A few days ago, I read a Cybersecurity blog post about trusting Freenom, a domain registrar that handles .cf, .ga, .gq, .ml, and .tk TLD's (top level domains). Suddenly, we have an account that receives a message :
284892930
We recently contacted you to inform that our verification system can't verif your payment in MyVerizon-your app.
please update payment information manually to avoid limitations on your_service.
cphrc.org/?o&Vz0N6ZvH
This message comes through the registrar, openprovider.com, not freenom, and appears to fully be a phishing attempt for mobile account take over (cphrc.org
user@workstation:~$ whois cphrc.org|grep -i registrar:
Registrar: Hosting Concepts B.V. d/b/a Registrar.eu
user@workstation:~$
The registration appears to be done through a third party registrar with an .eu top-level domain, and that indicates this domain came through Europe. A European registration trying to handle a United States mobile account is not just a red flag, but an impossible-to-pass hurdle for me. The standard abuse forms have been filled out in order to shut it down quickly.
No comments:
Post a Comment