Back to Home

A new method of fraud has appeared: pseudo registrars of domains / SimplePay's blog

Internet fraud · social engineering

A new way of fraud has appeared: domain pseudo registrars

    Dear readers! Today, over morning coffee, we came across a new, rather original way of online fraud. At the next mail check, an interesting letter was discovered:



    It follows that the registration deadline for my domain expired yesterday and I need to pay it. The letter looks plausible, there is my data (which, incidentally, is publicly available on WHOIS), apart from the fact that I know my registrar, and I know that a domain in the .com zone is definitely not worth $ 75 a year.

    We click on the link “Secure online payment” and we get to a fun page where we are asked to enter full credit card information:



    Needless to say, crooks did not even bother to buy an SSL certificate for decency, and critical authentication data such as credit card information is alwaysmust be transmitted over a secure protocol. They did not bother to make the homepage more similar to the domain registrar:


    We look at WHOIS for the domain of entrepreneurial guys, as expected, the site is a one-day website registered a week ago:



    Hurried, apparently they already wanted to start collecting money as soon as possible: the sale of the crooks clearly let us down. But in any case, I cannot but note that this kind of phishing and the method of taking money from the population is new and very creative: it’s a combination of social engineering using publicly available information from WHOIS. I am sure many people will fall for the bait of scammers.

    Friends, be careful!

    Read Next