Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


kingdragonfly

11190 posts

Uber Geek

Subscriber

#251310 18-Jun-2019 16:26
Send private message

I got a phishing email with a fake ANZ banking website. I forwarded it to ANZ.

I also forwarded it to the domain provider, iwantmyname.com, who runs their office in Wellington. This was their response.

Regarding "We have notified the customer of the complaint," I assume the customer is the crooks. I only hope they removed my signature from my forwarded email.

Is the following response correct?

----------------------------------------

Hello,

Thanks for getting in touch about *********.co.nz. Unfortunately, there is not much we can do on our end regarding the content of a site under a domain name, even when registered with us.

We don't provide hosting, so no site content, email, etc. is hosted with us.

As a reseller of an ICANN accredited registrar, we are authorized to only suspend a domain name if we receive instructions by authorized parties (e.g. ICANN, domain name registries, or legal court orders). This usually only happens if a domain name infringes on the trademark or naming rights of a third party.

We have notified the customer of the complaint, and will forward any response within 48 hours.

Because the root of the issue is the site's content, rather than the domain itself, it would be advisable to address your complaint to the site's author, or to the applicable Internet Service Provider (hosting provider of the website itself, not the domain name registrar).

If you believe the content is of an illegal nature, you should contact an appropriate law enforcement agency (which will vary depending on jurisdiction), or consult an attorney for legal advice.

We often find that because domain names are inexpensive and can be registered quickly, closing the domain itself is only a temporary solution for eliminating content. The best fix here is to stop the content at the source.

If you have any other questions, let us know.
Cheers,
Cheers,

https://iwantmyname.com


View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
richms
28168 posts

Uber Geek

Trusted
Lifetime subscriber

  #2260408 18-Jun-2019 16:49
Send private message

Would you like a registrar being able to suspend a domain because they dont like your content on the site?

 

The way it works is fine. Complain to the right place about it and they may get the domain pulled.





Richard rich.ms



CYaBro
4582 posts

Uber Geek

ID Verified
Trusted

  #2260409 18-Jun-2019 16:49
Send private message

More than likely the person/business that own the domain name and website don't even know about it as their site has probably been hacked.

 

 





Opinions are my own and not the views of my employer.


kingdragonfly

11190 posts

Uber Geek

Subscriber

  #2260414 18-Jun-2019 16:59
Send private message

The domain name was an intentional misspelling of ANZ, so if you weren't paying attention, you could be fooled.

I'm not a ANZ customer, so it was blindingly obvious to me.

The phishing email also said It said "Dear customer", without using my name.

Given how many times corporations like Equifax get their complete customer databases hacked, I wouldn't be surprised by a phisher knowing all my details.

I know there's a bunch of system admins out there who don't patch their public internet sites, get hacked, and have malicious code inserted, but this wasn't one of them.



mattwnz
20141 posts

Uber Geek


  #2260417 18-Jun-2019 17:03
Send private message

Shouldn't you contact the DNC about any concerns? www.dnc.org.nz 

 

The thing about nz domains, is the domain registrant can transfer them instantly and free at any time between different providers, so the domain provider today, may not be the provider tomorrow..


freitasm
BDFL - Memuneh
79254 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #2260419 18-Jun-2019 17:05
Send private message

CYaBro:

 

More than likely the person/business that own the domain name and website don't even know about it as their site has probably been hacked.

 

 

This is a likely scenario.





Please support Geekzone by subscribing, or using one of our referral links: Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSyncBackblaze backup


kingdragonfly

11190 posts

Uber Geek

Subscriber

  #2260427 18-Jun-2019 17:34
Send private message

mattwnz:

Shouldn't you contact the DNC about any concerns? www.dnc.org.nz 


The thing about nz domains, is the domain registrant can transfer them instantly and free at any time between different providers, so the domain provider today, may not be the provider tomorrow..



When I read your post, I thought you were talking about the Democratic National Committee.

I couldn't find anything on the DNC website about phishing beyond repeated complaints by the New Zealand Bankers’ Association. Definitely couldn't find an abuse email address.

https://www.dnc.org.nz/node/1494

So besides forwarding it to the company being imitated, in this case ANZ, anything else I could do to be helpful?

perhaps Netsafe scam report???

https://report.netsafe.org.nz/hc/en-au/requests/new?ticket_form_id=360000024755

I keep imagining elderly victims getting conned.


richms
28168 posts

Uber Geek

Trusted
Lifetime subscriber

  #2260428 18-Jun-2019 17:37
Send private message

I'd tell cert too. They have a reporting tool which isnt _too_ annoying to use for things.





