We received an email today stating that our domain was being cancelled as the WHOIS information was not correct. Here is a except of the email:
On Sat, 1 Nov 2008 08:04:38 +0200 we received a third party complaint of invalid domain contact information in the Whois database for this domain. Whenever we receive a complaint, we are required by ICANN regulations to initiate an investigation as to whether the contact data displaying in the Whois database is valid data or not. If we find that there is invalid or missing data, we contact both the registration and the account holder and inform them to update the information.
The contact information for the domain which displayed in the Whois database was indeed invalid. On Sat, 1 Nov 2008 08:04:38 +0200 we sent a notice to you at the admin/tech contact email address and the account email address informing you of invalid data in breach of the domain registration agreement and advising you to update the information or risk cancellation of the domain. The contact information was not updated within the specified period of time and we canceled the domain. The domain has subsequently been purchased by another party. You will need to contact them for any further inquiries regarding the domain.
PLEASE VERIFY YOUR CONTACT INFORMATION – http://www.enom.com.ssl45.mobi
If you find any invalid contact information for this domain, please respond to this email with evidence of the specific contact information you have found to be invalid on the Whois record for the domain name. Examples would be a bounced email or returned postal mail. If you have a bounced email, please attach or forward with your reply or in the case of returned postal mail, scan the returned letter and attach to your email reply or please send it to:
Attn: Domain Services
14455 N Hayden Rd
Scottsdale, AZ 85260
LINK TO CHANGE INFORMATION – http://www.enom.com.ssl48.mobi
At first glance this looks serious. But if you receive something like this, ask yourself the following questions:
1. If my contact information is out of date, why are they sending an email?
2. Which domain? The email does not state a domain – it assumes that most people may just own one.
3. Who are they? Check the URL – their website is actually ssl48.mobi and not related to enom.com (one of many domain name registrars) in any way. The whole www.enom.com is just a subdomain of ssl48.mobi.
Replying to such an email, or providing your personal information, could actually result in you inadvertently handing your domain over to the phishers.
This is how most people are tricked by email phishers – they do not understand how domains are structured, and as soon as they see a familiar name with a .com after it, they think that it is genuine.
Fortunately there is already a warning on ssl48.mobi, if you have some good anti-phishing software installed, so your browser should not open the link. But this is not always the case.
Take care, always double check a mail, and if in doubt, make a phone call you you registrar. If they do not accept phone calls, move!