I got the below email last week and although it did refer to a domain that I
own, I didn't like the way that the links to 123reg didn't appear to lead
to 123reg.

http://www.zen31010.zen.co.uk/Inaccu...%20details.eml

This led me to very nearly ignoring the email as a "phishing" one but I
logged into the site directly (rather than through the links provided) and
indeed there was a problem that I was able to sort out.

I contacted 123reg and expressed my dismay at their using obfuscated links
but they responded with "I apologise that the emails look suspicious however
we could not find any errors on our end regarding these emails."

Are they barkingly stupid or am I just being a bit paranoid?

Tim

Tim+ wrote:

Are they barkingly stupid or am I just being a bit paranoid?

Never ascribe to malice that which can be explained by stupidity.

--
Scott

Where are we going and why am I in this handbasket?

Tim+ wrote:
am I just being a bit paranoid?

That one wouldn't have triggered my phishing sensors, because I know
webfusion are associated with 123-reg.

On 09/11/2013 17:10, Tim+ wrote:

Are they barkingly stupid or am I just being a bit paranoid?

The links point to webfusion.com which is a 123-reg company... so they
are legit, although it might have been better if they had pointed at
links on a 123-reg domain rather than webfusion.

So in answer to your question; yes, a bit, both of you ;-)


--
Cheers,

John.

/================================================== ===============\
| Internode Ltd - http://www.internode.co.uk |
|-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk |
\================================================= ================/

On Saturday, 9 November 2013 17:10:36 UTC, Tim+ wrote:

Are they barkingly stupid or am I just being a bit paranoid?

10 years after Vista and Microsoft are still in business. And still able to live through this sort of thing:
http://www.theregister.co.uk/2013/11...widely_abused/

On a recent thread some nitwit was complaining about Windows slowing up his laptop. Rather than believe all the Nigerians in the world with access to the internet were also using his box of tricks, he was content to stick with things he knew and whinge about it.

I don't believe anyone with a computer has enough paranoia.

They are weird I think. They actually trade or use web sites under other
names I noticed when looking up contact details for a friend though, so
maybe they ar ejust confused.

Brian

--
From the Sofa of Brian Gaff Reply address is active
"Tim+" wrote in message
...
I got the below email last week and although it did refer to a domain that
I
own, I didn't like the way that the links to 123reg didn't appear to lead
to 123reg.

http://www.zen31010.zen.co.uk/Inaccu...%20details.eml

This led me to very nearly ignoring the email as a "phishing" one but I
logged into the site directly (rather than through the links provided) and
indeed there was a problem that I was able to sort out.

I contacted 123reg and expressed my dismay at their using obfuscated links
but they responded with "I apologise that the emails look suspicious
however
we could not find any errors on our end regarding these emails."

Are they barkingly stupid or am I just being a bit paranoid?

Tim

On Sat, 09 Nov 2013 17:16:48 +0000, Scott M wrote:

Are they barkingly stupid or am I just being a bit paranoid?

Never ascribe to malice that which can be explained by stupidity.

^ What he said...

On Sat, 09 Nov 2013 23:56:21 +0000, John Rumm wrote:

Are they barkingly stupid or am I just being a bit paranoid?

The links point to webfusion.com which is a 123-reg company... so they
are legit, although it might have been better if they had pointed at
links on a 123-reg domain rather than webfusion.

However, since webfusion are a hosting company, that could easily be a
reasonably clever ploy to merely "reassure" some.

Tim+ :
I got the below email last week and although it did refer to a domain that I
own, I didn't like the way that the links to 123reg didn't appear to lead
to 123reg.

http://www.zen31010.zen.co.uk/Inaccu...%20details.eml

In case of doubt it's better to view the plain text version of the
message rather than the HTML. If you do that you'll find nothing more
suspicious than a missing apostrophe.

--
Mike Barnes

"Tim Streater" wrote in message
.. .
In article , Tim+
wrote:

I got the below email last week and although it did refer to a domain
that I
own, I didn't like the way that the links to 123reg didn't appear to
lead
to 123reg.

http://www.zen31010.zen.co.uk/Inaccu...%20details.eml

This led me to very nearly ignoring the email as a "phishing" one but I
logged into the site directly (rather than through the links provided)
and
indeed there was a problem that I was able to sort out.

I contacted 123reg and expressed my dismay at their using obfuscated
links
but they responded with "I apologise that the emails look suspicious
however
we could not find any errors on our end regarding these emails."

Are they barkingly stupid or am I just being a bit paranoid?

Well it's the usual rubbish html that one expects to see in emails, but
all the links go to webfusion

why would this be a comfort to anyone

WTF is webfusion?

and they talk about being part of
webfusion at the end, so it's prolly OK.

