No GoDaddy Did NOT Have a ‘Massive Power Outage’ Today – Do Not Respond to this Phishing Email!

godaddy power failure phish
Share the knowledge

Website owners and other customers of GoDaddy have received today an email purporting to come from GoDaddy support although actually ‘from’ [email protected], about a ‘massive power’ failure, and asking them to click on the link to verify whether your account was affected. Do NOT click on any link in that email!

godaddy power failure phish

The email reads:

Power Failure Notification

Get New Internet Patrol Articles by Email!


 

Due to a massive power outage at one of our Server Farm, Some users might experience difficulty sending or receiving emails in the last 24 hours.

To help improve on our services follow one of the links below:
Links valid for only 5 hours.
Click the link to verify that your account was affected .

Click the link to verify that your account was not affected .

Please do not reply to this email. Emails sent to this address will not be answered.
Copyright Š 1999-2020 GoDaddy Operating Company, LLC. 14455 N. Hayden Rd, Ste. 219, Scottsdale, AZ 85260 USA. All rights reserved.

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

Of course, this email isn’t from GoDaddy at all, but the scammers have done a passable job of making their email look as if it has really come from GoDaddy.

And that includes not just the letterhead, but also the look and feel of the email (which does have telltale signs if you look closely, such as the Š in “Copyright Š 1999-2020”, and the not-very-well hidden ‘from:’ address of [email protected]

If you were to click on one of the links, this is what you would see:

slimdaddy.tk godaddy phish

That looks pretty realistic, doesn’t it? Especially if you don’t happen to notice the actual website which is hosting this fake site: slimdaddy.tk.

.tk is the top level domain for Tokelau, which is a territory of New Zealand. What distinguishes the administrators of the .tk domain from most others is that they offer free domains to anyone, for any reason (which explains slimdaddy.tk).

dot.tk free domains for all

The email itself was sent out through totaalholding.nl⁩, which is an email provisioning organization HQed (or at least domained) in the Netherlands. They, of course, have no website at their domain, nor any abuse contact listed in their WHOIS info to whom to report this spam.

Now, we don’t yet know exactly who they were targeting – or, put another way, to what list they are sending out this phishing spam. It may be that they are sending to a general list of GoDaddy customers, or it may be that they are sending it to a list of businesses for whom GoDaddy is the registrar.

Regardless, delete it without clicking on any link therein!


Share the knowledge

Leave a Reply

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.