- Impact
- 10,820
Hello.
I received this email recently.
It came soon after I ordered a transfer from Dotster to LCN.
the link looked legit enough.
"Transfer" <[email protected]>
Attention: [email protected]
Re: Transfer of #%!#%vr.com
Domain.com received notification on Thu Nov 30 14:26:59 2017 that you have requested a transfer to another domain name registrar.
If you want to proceed with this transfer, you do not need to respond to this message.
If you wish to cancel the transfer, please contact us before Tue Dec 5 14:26:59 2017 by going to our website,
transfers.domain.com/?away=1&domain=%^!#%!#vr.com&id=^#%^%!#%^!#% to confirm.
You may need to enter the following information to accept or decline the transfer:
Domain Name: xxxcamvr.com
Transfer Key: ^#^%!#%^!
If we do not hear from you by Tue Dec 5 14:26:59 2017, the transfer will proceed.
my dumdass clicked that link and it took my to a page the looked legit enough. I had ticked the box that said accept.
and hit submit.
The thing is the domain is in my account over at LCN now. do I need to worry that it will get transferred out?
what that hell was that whole crap of ticking the box for Accept or Deny?
what was the purpose of this kind of email?
contacted Dotster and showed them the email and they said they are not associated with that email address.
how the hell did whoever sent me this email know exactly when I was doing a transfer for a domain to be emailing me that fast?
is my pc compromised? is LCN compromised? or is Dotster compromised?
did a whois on the email address and got this.
DOMAIN INFORMATION
Domain:
ns-not-in-service.com
Registrar:
Tucows Domains Inc.
Registration Date:
2002-01-18
Expiration Date:
2018-01-18
Updated Date:
2016-12-20
Status:
clientTransferProhibited
clientUpdateProhibited
Name Servers:
ns1.systemdns.com
ns2.systemdns.com
ns3.systemdns.com
REGISTRANT CONTACT
Name:
Tucows Inc.
Organization:
Tucows Inc.
Street:
96 Mowat Ave
City:
Toronto
State:
ON
Postal Code:
M6K 3M1
Country:
CA
Phone:
+1.4165350123
Email:
@tucows.com
ADMINISTRATIVE CONTACT
Name:
Tucows Inc.
Organization:
Tucows Inc.
Street:
96 Mowat Ave
City:
Toronto
State:
ON
Postal Code:
M6K 3M1
Country:
CA
Phone:
+1.4165350123
Email:
@tucows.com
TECHNICAL CONTACT
Name:
Tucows Inc.
Organization:
Tucows Inc.
Street:
96 Mowat Ave
City:
Toronto
State:
ON
Postal Code:
M6K 3M1
Country:
CA
Phone:
+1.4165350123
Email:
@tucows.com
RAW WHOIS DATA
Domain Name: NS-NOT-IN-SERVICE.COM
Domain ID: 82722666_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.tucows.com
Registrar URL: http://tucowsdomains.com
Updated Date: 2016-12-20T04:58:12Z
Creation Date: 2002-01-18T17:02:44Z
Registrar Registration Expiration Date: 2018-01-18T17:02:44Z
Registrar: TUCOWS, INC.
Registrar IANA ID: 69
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
Registry Registrant ID:
Registrant Name: Tucows Inc.
Registrant Organization: Tucows Inc.
Registrant Street: 96 Mowat Ave
Registrant City: Toronto
Registrant State/Province: ON
Registrant Postal Code: M6K 3M1
Registrant Country: CA
Registrant Phone: +1.4165350123
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email:
@tucows.com
Registry Admin ID:
Admin Name: Tucows Inc.
Admin Organization: Tucows Inc.
Admin Street: 96 Mowat Ave
Admin City: Toronto
Admin State/Province: ON
Admin Postal Code: M6K 3M1
Admin Country: CA
Admin Phone: +1.4165350123
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email:
@tucows.com
Registry Tech ID:
Tech Name: Tucows Inc.
Tech Organization: Tucows Inc.
Tech Street: 96 Mowat Ave
Tech City: Toronto
Tech State/Province: ON
Tech Postal Code: M6K 3M1
Tech Country: CA
Tech Phone: +1.4165350123
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email:
@tucows.com
Name Server: NS1.SYSTEMDNS.COM
Name Server: NS2.SYSTEMDNS.COM
Name Server: NS3.SYSTEMDNS.COM
DNSSEC: unsigned
Registrar Abuse Contact Email:
@tucows.com
Registrar Abuse Contact Phone: +1.4165350123
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2016-12-20T04:58:12Z <<<
so what's going on here NP? the link had the transfer key in it. so I didn't have to enter the auth code key.
so technically because I ticked the ACCEPT box the transfer key was already given in the link that I clicked?
This is some scary stuff man.
I was really tired and sleepy at the time wasn't really paying attention. what an idiot.
so should I worry? I mean the domain is in my LCN account.
thing is. after I did other transfers over at LCN coming from dotster. soon as I entered the auth codes
I started to get the same emails over and over again.
what the hell? like 10 of them.
