Home |
Search |
Today's Posts |
|
UK diy (uk.d-i-y) For the discussion of all topics related to diy (do-it-yourself) in the UK. All levels of experience and proficency are welcome to join in to ask questions or offer solutions. |
Reply |
|
LinkBack | Thread Tools | Display Modes |
#1
Posted to uk.d-i-y
|
|||
|
|||
OT Phishing emails. Am I being too sensitive?
I got the below email last week and although it did refer to a domain that I
own, I didn't like the way that the links to 123reg didn't appear to lead to 123reg. http://www.zen31010.zen.co.uk/Inaccu...%20details.eml This led me to very nearly ignoring the email as a "phishing" one but I logged into the site directly (rather than through the links provided) and indeed there was a problem that I was able to sort out. I contacted 123reg and expressed my dismay at their using obfuscated links but they responded with "I apologise that the emails look suspicious however we could not find any errors on our end regarding these emails." Are they barkingly stupid or am I just being a bit paranoid? Tim |
#2
Posted to uk.d-i-y
|
|||
|
|||
OT Phishing emails. Am I being too sensitive?
Tim+ wrote:
Are they barkingly stupid or am I just being a bit paranoid? Never ascribe to malice that which can be explained by stupidity. -- Scott Where are we going and why am I in this handbasket? |
#3
Posted to uk.d-i-y
|
|||
|
|||
OT Phishing emails. Am I being too sensitive?
Tim+ wrote:
am I just being a bit paranoid? That one wouldn't have triggered my phishing sensors, because I know webfusion are associated with 123-reg. |
#4
Posted to uk.d-i-y
|
|||
|
|||
OT Phishing emails. Am I being too sensitive?
On 09/11/2013 17:10, Tim+ wrote:
Are they barkingly stupid or am I just being a bit paranoid? The links point to webfusion.com which is a 123-reg company... so they are legit, although it might have been better if they had pointed at links on a 123-reg domain rather than webfusion. So in answer to your question; yes, a bit, both of you ;-) -- Cheers, John. /================================================== ===============\ | Internode Ltd - http://www.internode.co.uk | |-----------------------------------------------------------------| | John Rumm - john(at)internode(dot)co(dot)uk | \================================================= ================/ |
#5
Posted to uk.d-i-y
|
|||
|
|||
OT Phishing emails. Am I being too sensitive?
On Saturday, 9 November 2013 17:10:36 UTC, Tim+ wrote:
Are they barkingly stupid or am I just being a bit paranoid? 10 years after Vista and Microsoft are still in business. And still able to live through this sort of thing: http://www.theregister.co.uk/2013/11...widely_abused/ On a recent thread some nitwit was complaining about Windows slowing up his laptop. Rather than believe all the Nigerians in the world with access to the internet were also using his box of tricks, he was content to stick with things he knew and whinge about it. I don't believe anyone with a computer has enough paranoia. |
#6
Posted to uk.d-i-y
|
|||
|
|||
OT Phishing emails. Am I being too sensitive?
They are weird I think. They actually trade or use web sites under other
names I noticed when looking up contact details for a friend though, so maybe they ar ejust confused. Brian -- From the Sofa of Brian Gaff Reply address is active "Tim+" wrote in message ... I got the below email last week and although it did refer to a domain that I own, I didn't like the way that the links to 123reg didn't appear to lead to 123reg. http://www.zen31010.zen.co.uk/Inaccu...%20details.eml This led me to very nearly ignoring the email as a "phishing" one but I logged into the site directly (rather than through the links provided) and indeed there was a problem that I was able to sort out. I contacted 123reg and expressed my dismay at their using obfuscated links but they responded with "I apologise that the emails look suspicious however we could not find any errors on our end regarding these emails." Are they barkingly stupid or am I just being a bit paranoid? Tim |
#7
Posted to uk.d-i-y
|
|||
|
|||
OT Phishing emails. Am I being too sensitive?
On Sat, 09 Nov 2013 17:16:48 +0000, Scott M wrote:
Are they barkingly stupid or am I just being a bit paranoid? Never ascribe to malice that which can be explained by stupidity. ^ What he said... |
#8
Posted to uk.d-i-y
|
|||
|
|||
OT Phishing emails. Am I being too sensitive?
