Monday, 2 November 2015

We have received a number of complaints from customers about a phishing email, which pretends to be sent by our registrar – Thexyz., by eNom, by LiquidNet Ltd or by Public Domain Registry.

Global phishing attacks are common nowadays. However, this particular one goes one step further, stirring confusion by including a specific domain name that is owned by the given recipient, rather than some random content.

The accurate domain owner information, coupled with the sense of urgency created by the phishers themselves, have caught many users off guard and have prompted them to click on links, which lead to virus-infected websites.

Fortunately, many of the hosts of the phishing sites have been notified and the harmful pages have been suspended. However, this does not exclude the possibility that other infected pages may still be circulating around. Here is an example of the email that has been circulating around.

What should you do when you receive an email like this?

DO NOT CLICK ON ANY OF THE LINKS IN THE EMAIL!

A quick way to verify if the email sender in the header is authentic is to always hover over the link itself to see where it’s going.

Here is an example of how a phishing email’s Return-Path header would look like:

Return-Path:
Received: from stu.xjtu.edu.cn
X-EQAUTHUSER: zhhliu@stu.xjtu.edu.cn

Mobile phone users can press and hold the link to see the full URL.

If you are still in doubt, forward any emails you are unsure of to support@thexyz.com and we will reply back shortly.

Trending Posts

Blog Archive

Subscribe by email

Enter your email address:

Subscribe to more feeds

Tags

News (73) Web Hosting (48) Email (28) security (22) Advertising (17) webmail (17) Tutorials (16) Thexyz Cloud (14) Video (5) resellers (2)