I received this email recently.
It came soon after I ordered a transfer from Dotster to LCN.
the link looked legit enough.
"Transfer" <[email protected]>
Attention: [email protected]
Re: Transfer of #%!#%vr.com
Domain.com received notification on Thu Nov 30 14:26:59 2017 that you have requested a transfer to another domain name registrar.
If you want to proceed with this transfer, you do not need to respond to this message.
If you wish to cancel the transfer, please contact us before Tue Dec 5 14:26:59 2017 by going to our website,
transfers.domain.com/?away=1&domain=%^!#%!#vr.com&id=^#%^%!#%^!#% to confirm.
You may need to enter the following information to accept or decline the transfer:
Domain Name: xxxcamvr.com
Transfer Key: ^#^%!#%^!
If we do not hear from you by Tue Dec 5 14:26:59 2017, the transfer will proceed.
my dumdass clicked that link and it took my to a page the looked legit enough. I had ticked the box that said accept.
and hit submit.
The thing is the domain is in my account over at LCN now. do I need to worry that it will get transferred out?
what that hell was that whole crap of ticking the box for Accept or Deny?
what was the purpose of this kind of email?
contacted Dotster and showed them the email and they said they are not associated with that email address.
how the hell did whoever sent me this email know exactly when I was doing a transfer for a domain to be emailing me that fast?
is my pc compromised? is LCN compromised? or is Dotster compromised?
did a whois on the email address and got this.
DOMAIN INFORMATION
Domain:
ns-not-in-service.com
Registrar:
Tucows Domains Inc.
Registration Date:
2002-01-18
Expiration Date:
2018-01-18
Updated Date:
2016-12-20
Status:
clientTransferProhibited
clientUpdateProhibited
Name Servers:
ns1.systemdns.com
ns2.systemdns.com
ns3.systemdns.com
REGISTRANT CONTACT
Name:
Tucows Inc.
Organization:
Tucows Inc.
Street:
96 Mowat Ave
City:
Toronto
State:
ON
Postal Code:
M6K 3M1
Country:
CA
Phone:
+1.4165350123
Email:
ADMINISTRATIVE CONTACT
Name:
Tucows Inc.
Organization:
Tucows Inc.
Street:
96 Mowat Ave
City:
Toronto
State:
ON
Postal Code:
M6K 3M1
Country:
CA
Phone:
+1.4165350123
Email:
TECHNICAL CONTACT
Name:
Tucows Inc.
Organization:
Tucows Inc.
Street:
96 Mowat Ave
City:
Toronto
State:
ON
Postal Code:
M6K 3M1
Country:
CA
Phone:
+1.4165350123
Email:
RAW WHOIS DATA
Domain Name: NS-NOT-IN-SERVICE.COM
Domain ID: 82722666_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.tucows.com
Registrar URL: http://tucowsdomains.com
Updated Date: 2016-12-20T04:58:12Z
Creation Date: 2002-01-18T17:02:44Z
Registrar Registration Expiration Date: 2018-01-18T17:02:44Z
Registrar: TUCOWS, INC.
Registrar IANA ID: 69
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
Registry Registrant ID:
Registrant Name: Tucows Inc.
Registrant Organization: Tucows Inc.
Registrant Street: 96 Mowat Ave
Registrant City: Toronto
Registrant State/Province: ON
Registrant Postal Code: M6K 3M1
Registrant Country: CA
Registrant Phone: +1.4165350123
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email:
Registry Admin ID:
Admin Name: Tucows Inc.
Admin Organization: Tucows Inc.
Admin Street: 96 Mowat Ave
Admin City: Toronto
Admin State/Province: ON
Admin Postal Code: M6K 3M1
Admin Country: CA
Admin Phone: +1.4165350123
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email:
Registry Tech ID:
Tech Name: Tucows Inc.
Tech Organization: Tucows Inc.
Tech Street: 96 Mowat Ave
Tech City: Toronto
Tech State/Province: ON
Tech Postal Code: M6K 3M1
Tech Country: CA
Tech Phone: +1.4165350123
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email:
Name Server: NS1.SYSTEMDNS.COM
Name Server: NS2.SYSTEMDNS.COM
Name Server: NS3.SYSTEMDNS.COM
DNSSEC: unsigned
Registrar Abuse Contact Email:
Registrar Abuse Contact Phone: +1.4165350123
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2016-12-20T04:58:12Z <<<
so what's going on here NP? the link had the transfer key in it. so I didn't have to enter the auth code key.
so technically because I ticked the ACCEPT box the transfer key was already given in the link that I clicked?
This is some scary stuff man.
I was really tired and sleepy at the time wasn't really paying attention. what an idiot.
so should I worry? I mean the domain is in my LCN account.
thing is. after I did other transfers over at LCN coming from dotster. soon as I entered the auth codes
I started to get the same emails over and over again.
what the hell? like 10 of them.