Published On: Thu, Dec 1st, 2016

Beware of New Web Scam

Share This
Tags

Have you received a domain abuse notice from domaincop.org or domaincop.net?

A few days ago, we received an email from Evelyn Russell (russell@domaincop.org) entitled “Domain Abuse Notice”; we’ve had our share of investigations regarding this subject.

On July 27th 2015 we wrote about it on: http://www.theyucatantimes.com/2015/07/beware-of-chinese-domain-scams/, and now, there is a new method used. Here is the text from emails received by The Yucatan Times:

Dear Domain Owner,

Our system has detected that your domain: DomainName is being used for spamming and spreading malware recently.

You can download the detailed abuse report of your domain along with date/time of incidents. Click Here (Link)

We have also provided detailed instruction on how to delist your domain from our blacklisting.

Please download the report immediately and take proper action within 24 hours otherwise your domain will be suspended permanently.

There is also possibility of legal action depending on severity and persistence of your abuse case.

Three Simple Steps:

  1. Download your abuse report.
  2. Check your domain abuse incidents along with date and time.
  3. Take few simple steps for prevention and to avoid domain suspension.

 Click Here to Download your Report (link) 

Please look into it and contact us.

Best Regards,

  • Domain Abuse Admin
  • DomainCop Inc.
  • Tel.: (139) 723-31-04

After a couple of days, we received another email, with the same exact content, from a different email address.

  • Alfie Robinson (alfie-robinson@domaincop.org)

We conducted a research and found that domaincop.org was registered on 22nd Nov 2016 (Today is December 1 2016, so, this was done 9 days ago). Here is the whois information:

who-is-1

Who-is

who-is-2

Who -is


This site was registered a few days ago, and updated the very same day, and has “Privacy Guard” enabled which means you cannot see the real owner’s name. Putting this in perspective, it seems odd that such a new business started analyzing domains and circulated mass emails quite fast. We searched on Google and found the domain has no DNS response when tested on cURL we found the domain does not exists in DNS… We also tried to call the number… It doesn´t exist.

status-code-checker

status-code-checker

If you ever receive any emails such as these, DO NOT OPEN the files or links. Just delete it.

Please beware and share with your friends so you do not become a victim of this scam!

 

J.Urioste

Times Media Mexico

Newsroom

Mexico Travel Care

footer-john-2


Comments

comments

Leave a comment

XHTML: You can use these html tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>