At Reflex – ESET Ireland we received quite a few relatively official-looking scam emails recently referring to “domain registration”. Here’s a typical one:
All Irish companies receiving such mail should know this is a scam. The idea is to get you to register the name that the ‘other company wants to register’, obviously at a fee. We’ve seen these sort of scams appearing as far back as 2004.
ESET expert Aryeh Goretsky explains in more detail:
How does the actual scam work? If I were to reply to the above message, the organisation behind the scam would notify me that unless I register my domain names with them for a fee, they will be given to the other party. I might even have to participate in a fake bidding war against the imaginary company trying to register my domain names. If I ask for the contact information for the company trying to register my domains, I will be told it cannot be given out “for privacy reasons.” And, of course, since it is a fictitious company name, I will not be able to find it by searching on it.
All in all, it’s a simple way for a scammer to take someone’s money: They don’t have to write any malicious software, hack into any systems or have any technical expertise beyond running a real domain registration business. They simply use social engineering techniques to trick you into registering domains with them that you do not need, do not use and no one else is buying, either.
The difficulty of combating social engineering is that it attacks people instead of computers. By far, the most effective countermeasure against such scams is to educate yourself about how they work, and if you come across them in the future, to simply ignore them. These scammers prey on the unwitting by making their sales pitches sound like a legitimate business communication. As soon as you understand what their scam is, you can defend against them using the best means possible: The delete button.
For Aryeh’s full blog post, go here: http://blog.eset.com/2012/07/24/asia-domain-name-scams-still-going-strong,