So a spammer (pretending to be someone you have heard of) tells you he is
part of some other concern that you haven't heard of and you think this is a
good indication that it is not spam

Would you like to buy this bridge off me

tim



--
Tim

"That excessive bail ought not to be required, nor excessive fines
imposed,
nor cruel and unusual punishments inflicted" -- Bill of Rights 1689

"Mike Barnes" wrote in message
...
Tim+ :
I got the below email last week and although it did refer to a domain that
I
own, I didn't like the way that the links to 123reg didn't appear to lead
to 123reg.

http://www.zen31010.zen.co.uk/Inaccu...%20details.eml

In case of doubt it's better to view the plain text version of the
message rather than the HTML. If you do that you'll find nothing more
suspicious than a missing apostrophe.

so the links to unknown third party sites go away in the plain text version,
do they?

tim

On 10/11/2013 11:34, tim...... wrote:

"Mike Barnes" wrote in message
...
Tim+ :
I got the below email last week and although it did refer to a domain
that I
own, I didn't like the way that the links to 123reg didn't appear to
lead
to 123reg.

http://www.zen31010.zen.co.uk/Inaccu...%20details.eml


In case of doubt it's better to view the plain text version of the
message rather than the HTML. If you do that you'll find nothing more
suspicious than a missing apostrophe.

so the links to unknown third party sites go away in the plain text
version, do they?

Can't see any links to unknown third party sites... 8 or 9 go to
webfusion.com, and one to 123-reg.co.uk


--
Cheers,

John.

/================================================== ===============\
| Internode Ltd - http://www.internode.co.uk |
|-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk |
\================================================= ================/

John Rumm wrote:
On 10/11/2013 11:34, tim...... wrote:

"Mike Barnes" wrote in message
...
Tim+ :
I got the below email last week and although it did refer to a domain
that I
own, I didn't like the way that the links to 123reg didn't appear to
lead
to 123reg.

http://www.zen31010.zen.co.uk/Inaccu...%20details.eml


In case of doubt it's better to view the plain text version of the
message rather than the HTML. If you do that you'll find nothing more
suspicious than a missing apostrophe.

so the links to unknown third party sites go away in the plain text
version, do they?

Can't see any links to unknown third party sites... 8 or 9 go to
webfusion.com, and one to 123-reg.co.uk



The point is/was, webfusion was an unknown link to me. Given that the
standard way to check a link is to see if it links to where it says it
links to before you follow it, surely this is bad practice?

Tim

tim...... :

"Mike Barnes" wrote in message news:UK02TFVbO
...
Tim+ :
I got the below email last week and although it did refer to a domain
that I
own, I didn't like the way that the links to 123reg didn't appear to lead
to 123reg.

http://www.zen31010.zen.co.uk/Inaccu...istration%20de
tails.eml

In case of doubt it's better to view the plain text version of the
message rather than the HTML. If you do that you'll find nothing more
suspicious than a missing apostrophe.

so the links to unknown third party sites go away in the plain text
version, do they?

Yes.

Quoted below is the plain text version, which as you can see, is totally
innocuous. There are no links, though an enthusiastic mail client might
display "www.123-reg.co.uk" as a link. The worst that could happen, if
it was phishing, is that you'd "log into the 123-reg control panel and
update the details in the domain management section" unnecessarily.

The plain text version is 100% safe and tells you all you need to know.
There's no point in the HTML, except to display the company's logo
(yawn), and to provide links that a sensible user would avoid clicking
on and a responsible company would not have sent out.

8----8----8----8----8----8----8----8----8----8----8----8----

URGENT Update your details now to avoid disruption to your services

Dear Tim,

We have important information regarding the .UK domain(s) you have
registered that requires your urgent attention.

Nominet, the .UK registry, carries out regular data quality checks to
combat fraudulent domain use to provide a safe and secure .UK domain
environment. Nominet have been unable to validate the following details
provided for the domains shown below:




Invalid Registrant Name

yyyyy.org.uk




In Nominets Terms and Conditions it states that registrants are required
to provide accurate name and contact information for their .UK domains,
so you are required to update your details to ensure they are up-to-
date.

To facilitate this Nominet have opened a Data Quality Window to provide
registrars with the means of correcting registrant information that has
failed validation. Normally, changing the registrant name for a .UK
domain can only be done directly at Nominet, at a 10 charge. However the
good news is that while the Data Quality Window is open this information
can be changed through 123-reg at no additional cost to yourselves.

