Domain parking service hit with phishing attack.
Domain parking service GoldKey.com was hit with a phishing attack earlier today. The perpetrator apparently used the typo domain goldKay.com to capture customer logins.
The domain GoldKay.com was registered at NameCheap yesterday and is no longer resolving to a web site.
GoldKey is one of three domain parking services owned by Name Media. Its other parking services include Active Audience and SmartName.
This isn’t the first phishing attack to target domain name owners. The most recent major attack was back in June, when phishers spoofed ICANN’s web site. That scam informed domain owners they would lose their domains unless they updated their accounts by providing login information to their domain registrar.
There are a number of ways that a criminal can use your parking company login information to its advantage (or your detriment):
1. You may have the same login at your registrars, so the phisher gets access to your domains at the registrar. Hint: use different passwords at each parking company and registrar.
2. Access your payment information including bank account number.
3. Delete domains from your parking account.
One suggestion:
Always scramble usernames and passwords when using critical sites.
Also you may type the pw in an excel or word file and then cut/pase in to the sites.
Just some added security there.
…until someone gets a hold of your excel/word file 😉
David,
I didn’t mean that you save them in a file…..not at all.
Just open the new document for typing id/pw but never save the file.
🙂
You can save the file, just make sure it is encrypted with something like the GoldKey USB Security Token: http://www.goldkey.name
(not related to goldkey.com). Looks like these “goldkey” companies should have got together before this happened.