On Sat, 09 Nov 2013 23:56:21 +0000, John Rumm wrote:
Are they barkingly stupid or am I just being a bit paranoid? The links point to webfusion.com which is a 123-reg company... so they are legit, although it might have been better if they had pointed at links on a 123-reg domain rather than webfusion. However, since webfusion are a hosting company, that could easily be a reasonably clever ploy to merely "reassure" some. |
#9
Posted to uk.d-i-y
|
|||
|
|||
OT Phishing emails. Am I being too sensitive?
Tim+ :
I got the below email last week and although it did refer to a domain that I own, I didn't like the way that the links to 123reg didn't appear to lead to 123reg. http://www.zen31010.zen.co.uk/Inaccu...%20details.eml In case of doubt it's better to view the plain text version of the message rather than the HTML. If you do that you'll find nothing more suspicious than a missing apostrophe. -- Mike Barnes |
#10
Posted to uk.d-i-y
|
|||
|
|||
OT Phishing emails. Am I being too sensitive?
"Tim Streater" wrote in message .. . In article , Tim+ wrote: I got the below email last week and although it did refer to a domain that I own, I didn't like the way that the links to 123reg didn't appear to lead to 123reg. http://www.zen31010.zen.co.uk/Inaccu...%20details.eml This led me to very nearly ignoring the email as a "phishing" one but I logged into the site directly (rather than through the links provided) and indeed there was a problem that I was able to sort out. I contacted 123reg and expressed my dismay at their using obfuscated links but they responded with "I apologise that the emails look suspicious however we could not find any errors on our end regarding these emails." Are they barkingly stupid or am I just being a bit paranoid? Well it's the usual rubbish html that one expects to see in emails, but all the links go to webfusion why would this be a comfort to anyone WTF is webfusion? and they talk about being part of webfusion at the end, so it's prolly OK. So a spammer (pretending to be someone you have heard of) tells you he is part of some other concern that you haven't heard of and you think this is a good indication that it is not spam Would you like to buy this bridge off me tim -- Tim "That excessive bail ought not to be required, nor excessive fines imposed, nor cruel and unusual punishments inflicted" -- Bill of Rights 1689 |
#11
Posted to uk.d-i-y
|
|||
|
|||
OT Phishing emails. Am I being too sensitive?
"Mike Barnes" wrote in message ... Tim+ : I got the below email last week and although it did refer to a domain that I own, I didn't like the way that the links to 123reg didn't appear to lead to 123reg. http://www.zen31010.zen.co.uk/Inaccu...%20details.eml In case of doubt it's better to view the plain text version of the message rather than the HTML. If you do that you'll find nothing more suspicious than a missing apostrophe. so the links to unknown third party sites go away in the plain text version, do they? tim |
#12
Posted to uk.d-i-y
|
|||
|
|||
OT Phishing emails. Am I being too sensitive?
On 10/11/2013 11:34, tim...... wrote:
"Mike Barnes" wrote in message ... Tim+ : I got the below email last week and although it did refer to a domain that I own, I didn't like the way that the links to 123reg didn't appear to lead to 123reg. http://www.zen31010.zen.co.uk/Inaccu...%20details.eml In case of doubt it's better to view the plain text version of the message rather than the HTML. If you do that you'll find nothing more suspicious than a missing apostrophe. so the links to unknown third party sites go away in the plain text version, do they? Can't see any links to unknown third party sites... 8 or 9 go to webfusion.com, and one to 123-reg.co.uk -- Cheers, John. /================================================== ===============\ | Internode Ltd - http://www.internode.co.uk | |-----------------------------------------------------------------| | John Rumm - john(at)internode(dot)co(dot)uk | \================================================= ================/ |
#13
Posted to uk.d-i-y
|
|||
|
|||
OT Phishing emails. Am I being too sensitive?
