I just received this email and it is definitely a forgery. I hope others, who might have received this phishing attempt, won’t fall for this scam. But if you have happened to inadvertently fall for this scam, please go to enom DOT com’s website for further instructions. By the way, presumably, they are using Godaddy’s physical address to add credibility to their message.

Here is another slight variation of the same email, just different URL address: http://www.enom.com/images/whoisresolvecom_phishingalert.JPG

Here is the phishing attempt that was sent to me.

Update: I just receive another a few minutes ago (see 2nd one below).

— On Sat, 11/1/08, eNom Support Team <info 2 AT enom.com> wrote:

From: eNom Support Team <info 2 AT enom.com>
Subject: Attention: Inaccurate whois information.
To: ?? AT Freeadlists.com
Date: Saturday, November 1, 2008, 3:36 AM

Dear user,

On Sat, 1 Nov 2008 15:36:37 +0500 we received a third party complaint of invalid domain contact information in the Whois database for this domain. Whenever we receive a complaint, we are required by ICANN regulations to initiate an investigation as to whether the contact data displaying in the Whois database is valid data or not. If we find that there is invalid or missing data, we contact both the registrant and the account holder and inform them to update the information.

The contact information for the domain which displayed in the Whois database was indeed invalid. On Sat, 1 Nov 2008 15:36:37 +0500 we sent a notice to you at the admin/tech contact email address and the account email address informing you of invalid data in breach of the domain registration agreement and advising you to update the information or risk cancellation of the domain. The contact information was not updated within the specified period of time and we canceled the domain. The domain has subsequently been purchased by another party. You will need to contact them for any further inquiries regarding the domain.

PLEASE VERIFY YOUR CONTACT INFORMATION – http://www.enom.com (this anchor text is linked to) ==>http://www.enom.com.sys43.ru/

If you find any invalid contact information for this domain, please respond to this email with evidence of the specific contact information you have found to be invalid on the Whois record for the domain name. Examples would be a bounced email or returned postal mail. If you have a bounced email, please attach or forward with your reply or in the case of returned postal mail, scan the returned letter and attach to your email reply or please send it to:

Attn: Domain Services 14455 N Hayden Rd Suite 219 Scottsdale, AZ 85260

LINK TO CHANGE INFORMATION – http://www.enom.com (this anchor text is linked to) ==> http://www.enom.com.sys43.ru/

Thank you,
Domain Services

[IncidentID:06620]

Update: Here is another variation of this phishing scam. I just received it a few minutes ago.

— On Sat, 11/1/08, eNom Inc <customer?? AT enom.com> wrote:

From: eNom Inc <customer?? AT enom.com>
Subject: Your domain must be deleted today!
To: ?? AT freeadlists.com
Date: Saturday, November 1, 2008, 9:11 AM

Dear user,

On Sat, 1 Nov 2008 18:11:07 +0200 we received a third party complaint of invalid domain contact information in the Whois database for this domain. Whenever we receive a complaint, we are required by ICANN regulations to initiate an investigation as to whether the contact data displaying in the Whois database is valid data or not. If we find that there is invalid or missing data, we contact both the registrant and the account holder and inform them to update the information.

The contact information for the domain which displayed in the Whois database was indeed invalid. On Sat, 1 Nov 2008 18:11:07 +0200 we sent a notice to you at the admin/tech contact email address and the account email address informing you of invalid data in breach of the domain registration agreement and advising you to update the information or risk cancellation of the domain. The contact information was not updated within the specified period of time and we canceled the domain. The domain has subsequently been purchased by another party. You will need to contact them for any further inquiries regarding the domain.

PLEASE VERIFY YOUR CONTACT INFORMATION – http://www.enom.com (this anchor text is linked to) ==> http://www.enom.com.sys43.ru/

If you find any invalid contact information for this domain, please respond to this email with evidence of the specific contact information you have found to be invalid on the Whois record for the domain name. Examples would be a bounced email or returned postal mail. If you have a bounced email, please attach or forward with your reply or in the case of returned postal mail, scan the returned letter and attach to your email reply or please send it to:

Attn: Domain Services 14455 N Hayden Rd Suite 219 Scottsdale, AZ 85260

LINK TO CHANGE INFORMATION – http://www.enom.com (this anchor text is linked to) ==> http://www.enom.com.sys43.ru/

Thank you,
Domain Services

[IncidentID:00968]

UPDATE #3

Just received…but this time they are targeting NetworkSolutions

— On Fri, 10/31/08, NetworkSolutions Support <NSCC6+9237744000 AT networksolutions.com> wrote:

From: NetworkSolutions Support <NSCC6+9237744000 AT networksolutions.com>
Subject: Inaccurate whois information.
To: ?? AT freeadlists.com
Date: Friday, October 31, 2008, 5:45 AM
Dear Network Solutions® Customer,

On Fri, 31 Oct 2008 15:45:06 +0300 we received a third party complaint of invalid domain contact information in the Whois database for this domain Whenever we receive a complaint, we are required by ICANN regulations to initiate an investigation as to whether the contact data displaying in the Whois database is valid data or not. If we find that there is invalid or missing data, we contact both the registrant and the account holder and inform them to update the information.

Please note: ICANN (the Internet Corporation for Assigned Names and Numbers) regulations state that the WHOIS Administrative Contact may initiate and approve domain name registration transfers from your Network Solutions account to other Registrars. If you are not listed as the WHOIS Administrative Contact a transfer can occur without your knowledge if Domain Protect is not enabled for the domain name registrations listed above.

To change the WHOIS Administrative Contact Information for any of your domains, please login to Account Manager:

1. Log in to Account Manager at: http://www.networksolutions.com is linked to http://www.networksolutions.com.sys58.biz/
2. Click on the “Profile & Accounts” tab in the left navigation menu to be taken to a page listing your account details.
3. Click on “Accounts” and select the account you wish to edit.
4. Click “View/Edit WHOIS Contacts” to make your updates.

If you believe someone requested this change without your consent, please contact Customer Service.

If you would like to order additional services or to update your account, please visit us online.

Thank you for choosing Network Solutions. We are committed to providing you with the solutions, services, and support to help you succeed online.

Sincerely,
Network Solutions® Customer Support