Domain-Guides

It appears that all TrafficZ customers have received a notice by email today they may be the target of a phishing attack. This particular website was hosted in China (Beijing - Chinanet Jiangsu Province Network). I did some research on my own and it appears that not only are TrafficZ’s customers targets but so are GoldKey’s customers. A Registrant Search on the phisher quickly showed the other target was GoldKey customers. Below is a copy of the email I received from TrafficZ:

“Several of our clients have received emails spoofing the email address of TrafficZ personnel. The title of these emails usually read “TrafficZ | Domain Termination Notice”. The “notice” states that one of your domains has been deleted from your TrafficZ account and to visit Traffiz.com within 72 hours or your account will be blocked. The sender is listed as Deborah Amar, one of our Client Relations Specialist. If you click on the link to visit the TraffiZ.com, you will be directed to TrofficZ.com, which bears close resemblance to TrafficZ.com. This is a phishing attempt to try and capture the username and password of your TrafficZ account.

Please be assured that the TrafficZ attorneys are doing everything in their power to end these emails and disable TrofficZ.com. If you have mistakenly entered your username and password on this phishing site, please notify us immediately, change your password and re-verify your payment information. “

I think this marks the arrival of micro-phishing. We have reached a point where domains are valuable and so are the accounts that monetize them. I think phishers are getting more creative at how they operate and now look for wealthy targets. Paypal and Bank of America move over, micro-phishing has arrived the new targets are domain owners. When a phishing group can target individual customers they are more likely to be scammed into handing over credentials. For example, I keep getting phishing emails about accounts I don’t have, like my “Bank of Scotland” account. It is hard for me to be convinced to give up my username and password to a banking website I have never visited or even registered for. However Domains have DNS information and a phisher can see what customers to target for each parking company or registrar.

Tags: Uncategorized //