DomainCop domain name scam becomes “ICANN Inc.”

The pretty well know by now spam/scam email by DomainCop has transformed and is now pretending to be a company with a familiar name: ICANN Inc.

ICANN is “The Internet Corporation for Assigned Names and Numbers” and its official website is located at icann.org.

Previously used domains used by the scammers have been either suspended or blacklisted so scammers keep registering new ones.

The new spam/scam emails are now coming from an email address using the icann-monitor.org domain name. The new domain name sending the spam was registered at Enom.com on the 28th of December 2016. The scammers also registered the domain name icannmonitor.org so more spam emails might come from this domain name when the first one gets blacklisted or suspended.

These criminals impersonate trusted senders such as ICANN in email to gain your trust so they can obtain access to sensitive data. These phishing emails may appear to come from various sources including ICANN, your registrar or registry, or other business partners.

ICANN is in no way associated with these domain names or email and people receiving these email messages should just delete them and not click on any of the links. You can also mark the emails as spam and also report them at your ISP, at the domain name registrar the domains are registered with and even report the email at ICANN.org by forwarding suspected scam messages (including the email headers) to globalsupport@icann.org with “suspected phishing” in the subject line.

ICANN issued an announcement on What You Should Do If You Receive A Suspected Fraudulent ICANN Email.

Here is the complete email spam / scam message received yesterday:

From: Sofia Graham <sofia_graham@icann-monitor.org>
To: **********.com <**************>
Subject: Domain Abuse Notice: ********.com

Dear Domain Owner,

Our system has detected that your domain: ********* is being used for spamming and spreading malware recently.
You can download the detailed abuse report of your domain along with date/time of incidents. Click Here

We have also provided detailed instruction on how to delist your domain from our blacklisting.

Please download the report immediately and take proper action within 24 hours otherwise your domain will be suspended permanently.

There is also possibility of legal action depend on severity and persistence of your abuse case.

Three Simple Steps:
1. Download your abuse report.
2. Check your domain abuse incidents along with date and time.
3. Take few simple steps for prevention and to avoid domain suspension.

Click Here to Download your Report

Please look into it and contact us.

Best Regards,
Domain Abuse Dept.
ICANN Inc.
Tel.: (139) 715-45-56

Sold.Domains

About Konstantinos Zournas

Konstantinos studied Computer Engineering and Computer Science in London and lives in Athens, Greece. He works on domain names, websites and software development. Has been online since 1995 & domaining since 2002.

5 comments

  1. Got that email as well, it went directly to the spam folder … lol 😀
    IMHO Namecheap and eNom should take immediate action and suspend/delete the domains involved in this laughable scam …

  2. Thanks for sharing K.

  3. I recieved all kinds of emails, that said: ” call your bank immediately, we just deposited $XXXXXXXXX to your account. I get these emails everyday!!! from “Lexington code” they want me to the click link.
    Other emails I recieved it said: ” I have earned $XXXXX commission contact your bank now; click link.

    I started getting these kinds of emails since I started collecting domains 💃

Leave a Reply

Your email address will not be published. Required fields are marked *