A new way of fraud has appeared: domain pseudo registrars

It follows that the registration deadline for my domain expired yesterday and I need to pay it. The letter looks plausible, there is my data (which, incidentally, is publicly available on WHOIS), apart from the fact that I know my registrar, and I know that a domain in the .com zone is definitely not worth $ 75 a year.
We click on the link “Secure online payment” and we get to a fun page where we are asked to enter full credit card information:

Needless to say, crooks did not even bother to buy an SSL certificate for decency, and critical authentication data such as credit card information is alwaysmust be transmitted over a secure protocol. They did not bother to make the homepage more similar to the domain registrar:

We look at WHOIS for the domain of entrepreneurial guys, as expected, the site is a one-day website registered a week ago:

Hurried, apparently they already wanted to start collecting money as soon as possible: the sale of the crooks clearly let us down. But in any case, I cannot but note that this kind of phishing and the method of taking money from the population is new and very creative: it’s a combination of social engineering using publicly available information from WHOIS. I am sure many people will fall for the bait of scammers.
Friends, be careful!