John Rumm wrote:
On 10/11/2013 11:34, tim...... wrote: "Mike Barnes" wrote in message ... Tim+ : I got the below email last week and although it did refer to a domain that I own, I didn't like the way that the links to 123reg didn't appear to lead to 123reg. http://www.zen31010.zen.co.uk/Inaccu...%20details.eml In case of doubt it's better to view the plain text version of the message rather than the HTML. If you do that you'll find nothing more suspicious than a missing apostrophe. so the links to unknown third party sites go away in the plain text version, do they? Can't see any links to unknown third party sites... 8 or 9 go to webfusion.com, and one to 123-reg.co.uk The point is/was, webfusion was an unknown link to me. Given that the standard way to check a link is to see if it links to where it says it links to before you follow it, surely this is bad practice? Tim |
#14
Posted to uk.d-i-y
|
|||
|
|||
OT Phishing emails. Am I being too sensitive?
tim...... :
"Mike Barnes" wrote in message news:UK02TFVbO ... Tim+ : I got the below email last week and although it did refer to a domain that I own, I didn't like the way that the links to 123reg didn't appear to lead to 123reg. http://www.zen31010.zen.co.uk/Inaccu...istration%20de tails.eml In case of doubt it's better to view the plain text version of the message rather than the HTML. If you do that you'll find nothing more suspicious than a missing apostrophe. so the links to unknown third party sites go away in the plain text version, do they? Yes. Quoted below is the plain text version, which as you can see, is totally innocuous. There are no links, though an enthusiastic mail client might display "www.123-reg.co.uk" as a link. The worst that could happen, if it was phishing, is that you'd "log into the 123-reg control panel and update the details in the domain management section" unnecessarily. The plain text version is 100% safe and tells you all you need to know. There's no point in the HTML, except to display the company's logo (yawn), and to provide links that a sensible user would avoid clicking on and a responsible company would not have sent out. 8----8----8----8----8----8----8----8----8----8----8----8---- URGENT Update your details now to avoid disruption to your services Dear Tim, We have important information regarding the .UK domain(s) you have registered that requires your urgent attention. Nominet, the .UK registry, carries out regular data quality checks to combat fraudulent domain use to provide a safe and secure .UK domain environment. Nominet have been unable to validate the following details provided for the domains shown below: Invalid Registrant Name yyyyy.org.uk In Nominets Terms and Conditions it states that registrants are required to provide accurate name and contact information for their .UK domains, so you are required to update your details to ensure they are up-to- date. To facilitate this Nominet have opened a Data Quality Window to provide registrars with the means of correcting registrant information that has failed validation. Normally, changing the registrant name for a .UK domain can only be done directly at Nominet, at a 10 charge. However the good news is that while the Data Quality Window is open this information can be changed through 123-reg at no additional cost to yourselves. To amend your registrant name or address for the above domains simply log into the 123-reg control panel and update the details in the domain management section. However please note that the window closes on 11th February 2014 so please ensure your registration details are updated before this date to avoid any charges and possible disruption to your services. Need more info? If you have any questions about this or anything else relating to 123-reg dont hesitate to contact us. We are always happy to help. Please visit our support site once you're logged in, click ASK A QUESTION to send us a query email. kind regards, The 123-reg team www.123-reg.co.uk About us | Privacy policy Copyright 123-reg - Part of Webfusion Ltd Webfusion Ltd is a company registered in England and Wales with company number 05306504. Our VAT number is 927 1292 22. The address of our registered office is: 5 Roundwood Avenue, Stockley Park, Uxbridge, Middlesex, UB11 1FF. -- Mike Barnes |
#15
Posted to uk.d-i-y
|
|||
|
|||
OT Phishing emails. Am I being too sensitive?
On 10/11/2013 22:30, Tim+ wrote:
John Rumm wrote: On 10/11/2013 11:34, tim...... wrote: "Mike Barnes" wrote in message ... Tim+ : I got the below email last week and although it did refer to a domain that I own, I didn't like the way that the links to 123reg didn't appear to lead to 123reg. http://www.zen31010.zen.co.uk/Inaccu...%20details.eml In case of doubt it's better to view the plain text version of the message rather than the HTML. If you do that you'll find nothing more suspicious than a missing apostrophe. so the links to unknown third party sites go away in the plain text version, do they? Can't see any links to unknown third party sites... 8 or 9 go to webfusion.com, and one to 123-reg.co.uk The point is/was, webfusion was an unknown link to me. Given that the standard way to check a link is to see if it links to where it says it links to before you follow it, surely this is bad practice? Hence my original comment - yes they were being a bit daft. However they do make the webfusion brand fairly public - most 123-reg pages have "Copyright © 2013 Webfusion Ltd." at the bottom of them for example. Its always wise to check where the links point - after all, if it looks like a kebab shop in poland, then you would be right to smell a rat! Doing as you did (going to the suggested page without using the supplied link is also a sensible way forward. -- Cheers, John. /================================================== ===============\ | Internode Ltd - http://www.internode.co.uk | |-----------------------------------------------------------------| | John Rumm - john(at)internode(dot)co(dot)uk | \================================================= ================/ |
#16
Posted to uk.d-i-y
|
|||
|
|||
OT Phishing emails. Am I being too sensitive?
