Website owners and other customers of GoDaddy have received today an email purporting to come from GoDaddy support although actually ‘from’ info@ed-vision.com, about a ‘massive power’ failure, and asking them to click on the link to verify whether your account was affected. Do NOT click on any link in that email!
The email reads:
Power Failure Notification
Due to a massive power outage at one of our Server Farm, Some users might experience difficulty sending or receiving emails in the last 24 hours.
The Internet Patrol is completely free, and we don't subject you to ads or annoying video pop-ups. But it does cost us out of our pocket to keep the site going (going on 20 years now!) So your tips via CashApp, Venmo, or Paypal are VERY appreciated! Receipts will come from ISIPP.
CashApp us
Venmo us
Paypal us
To help improve on our services follow one of the links below:
Links valid for only 5 hours.
Click the link to verify that your account was affected .
Click the link to verify that your account was not affected .
Please do not reply to this email. Emails sent to this address will not be answered.
Copyright Š 1999-2020 GoDaddy Operating Company, LLC. 14455 N. Hayden Rd, Ste. 219, Scottsdale, AZ 85260 USA. All rights reserved.
Of course, this email isn’t from GoDaddy at all, but the scammers have done a passable job of making their email look as if it has really come from GoDaddy.
And that includes not just the letterhead, but also the look and feel of the email (which does have telltale signs if you look closely, such as the Š in “Copyright Š 1999-2020”, and the not-very-well hidden ‘from:’ address of info@ed-vision.com.
If you were to click on one of the links, this is what you would see:
That looks pretty realistic, doesn’t it? Especially if you don’t happen to notice the actual website which is hosting this fake site: slimdaddy.tk.
.tk is the top level domain for Tokelau, which is a territory of New Zealand. What distinguishes the administrators of the .tk domain from most others is that they offer free domains to anyone, for any reason (which explains slimdaddy.tk).
The email itself was sent out through totaalholding.nl, which is an email provisioning organization HQed (or at least domained) in the Netherlands. They, of course, have no website at their domain, nor any abuse contact listed in their WHOIS info to whom to report this spam.
Now, we don’t yet know exactly who they were targeting – or, put another way, to what list they are sending out this phishing spam. It may be that they are sending to a general list of GoDaddy customers, or it may be that they are sending it to a list of businesses for whom GoDaddy is the registrar.
Regardless, delete it without clicking on any link therein!
The Internet Patrol is completely free, and we don't subject you to ads or annoying video pop-ups. But it does cost us out of our pocket to keep the site going (going on 20 years now!) So your tips via CashApp, Venmo, or Paypal are appreciated!
Receipts will come from ISIPP.
CashApp us
Venmo us
Paypal us
