This is just a quick PSA to anyone who has a registered domain name, especially through WordPress. I just got a phishing scam email disguised to look like it came from WordPress positing that my contact information used to register for my domain might be wrong and that it’s illegal to use false information.
Basically the idea is to scare you into giving your information.
What tipped me off was that it showed up in the wrong folder, so I immediately checked the email details. Anyone who’s hosted their own website (not through a service like WordPress) would easily see the problem with the email address it came from, help@Wordpress.sawbuck.com. For those not familiar, ignore the first part (help@) it’s just used to distinguish email addresses that are going to the same place, like firstname.lastname@example.org vs email@example.com. (Please let that second one not be real.) The second part is a subdomain and could also be written sawbuck.com/Wordpress, which is clearly NOT from WordPress.com.
Had I not noticed it coming from the wrong address I likely would have gone further, clicking on a link. It wasn’t targeting me, it was targeting the domain to get to me. And I just wasn’t as prepared for that as I am for the fake winner scams or the Nigerian Princes looking to give away their money.
Anyway, I just wanted everyone to know since this felt unusually targeted and it’s not the sort of thing I’ve encountered a lot before. Although similar tactics are used on Facebook a lot for all the fake giveaway pages. (Always check for extra punctuation.)
3 thoughts on “PSA: Phishing Scam via Domain Name”
Oh thanks! That’s good to know…
(maybe a good thing, that I check my emails for the blog like once a month ^^)
Good call and glad you posted about this. Anytime I receive an email from any company dealing with “account” issues I’ve learned to check the actual email address. Saves a lot of worry 😦
LikeLiked by 1 person
Especially if they want you to follow their link or reply to the email. Almost everyone just sends out notification of a problem which you can deal with once you’ve signed in directly.
It’s been a weird morning.
LikeLiked by 1 person