On 10/11/13 22:30, Tim+ wrote:
John Rumm wrote: On 10/11/2013 11:34, tim...... wrote: "Mike Barnes" wrote in message ... Tim+ : I got the below email last week and although it did refer to a domain that I own, I didn't like the way that the links to 123reg didn't appear to lead to 123reg. http://www.zen31010.zen.co.uk/Inaccu...%20details.eml In case of doubt it's better to view the plain text version of the message rather than the HTML. If you do that you'll find nothing more suspicious than a missing apostrophe. so the links to unknown third party sites go away in the plain text version, do they? Can't see any links to unknown third party sites... 8 or 9 go to webfusion.com, and one to 123-reg.co.uk The point is/was, webfusion was an unknown link to me. Given that the standard way to check a link is to see if it links to where it says it links to before you follow it, surely this is bad practice? Tim yeah I had this and checked at 123 to see if my registrations had in fact run out. One nearly had, but strangely I think the renewal fee was less at 123 than via the email... My guess is they farm off details to webfusion who may make extra cash if you are stupid enough to use them. -- Ineptocracy (in-ep-toc-ra-cy) €“ a system of government where the least capable to lead are elected by the least capable of producing, and where the members of society least likely to sustain themselves or succeed, are rewarded with goods and services paid for by the confiscated wealth of a diminishing number of producers. |
#17
Posted to uk.d-i-y
|
|||
|
|||
OT Phishing emails. Am I being too sensitive?
On Sun, 10 Nov 2013 22:30:40 +0000, Tim+
wrote: John Rumm wrote: On 10/11/2013 11:34, tim...... wrote: "Mike Barnes" wrote in message ... Tim+ : I got the below email last week and although it did refer to a domain that I own, I didn't like the way that the links to 123reg didn't appear to lead to 123reg. http://www.zen31010.zen.co.uk/Inaccu...%20details.eml In case of doubt it's better to view the plain text version of the message rather than the HTML. If you do that you'll find nothing more suspicious than a missing apostrophe. so the links to unknown third party sites go away in the plain text version, do they? Can't see any links to unknown third party sites... 8 or 9 go to webfusion.com, and one to 123-reg.co.uk The point is/was, webfusion was an unknown link to me. Given that the standard way to check a link is to see if it links to where it says it links to before you follow it, surely this is bad practice? It is bad practice. The sender should not assume that the receipient knows that webfusion is related to 123, nor should they expect you to waste your time looking it up. -- (\__/) M. (='.'=) If a man stands in a forest and no woman is around (")_(") is he still wrong? |
#18
Posted to uk.d-i-y
|
|||
|
|||
OT Phishing emails. Am I being too sensitive?
"John Rumm" wrote in message o.uk... On 10/11/2013 22:30, Tim+ wrote: John Rumm wrote: On 10/11/2013 11:34, tim...... wrote: "Mike Barnes" wrote in message ... Tim+ : I got the below email last week and although it did refer to a domain that I own, I didn't like the way that the links to 123reg didn't appear to lead to 123reg. http://www.zen31010.zen.co.uk/Inaccu...%20details.eml In case of doubt it's better to view the plain text version of the message rather than the HTML. If you do that you'll find nothing more suspicious than a missing apostrophe. so the links to unknown third party sites go away in the plain text version, do they? Can't see any links to unknown third party sites... 8 or 9 go to webfusion.com, and one to 123-reg.co.uk The point is/was, webfusion was an unknown link to me. Given that the standard way to check a link is to see if it links to where it says it links to before you follow it, surely this is bad practice? Hence my original comment - yes they were being a bit daft. However they do make the webfusion brand fairly public - most 123-reg pages have "Copyright © 2013 Webfusion Ltd." at the bottom of them for example. but I repeat how is that helpful if the recipient had never heard of webfusion and is likely to have no confidence that they are legitimate. Just because they have a "professional" looking web page adds absolutely nothing to the equation here, because the staring point for a scammer is to have a professional looking web page tim |
#19
Posted to uk.d-i-y
|
|||
|
|||
OT Phishing emails. Am I being too sensitive?
