That is the domain that is trying to steal your Information. It took about 30 seconds to find out who they are. I posted whois information and it follows:
Domain Name: SYS78.BIZ
Domain ID: D27947079-BIZ
Sponsoring Registrar: ONLINENIC, INC. D/B/A CHINA-CHANNEL.COM
Sponsoring Registrar IANA ID: 82
Domain Status: clientHold
Domain Status: clientTransferProhibited
Registrant ID: OLNI_175394_0_5
Registrant Name: Shestakov Yuriy
Registrant Organization: Shestakov Yuriy
Registrant Address1: Lenina 21 16
Registrant City: Mirniy
Registrant State/Province: MSK
Registrant Postal Code: 102422
Registrant Country: Russian Federation
Registrant Country Code: RU
Registrant Phone Number: +7.9218839910
Registrant Facsimile Number: +7.9218839910
Registrant Email: *********@aol.com
Administrative Contact ID: OLNI_175394_1_5
Administrative Contact Name: Shestakov Yuriy
Administrative Contact Organization: Shestakov Yuriy
Administrative Contact Address1: Lenina 21 16
Administrative Contact City: Mirniy
Administrative Contact State/Province: MSK
Administrative Contact Postal Code: 102422
Administrative Contact Country: Russian Federation
Administrative Contact Country Code: RU
Administrative Contact Phone Number: +7.9218839910
Administrative Contact Facsimile Number: +7.9218839910
Administrative Contact Email: *********@aol.com
Billing Contact ID: OLNI_175394_3_5
Billing Contact Name: Shestakov Yuriy
Billing Contact Organization: Shestakov Yuriy
Billing Contact Address1: Lenina 21 16
Billing Contact City: Mirniy
Billing Contact State/Province: MSK
Billing Contact Postal Code: 102422
Billing Contact Country: Russian Federation
Billing Contact Country Code: RU
Billing Contact Phone Number: +7.9218839910
Billing Contact Facsimile Number: +7.9218839910
Billing Contact Email: *********@aol.com
Technical Contact ID: OLNI_175394_2_5
Technical Contact Name: Shestakov Yuriy
Technical Contact Organization: Shestakov Yuriy
Technical Contact Address1: Lenina 21 16
Technical Contact City: Mirniy
Technical Contact State/Province: MSK
Technical Contact Postal Code: 102422
Technical Contact Country: Russian Federation
Technical Contact Country Code: RU
Technical Contact Phone Number: +7.9218839910
Technical Contact Facsimile Number: +7.9218839910
Technical Contact Email: *********@aol.com
Name Server: NS1.NASTYNAMESERVER.COM
Name Server: NS2.NASTYNAMESERVER.COM
Name Server: NS3.NASTYNAMESERVER.COM
Name Server: NS4.NASTYNAMESERVER.COM
Name Server: NS5.NASTYNAMESERVER.COM
Created by Registrar: ONLINENIC, INC. D/B/A CHINA-CHANNEL.COM
Last Updated by Registrar: ONLINENIC, INC. D/B/A CHINA-CHANNEL.COM
Domain Registration Date: Thu Oct 30 18:20:39 GMT 2008
Domain Expiration Date: Thu Oct 29 23:59:59 GMT 2009
Domain Last Updated Date: Fri Oct 31 05:08:53 GMT 2008
What this tells us is that Yuriy Shestakov is an international criminal. He registered this domain October 30, 2008, only for one year and next year he'll register another. Within only a few days he was set up to conduct espionage against American citizens, And other unsuspecting persons worldwide. Yuriy Shestakov wants to steal our identities. And there's nothing we can do about it Because American laws do not cover the Russian Federation. Our government allows this type of activity to continue, so we have to tolerate it whether we like it or not.
If you wish to write a letter to Yuriy, his address is above in plain black and white. You can even call +7.9218839910 if you wish to place your objections to him personally, and tell him to stop trying to rip us off. I notice that his e-mail address has been obfuscated so we can't send him an e-mail.... Yuriy Shestakov is just another user of America Online, a lowlife scumbag criminal from the Russian Federation. Unfortunately, America Online will sell an account to anyone... even an international criminal.
Don't fall prey to this type of scam. If you don'trecognize the person that is e-mailing you, delete it and move on with your life.
The article above is an expression of my First Amendment rights under the US Constitution own opinion and my views, and I have approved of this message