Over the weekend, I received two emails allegedly from firstname.lastname@example.org stating that my domain, docboxconsulting.com, needed to be submitted to search engines. If you read the email quickly, it sounds like the domain needs to be renewed and I should fill out the form and fax it to the phone number provided before the offer expires.
I had all kinds of alarms going off. First off, what hosting company in their right mind would set up a fax number instead of a web form? Also, my domain wasn’t set to expire until May (it’s renewed now, so no problem). I certainly wasn’t going to send someone $75 for search engine submission when I can do that myself.
How did the email have my name and address? The information was publicly available as part of my domain registration: anyone could find it using nslookup. The people sending this email probably scraped email addresses from the domain registrations. (This is a very good reason to use a service that protects your personal information and instead only displays the domain registrar. I activated this service on my domain yesterday.)
Searching on the fax number turned up a bulletin on 800notes.com where other people have received the same warning and reported it as a fraud.
According to a Codero sales representative, Codero is aware of the spoof and is working with the FBI to track down the individual or parties involved in this scam. Codero’s COO has posted about the email and the steps the company is taking.
What should you do?
- Do not reply to the Domain Notification email. Do not send or fax any information.
- Read the Codero blog post and follow the recommendations in their post.