Wednesday, March 15, 2023

Hackers-R-Us -

 A few days ago, I read a Cybersecurity blog post about trusting Freenom, a domain registrar that handles .cf, .ga, .gq, .ml, and .tk TLD's (top level domains).  Suddenly, we have an account that receives a message :

    We recently contacted you to inform that our verification system can't verif your payment in MyVerizon-your app.
    please update payment information manually to avoid limitations on your_service.

This message comes through the registrar,, not freenom, and appears to fully be a phishing attempt for mobile account take over (

    user@workstation:~$ whois|grep -i registrar:
    Registrar: Hosting Concepts B.V. d/b/a

The registration appears to be done through a third party registrar with an .eu top-level domain, and that indicates this domain came through Europe.  A European registration trying to handle a United States mobile account is not just a red flag, but an impossible-to-pass hurdle for me.  The standard abuse forms have been filled out in order to shut it down quickly.

No comments:

Post a Comment