To amend your registrant name or address for the above domains simply
log into the 123-reg control panel and update the details in the domain
management section. However please note that the window closes on 11th
February 2014 so please ensure your registration details are updated
before this date to avoid any charges and possible disruption to your
services.

Need more info?

If you have any questions about this or anything else relating to
123-reg dont hesitate to contact us. We are always happy to help.

Please visit our support site once you're logged in, click ASK A
QUESTION to send us a query email.

kind regards,

The 123-reg team
www.123-reg.co.uk








About us | Privacy policy
Copyright 123-reg - Part of Webfusion Ltd

Webfusion Ltd is a company registered in England and Wales with company
number 05306504. Our VAT number is 927 1292 22. The address of our
registered office is: 5 Roundwood Avenue, Stockley Park, Uxbridge,
Middlesex, UB11 1FF.

--
Mike Barnes

On 10/11/2013 22:30, Tim+ wrote:
John Rumm wrote:
On 10/11/2013 11:34, tim...... wrote:

"Mike Barnes" wrote in message
...
Tim+ :
I got the below email last week and although it did refer to a domain
that I
own, I didn't like the way that the links to 123reg didn't appear to
lead
to 123reg.

http://www.zen31010.zen.co.uk/Inaccu...%20details.eml


In case of doubt it's better to view the plain text version of the
message rather than the HTML. If you do that you'll find nothing more
suspicious than a missing apostrophe.

so the links to unknown third party sites go away in the plain text
version, do they?

Can't see any links to unknown third party sites... 8 or 9 go to
webfusion.com, and one to 123-reg.co.uk



The point is/was, webfusion was an unknown link to me. Given that the
standard way to check a link is to see if it links to where it says it
links to before you follow it, surely this is bad practice?

Hence my original comment - yes they were being a bit daft. However they
do make the webfusion brand fairly public - most 123-reg pages have
"Copyright © 2013 Webfusion Ltd." at the bottom of them for example.

Its always wise to check where the links point - after all, if it looks
like a kebab shop in poland, then you would be right to smell a rat!
Doing as you did (going to the suggested page without using the supplied
link is also a sensible way forward.

--
Cheers,

John.

/================================================== ===============\
| Internode Ltd - http://www.internode.co.uk |
|-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk |
\================================================= ================/

On 10/11/13 22:30, Tim+ wrote:
John Rumm wrote:
On 10/11/2013 11:34, tim...... wrote:

"Mike Barnes" wrote in message
...
Tim+ :
I got the below email last week and although it did refer to a domain
that I
own, I didn't like the way that the links to 123reg didn't appear to
lead
to 123reg.

http://www.zen31010.zen.co.uk/Inaccu...%20details.eml


In case of doubt it's better to view the plain text version of the
message rather than the HTML. If you do that you'll find nothing more
suspicious than a missing apostrophe.

so the links to unknown third party sites go away in the plain text
version, do they?

Can't see any links to unknown third party sites... 8 or 9 go to
webfusion.com, and one to 123-reg.co.uk



The point is/was, webfusion was an unknown link to me. Given that the
standard way to check a link is to see if it links to where it says it
links to before you follow it, surely this is bad practice?

Tim

yeah I had this and checked at 123 to see if my registrations had in
fact run out. One nearly had, but strangely I think the renewal fee was
less at 123 than via the email...

My guess is they farm off details to webfusion who may make extra cash
if you are stupid enough to use them.


--
Ineptocracy

(in-ep-toc-ra-cy) €“ a system of government where the least capable to
lead are elected by the least capable of producing, and where the
members of society least likely to sustain themselves or succeed, are
rewarded with goods and services paid for by the confiscated wealth of a
diminishing number of producers.

On Sun, 10 Nov 2013 22:30:40 +0000, Tim+
wrote:

John Rumm wrote:
On 10/11/2013 11:34, tim...... wrote:

"Mike Barnes" wrote in message
...
Tim+ :
I got the below email last week and although it did refer to a domain
that I
own, I didn't like the way that the links to 123reg didn't appear to
lead
to 123reg.

http://www.zen31010.zen.co.uk/Inaccu...%20details.eml


In case of doubt it's better to view the plain text version of the
message rather than the HTML. If you do that you'll find nothing more
suspicious than a missing apostrophe.

so the links to unknown third party sites go away in the plain text
version, do they?

Can't see any links to unknown third party sites... 8 or 9 go to
webfusion.com, and one to 123-reg.co.uk



The point is/was, webfusion was an unknown link to me. Given that the
standard way to check a link is to see if it links to where it says it
links to before you follow it, surely this is bad practice?

It is bad practice. The sender should not assume that the receipient
knows that webfusion is related to 123, nor should they expect you to
waste your time looking it up.
--
(\__/) M.
(='.'=) If a man stands in a forest and no woman is around
(")_(") is he still wrong?

