Author: EM @ KING.NET
I received four spear phishing emails attack this month addressed to some of our domain properties. Just like other spear phishing emails, they are look normal email message targeting specific organization (or individual) seeking unauthorized access to your computer.
Here’s an example.
The email address came from firstname.lastname@example.org . First sign of this email is a spam because Enom don’t use this email and domain name.
Domain ?????.COM Suspension Notice.
The following domain names have been suspended for violation of the ENOM, INC. Abuse Policy:
Domain Name: ?????.COM (I removed the domain name)
Registrar: ENOM, INC.
Registrant Name: DOMAIN MANAGER
Multiple warnings were sent by ENOM, INC. Spam and Abuse Department to give you an opportunity to address the complaints we have received.
We did not receive a reply from you to these email warnings so we then attempted to contact you via telephone.
We had no choice but to suspend your domain name when you did not respond to our attempts to contact you.
Click here and download a copy of complaints we have received. (This is the payload of this spear phishing email attack. When you click the link, it will download and install the program to your computer.)
Please contact us for additional information regarding this notification.
Spam and Abuse Department
Abuse Department Hotline: 480-938-2445 (<- this number is different to all spam I received)
My email security caught this spear phishing attack, and dropped this to my SPAM folder. Always check your email especially holidays is just around the corner.