On 11/11/2013 18:13, tim...... wrote:
"John Rumm" wrote in message o.uk... On 10/11/2013 22:30, Tim+ wrote: John Rumm wrote: On 10/11/2013 11:34, tim...... wrote: "Mike Barnes" wrote in message ... Tim+ : I got the below email last week and although it did refer to a domain that I own, I didn't like the way that the links to 123reg didn't appear to lead to 123reg. http://www.zen31010.zen.co.uk/Inaccu...%20details.eml In case of doubt it's better to view the plain text version of the message rather than the HTML. If you do that you'll find nothing more suspicious than a missing apostrophe. so the links to unknown third party sites go away in the plain text version, do they? Can't see any links to unknown third party sites... 8 or 9 go to webfusion.com, and one to 123-reg.co.uk The point is/was, webfusion was an unknown link to me. Given that the standard way to check a link is to see if it links to where it says it links to before you follow it, surely this is bad practice? Hence my original comment - yes they were being a bit daft. However they do make the webfusion brand fairly public - most 123-reg pages have "Copyright © 2013 Webfusion Ltd." at the bottom of them for example. but I repeat There is no need really - I agree with you ;-) how is that helpful if the recipient had never heard of webfusion and is likely to have no confidence that they are legitimate. Just because they have a "professional" looking web page adds absolutely nothing to the equation here, because the staring point for a scammer is to have a professional looking web page Well I was kind of assuming the OP was a 123-reg user and had already visited their pages at least enough times in the past to register and administer their domain. (If they were not they would not have received the email in the first place). -- Cheers, John. /================================================== ===============\ | Internode Ltd - http://www.internode.co.uk | |-----------------------------------------------------------------| | John Rumm - john(at)internode(dot)co(dot)uk | \================================================= ================/ |
#20
Posted to uk.d-i-y
|
|||
|
|||
OT Phishing emails. Am I being too sensitive?
In message , John
Rumm writes On 10/11/2013 22:30, Tim+ wrote: John Rumm wrote: On 10/11/2013 11:34, tim...... wrote: "Mike Barnes" wrote in message ... Tim+ : I got the below email last week and although it did refer to a domain that I own, I didn't like the way that the links to 123reg didn't appear to lead to 123reg. http://www.zen31010.zen.co.uk/Inaccu...egistration%20 In case of doubt it's better to view the plain text version of the message rather than the HTML. If you do that you'll find nothing more suspicious than a missing apostrophe. so the links to unknown third party sites go away in the plain text version, do they? Can't see any links to unknown third party sites... 8 or 9 go to webfusion.com, and one to 123-reg.co.uk The point is/was, webfusion was an unknown link to me. Given that the standard way to check a link is to see if it links to where it says it links to before you follow it, surely this is bad practice? Hence my original comment - yes they were being a bit daft. However they do make the webfusion brand fairly public - most 123-reg pages have "Copyright © 2013 Webfusion Ltd." at the bottom of them for example. Its always wise to check where the links point - after all, if it looks like a kebab shop in poland, then you would be right to smell a rat! Doing as you did (going to the suggested page without using the supplied link is also a sensible way forward. What are you suggesting? That they use rats in kebab shops in Poland? -- bert |
Reply |
Thread Tools | Search this Thread |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Forum | |||
More ado with phishing.. | UK diy | |||
sending emails | Home Ownership | |||
BEWARE! PHishing Expedition! | Metalworking | |||
Phishing from HMRC? OT | UK diy | |||
Way OT Spoof emails | Home Repair |