"John Rumm" wrote in message
o.uk...
On 10/11/2013 22:30, Tim+ wrote:
John Rumm wrote:
On 10/11/2013 11:34, tim...... wrote:

"Mike Barnes" wrote in message
...
Tim+ :
I got the below email last week and although it did refer to a domain
that I
own, I didn't like the way that the links to 123reg didn't appear to
lead
to 123reg.

http://www.zen31010.zen.co.uk/Inaccu...%20details.eml


In case of doubt it's better to view the plain text version of the
message rather than the HTML. If you do that you'll find nothing more
suspicious than a missing apostrophe.

so the links to unknown third party sites go away in the plain text
version, do they?

Can't see any links to unknown third party sites... 8 or 9 go to
webfusion.com, and one to 123-reg.co.uk



The point is/was, webfusion was an unknown link to me. Given that the
standard way to check a link is to see if it links to where it says it
links to before you follow it, surely this is bad practice?

Hence my original comment - yes they were being a bit daft. However they
do make the webfusion brand fairly public - most 123-reg pages have
"Copyright © 2013 Webfusion Ltd." at the bottom of them for example.

but I repeat

how is that helpful if the recipient had never heard of webfusion and is
likely to have no confidence that they are legitimate. Just because they
have a "professional" looking web page adds absolutely nothing to the
equation here, because the staring point for a scammer is to have a
professional looking web page


tim

On 11/11/2013 18:13, tim...... wrote:

"John Rumm" wrote in message
o.uk...
On 10/11/2013 22:30, Tim+ wrote:
John Rumm wrote:
On 10/11/2013 11:34, tim...... wrote:

"Mike Barnes" wrote in message
...
Tim+ :
I got the below email last week and although it did refer to a
domain
that I
own, I didn't like the way that the links to 123reg didn't
appear to
lead
to 123reg.

http://www.zen31010.zen.co.uk/Inaccu...%20details.eml



In case of doubt it's better to view the plain text version of the
message rather than the HTML. If you do that you'll find nothing more
suspicious than a missing apostrophe.

so the links to unknown third party sites go away in the plain text
version, do they?

Can't see any links to unknown third party sites... 8 or 9 go to
webfusion.com, and one to 123-reg.co.uk



The point is/was, webfusion was an unknown link to me. Given that the
standard way to check a link is to see if it links to where it says it
links to before you follow it, surely this is bad practice?

Hence my original comment - yes they were being a bit daft. However
they do make the webfusion brand fairly public - most 123-reg pages
have "Copyright © 2013 Webfusion Ltd." at the bottom of them for example.

but I repeat

There is no need really - I agree with you ;-)

how is that helpful if the recipient had never heard of webfusion and is
likely to have no confidence that they are legitimate. Just because
they have a "professional" looking web page adds absolutely nothing to
the equation here, because the staring point for a scammer is to have a
professional looking web page

Well I was kind of assuming the OP was a 123-reg user and had already
visited their pages at least enough times in the past to register and
administer their domain. (If they were not they would not have received
the email in the first place).


--
Cheers,

John.

/================================================== ===============\
| Internode Ltd - http://www.internode.co.uk |
|-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk |
\================================================= ================/

In message , John
Rumm writes
On 10/11/2013 22:30, Tim+ wrote:
John Rumm wrote:
On 10/11/2013 11:34, tim...... wrote:

"Mike Barnes" wrote in message
...
Tim+ :
I got the below email last week and although it did refer to a domain
that I
own, I didn't like the way that the links to 123reg didn't appear to
lead
to 123reg.


http://www.zen31010.zen.co.uk/Inaccu...egistration%20



In case of doubt it's better to view the plain text version of the
message rather than the HTML. If you do that you'll find nothing more
suspicious than a missing apostrophe.

so the links to unknown third party sites go away in the plain text
version, do they?

Can't see any links to unknown third party sites... 8 or 9 go to
webfusion.com, and one to 123-reg.co.uk



The point is/was, webfusion was an unknown link to me. Given that the
standard way to check a link is to see if it links to where it says it
links to before you follow it, surely this is bad practice?

Hence my original comment - yes they were being a bit daft. However
they do make the webfusion brand fairly public - most 123-reg pages
have "Copyright © 2013 Webfusion Ltd." at the bottom of them for example.

Its always wise to check where the links point - after all, if it looks
like a kebab shop in poland, then you would be right to smell a rat!
Doing as you did (going to the suggested page without using the
supplied link is also a sensible way forward.

What are you suggesting? That they use rats in kebab shops in Poland?
--
bert