Latest attack is seemingly innocuous maintenance notice.

Domain registrar eNom, the second largest domain registrar in the world, continues to be hit with phishing attacks. The first attack resembled an inaccurate whois report. The new one is a routine maintenance reminder.

What’s interesting about the latest phishing attempt is that it doesn’t compel recipients to visit Enom’s site to take any action. Typically phishing attacks scare recipients into taking action or risk losing account access and/or domain names.

The maintenance reminder includes a bogus link to Enom that links to a .biz domain name. The .biz domain name is no longer active. Interestingly, DomainTools shows that the .biz domain in question was never registered before, which makes me wonder if the phishers made a mistake in their email.

Most phishing e-mails are riddled with typos and grammatically incorrect sentences. The only tip on this e-mail (other than the hyperlink) is the subject line “Maintenance at eNom.com – warning!”, which is not the typical maintenance notice subject line from eNom.

The full text of the phishing email is below:

Dear eNom Customer,

Starting at 1 AM PT on Saturday, November 1st, 2008 until 4 AM PT, we will be conducting maintenance on our database and datacenter resulting in the following sites and services being unavailable:

* Main site
* All web hosting services
* Email services
* Communication with the registry affecting new registrations, renewals, and transfers

For access your account follow this link – [invalid link redacted]

The following services will not be affected and will continue to be fully operational:

* DNS will resolve normally – although operational through this downtime, any changes to DNS settings may be delayed intermittently for a period of up to 24 hours from the start of the maintenance period
* Email forwarding and site redirection will operate normally

We anticipate the maintenance will only last up to 3 hours. We apologize for any inconvenience during this short maintenance and thank you for your patience.

Sincerely,
eNom Tech Support

Related posts:

1. Beware the Google Adsense “Account Disabled” Phishing Scam
2. eNom adds security codes to .net and .com transfers
3. Domain Registrar eNom Sued. Here’s My Take.

Tags: eNom, phishing