Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


kingdragonfly

7003 posts

Uber Geek


#251310 18-Jun-2019 16:26
Send private message

I got a phishing email with a fake ANZ banking website. I forwarded it to ANZ.

I also forwarded it to the domain provider, iwantmyname.com, who runs their office in Wellington. This was their response.

Regarding "We have notified the customer of the complaint," I assume the customer is the crooks. I only hope they removed my signature from my forwarded email.

Is the following response correct?

----------------------------------------

Hello,

Thanks for getting in touch about *********.co.nz. Unfortunately, there is not much we can do on our end regarding the content of a site under a domain name, even when registered with us.

We don't provide hosting, so no site content, email, etc. is hosted with us.

As a reseller of an ICANN accredited registrar, we are authorized to only suspend a domain name if we receive instructions by authorized parties (e.g. ICANN, domain name registries, or legal court orders). This usually only happens if a domain name infringes on the trademark or naming rights of a third party.

We have notified the customer of the complaint, and will forward any response within 48 hours.

Because the root of the issue is the site's content, rather than the domain itself, it would be advisable to address your complaint to the site's author, or to the applicable Internet Service Provider (hosting provider of the website itself, not the domain name registrar).

If you believe the content is of an illegal nature, you should contact an appropriate law enforcement agency (which will vary depending on jurisdiction), or consult an attorney for legal advice.

We often find that because domain names are inexpensive and can be registered quickly, closing the domain itself is only a temporary solution for eliminating content. The best fix here is to stop the content at the source.

If you have any other questions, let us know.
Cheers,
Cheers,

https://iwantmyname.com


View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
Affiliate link
 
 
 

Affiliate link: NordVPN allows you to securely access the Internet, encrypt your connection and keep your browsing history private.
richms
25143 posts

Uber Geek

Trusted
Subscriber

  #2260408 18-Jun-2019 16:49
Send private message

Would you like a registrar being able to suspend a domain because they dont like your content on the site?

 

The way it works is fine. Complain to the right place about it and they may get the domain pulled.





Richard rich.ms

CYaBro
3802 posts

Uber Geek

ID Verified
Subscriber

  #2260409 18-Jun-2019 16:49
Send private message

More than likely the person/business that own the domain name and website don't even know about it as their site has probably been hacked.

 

 


kingdragonfly

7003 posts

Uber Geek


  #2260414 18-Jun-2019 16:59
Send private message

The domain name was an intentional misspelling of ANZ, so if you weren't paying attention, you could be fooled.

I'm not a ANZ customer, so it was blindingly obvious to me.

The phishing email also said It said "Dear customer", without using my name.

Given how many times corporations like Equifax get their complete customer databases hacked, I wouldn't be surprised by a phisher knowing all my details.

I know there's a bunch of system admins out there who don't patch their public internet sites, get hacked, and have malicious code inserted, but this wasn't one of them.



mattwnz
18642 posts

Uber Geek


  #2260417 18-Jun-2019 17:03
Send private message

Shouldn't you contact the DNC about any concerns? www.dnc.org.nz 

 

The thing about nz domains, is the domain registrant can transfer them instantly and free at any time between different providers, so the domain provider today, may not be the provider tomorrow..


freitasm
BDFL - Memuneh
73949 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #2260419 18-Jun-2019 17:05
Send private message

CYaBro:

 

More than likely the person/business that own the domain name and website don't even know about it as their site has probably been hacked.

 

 

This is a likely scenario.





Are you happy with Geekzone? Consider subscribing or making a donation.

 

 

 

freitasm on Keybase | My technology disclosure 

 

These links are referral codes: Sharesies | Mighty Ape | Norton 360 | Lenovo laptops | GoodsyncGeekzone Blockchain Project


kingdragonfly

7003 posts

Uber Geek


  #2260427 18-Jun-2019 17:34
Send private message

mattwnz:

Shouldn't you contact the DNC about any concerns? www.dnc.org.nz 


The thing about nz domains, is the domain registrant can transfer them instantly and free at any time between different providers, so the domain provider today, may not be the provider tomorrow..



When I read your post, I thought you were talking about the Democratic National Committee.

I couldn't find anything on the DNC website about phishing beyond repeated complaints by the New Zealand Bankers’ Association. Definitely couldn't find an abuse email address.

https://www.dnc.org.nz/node/1494

So besides forwarding it to the company being imitated, in this case ANZ, anything else I could do to be helpful?

perhaps Netsafe scam report???

https://report.netsafe.org.nz/hc/en-au/requests/new?ticket_form_id=360000024755

I keep imagining elderly victims getting conned.


richms
25143 posts

Uber Geek

Trusted
Subscriber

  #2260428 18-Jun-2019 17:37
Send private message

I'd tell cert too. They have a reporting tool which isnt _too_ annoying to use for things.





Richard rich.ms



BarTender
3409 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #2260429 18-Jun-2019 17:42
Send private message

Bet you anything they are hosted behind Cloudflare too, and don't bother reporting to Cloudflare's abuse as they will just forward all your details to the site and absolve themselves of any responsibility.





and


CYaBro
3802 posts

Uber Geek

ID Verified
Subscriber

  #2260547 18-Jun-2019 22:12
Send private message

BarTender:

 

Bet you anything they are hosted behind Cloudflare too, and don't bother reporting to Cloudflare's abuse as they will just forward all your details to the site and absolve themselves of any responsibility.

