HOW CAN WE HELP YOU TODAY?

1
Knowledgebase: Announcements
Fraudulent Suspension Notices
Posted by Chhaya P on 28 October 2015 07:14 PM

What is it about?

It has come to our attention that fake suspension notices are being sent as part of a phishing scam. These emails are sent to the registrant email address fetched via the whois record associated with a domain name.

Many Domain Registrars have been affected by this spear-phishing attack as well. You can check the below link for further details :
http://domainnamewire.com/2015/10/26/warning-domain-name-phishing-email-blast-going-on-right-now/


Sample Email :

===== Start of Fake message =====


In a message dated 10/26/2015 11:09:57 A.M. Pacific Daylight Time,

From: BigRock Solutions Ltd <[email protected]>
Subject: Domain DOMAIN.COM Suspension Notice


Dear Sir/Madam,

 
The following domain names have been suspended for violation of the PDR Ltd. d/b/a PublicDomainRegistry.com Abuse Policy:

 
Domain Name: DOMAIN.COM
Registrar: BigRock Solutions Ltd
Registrant Name:

Multiple warnings were sent by BigRock Solutions Ltd Spam and Abuse Department to give you an opportunity to address the complaints we have received.
 
We did not receive a reply from you to these email warnings so we then attempted to contact you via telephone.
 
We had no choice but to suspend your domain name when you did not respond to our attempts to contact you.
 
Click here and download a copy of complaints we have received.
 
Please contact us for additional information regarding this notification.
 
Sincerely,
BigRock Solutions Ltd
Spam and Abuse Department
Abuse Department Hotline: 480-526-9396

===== End of Fake message =====

 

What needs to be done ?

We request you to kindly ignore these emails and not download any files or take any actions based on instructions from such emails as the attachments might contain malicious files.
Please note that we, (BigRock Solutions Ltd.), will never send a suspension notice from the email address '[email protected]'.
Kindly contact our support team in case of any further queries.