I received a spam/scam email today that I hadn’t seen before. The email was directed at a brand new domain I’d registered only days earlier.
The email tries to scare the website owner into going to domaincop(dot)net and downloading malware or provide compromising information.
The targeted domain name and website owner is accused of spamming and spreading malware and even threatens, among other things, legal action. The email lists a long and obscure link which I can say with a good amount of certainty, leads to either a phishing or download page containing malware.
The domain name domaincop(dot)net was registered this month at Namesilo.com and is obscured with whois privacy.
The spammer/scammer is likely harvesting domain name whois records for email addresses, targeting newly registered domains.
Here is the text of the email:
Dear Domain Owner,
Our system has detected that your domain: *********.org is being used for spamming and spreading malware recently.
You can download the detailed abuse report of your domain along with date/time of incidents. Click Here*
We have also provided detailed instruction on how to delist your domain from our blacklisting.
Please download the report immediately and take proper action within 24 hours otherwise your domain will be suspended permanently.
There is also possibility of legal action depend on severity and persistence of your abuse case.
Three Simple Steps:
1. Download your abuse report.
2. Check your domain abuse incidents along with date and time.
3. Take few simple steps for prevention and to avoid domain suspension.
Click Here to Download your Report*
Please look into it and contact us.
Domain Abuse Admin
(* Link removed for obvious reasons)
- This same scammer has been reported to be using a few other domains, the two I know of so far are domaincop(dot)org and domaincorp(dot)net.
- The owner/operator of this scam operation appears to be Ronald Miranda from the Dominican Republic, using this email address: firstname.lastname@example.org.
- Genstylehost.com was registered by Ronald Miranda at ascio.com on October 31st using the email address email@example.com.
- genstyledesigns.xyz was registered at 1und1.de on October 1st using this address: firstname.lastname@example.org.
- servicioempresarial.net was registered in 2012 by Ronald Miranda using this email address: email@example.com.