 

 

 

 

And so they should. They're not the internet police.


michaelmurfy
/dev/ttys0
10973 posts

Uber Geek

Moderator
ID Verified
Trusted
Lifetime subscriber

  #2260551 18-Jun-2019 22:35
Send private message

With Phishing, the best thing to do is ignore and forward the email (including headers) to the bank in question. ANZ have a dedicated page for this here: https://www.anz.co.nz/banking-with-anz/banking-safely/stay-up-to-date/

 

I know most banks have a team that both looks out for phishing scams, and also closes them down ASAP. Normally what I do if I come across one is report the phishing page to Google (https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en) then just forward it to the bank (if I can actually be bothered), delete, job done.

 

The problem with both domain providers, Cloudflare etc is they will forward your email to the abuse contact or account email address of the domain. This isn't too helpful as it can either target you for Spam, inform the site owners that you're onto them or even get you doxxed. This is the standard response for most infrastructure providers (I get many of these sorts of emails across my domains - most are automated). I don't advise anyone to do that.





Michael Murphy | https://murfy.nz | https://keybase.io/michaelmurfy - Referral Links: Sharesies | Electric Kiwi
Are you happy with what you get from Geekzone? Please consider supporting us by making a donation.


bigalow
502 posts

Ultimate Geek


  #2260613 19-Jun-2019 01:39
Send private message

 iwantmyname.com can do something its on there  t/c

 

https://iwantmyname.com/terms

 

 

 

3.1 Immediate suspension or termination

 

d.if you have acquired a Registered Name or used any Service through fraudulent means or for any fraudulent or illegal purpose.

 

 


kingdragonfly

7003 posts

Uber Geek


  #2260628 19-Jun-2019 07:07
Send private message

michaelmurfy: ... report the phishing page to Google (https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en)...


I didn't know about the google page. Cheers

BarTender
3409 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #2260652 19-Jun-2019 08:36
Send private message

CYaBro:

 

BarTender:

 

Bet you anything they are hosted behind Cloudflare too, and don't bother reporting to Cloudflare's abuse as they will just forward all your details to the site and absolve themselves of any responsibility.

 

 

And so they should. They're not the internet police.

 

 

Any yet having an acceptable use policy and actually enforcing it is some sort of affront to the "free speech" of the internet. The terrorists and revenge porn sites fully agree with you.





and


CYaBro
3802 posts

Uber Geek

ID Verified
Subscriber

  #2260958 19-Jun-2019 16:06
Send private message

BarTender:

 

CYaBro:

 

BarTender:

 

Bet you anything they are hosted behind Cloudflare too, and don't bother reporting to Cloudflare's abuse as they will just forward all your details to the site and absolve themselves of any responsibility.

 

 

And so they should. They're not the internet police.

 

 

Any yet having an acceptable use policy and actually enforcing it is some sort of affront to the "free speech" of the internet. The terrorists and revenge porn sites fully agree with you.

 

 

There are proper channels to go through to get illegal sites taken down.


BarTender
3409 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #2260967 19-Jun-2019 16:43
Send private message

CYaBro:

 

BarTender:

 

CYaBro:

 

BarTender:

 

Bet you anything they are hosted behind Cloudflare too, and don't bother reporting to Cloudflare's abuse as they will just forward all your details to the site and absolve themselves of any responsibility.

 

 

And so they should. They're not the internet police.

 

 

Any yet having an acceptable use policy and actually enforcing it is some sort of affront to the "free speech" of the internet. The terrorists and revenge porn sites fully agree with you.

 

 

There are proper channels to go through to get illegal sites taken down.

 

 

Yes, and those channels via Cloudflare involve your information begin forwarded to the provider and often being doxed. What is illegal in one country may not be in another.

 

And again, you are in good company with the terrorists and revenge porn sites, they want free speech too and don't want Cloudflare to be the internet police.





and


 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

D-Link G415 4G Smart Router Review
Posted 27-Jun-2022 17:24


New Zealand Video Game Sales Reaches $540 Million
Posted 26-Jun-2022 14:49


Github Copilot Generally Available to All Developers
Posted 26-Jun-2022 14:37


Logitech G Introduces the New Astro A10 Headset
Posted 26-Jun-2022 14:20


Fitbit introduces Sleep Profiles
Posted 26-Jun-2022 14:11


Synology Introduces FlashStation FS3410
Posted 26-Jun-2022 14:04


Intel Arc A380 Graphics First Available in China
Posted 15-Jun-2022 17:08


JBL Introduces PartyBox Encore Essential Speaker
Posted 15-Jun-2022 17:05


New TVNZ+ streaming brand launches
Posted 13-Jun-2022 08:35


Chromecast With Google TV Review
Posted 10-Jun-2022 17:10


Xbox Gaming on Your Samsung Smart TV No Console Required
Posted 10-Jun-2022 00:01


Xbox Cloud Gaming Now Available in New Zealand
Posted 10-Jun-2022 00:01


HP Envy Inspire 7900e Review
Posted 9-Jun-2022 20:31


Philips Hue Starter Kit Review
Posted 4-Jun-2022 11:10


Sony Expands Its Wireless Speaker X-series Range
Posted 4-Jun-2022 10:25









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.