Richard rich.ms

 
 
 

Cloud spending continues to surge globally, but most organisations haven’t made the changes necessary to maximise the value and cost-efficiency benefits of their cloud investments. Download the whitepaper From Overspend to Advantage now.
BarTender
3606 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #2260429 18-Jun-2019 17:42
Send private message

Bet you anything they are hosted behind Cloudflare too, and don't bother reporting to Cloudflare's abuse as they will just forward all your details to the site and absolve themselves of any responsibility.


CYaBro
4582 posts

Uber Geek

ID Verified
Trusted

  #2260547 18-Jun-2019 22:12
Send private message

BarTender:

 

Bet you anything they are hosted behind Cloudflare too, and don't bother reporting to Cloudflare's abuse as they will just forward all your details to the site and absolve themselves of any responsibility.

 

 

 

 

And so they should. They're not the internet police.





Opinions are my own and not the views of my employer.


michaelmurfy
meow
13240 posts

Uber Geek

Moderator
ID Verified
Trusted
Lifetime subscriber

  #2260551 18-Jun-2019 22:35
Send private message

With Phishing, the best thing to do is ignore and forward the email (including headers) to the bank in question. ANZ have a dedicated page for this here: https://www.anz.co.nz/banking-with-anz/banking-safely/stay-up-to-date/

 

I know most banks have a team that both looks out for phishing scams, and also closes them down ASAP. Normally what I do if I come across one is report the phishing page to Google (https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en) then just forward it to the bank (if I can actually be bothered), delete, job done.

 

The problem with both domain providers, Cloudflare etc is they will forward your email to the abuse contact or account email address of the domain. This isn't too helpful as it can either target you for Spam, inform the site owners that you're onto them or even get you doxxed. This is the standard response for most infrastructure providers (I get many of these sorts of emails across my domains - most are automated). I don't advise anyone to do that.





Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.


bigalow
566 posts

Ultimate Geek


  #2260613 19-Jun-2019 01:39
Send private message

 iwantmyname.com can do something its on there  t/c

 

https://iwantmyname.com/terms

 

 

 

3.1 Immediate suspension or termination

 

d.if you have acquired a Registered Name or used any Service through fraudulent means or for any fraudulent or illegal purpose.

 

 


kingdragonfly

11190 posts

Uber Geek

Subscriber

  #2260628 19-Jun-2019 07:07
Send private message

michaelmurfy: ... report the phishing page to Google (https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en)...


I didn't know about the google page. Cheers

BarTender
3606 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #2260652 19-Jun-2019 08:36
Send private message

CYaBro:

 

BarTender:

 

Bet you anything they are hosted behind Cloudflare too, and don't bother reporting to Cloudflare's abuse as they will just forward all your details to the site and absolve themselves of any responsibility.

 

 

And so they should. They're not the internet police.

 

 

Any yet having an acceptable use policy and actually enforcing it is some sort of affront to the "free speech" of the internet. The terrorists and revenge porn sites fully agree with you.


CYaBro
4582 posts

Uber Geek

ID Verified
Trusted

  #2260958 19-Jun-2019 16:06
Send private message

BarTender:

 

CYaBro:

 

BarTender:

 

Bet you anything they are hosted behind Cloudflare too, and don't bother reporting to Cloudflare's abuse as they will just forward all your details to the site and absolve themselves of any responsibility.

 

 

And so they should. They're not the internet police.

 

 

Any yet having an acceptable use policy and actually enforcing it is some sort of affront to the "free speech" of the internet. The terrorists and revenge porn sites fully agree with you.

 

 

There are proper channels to go through to get illegal sites taken down.





Opinions are my own and not the views of my employer.


BarTender
3606 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #2260967 19-Jun-2019 16:43
Send private message

CYaBro:

 

BarTender:

 

CYaBro:

 

BarTender:

 

Bet you anything they are hosted behind Cloudflare too, and don't bother reporting to Cloudflare's abuse as they will just forward all your details to the site and absolve themselves of any responsibility.

 

 

And so they should. They're not the internet police.

 

 

Any yet having an acceptable use policy and actually enforcing it is some sort of affront to the "free speech" of the internet. The terrorists and revenge porn sites fully agree with you.

 

 

There are proper channels to go through to get illegal sites taken down.

 

 

Yes, and those channels via Cloudflare involve your information begin forwarded to the provider and often being doxed. What is illegal in one country may not be in another.

 

And again, you are in good company with the terrorists and revenge porn sites, they want free speech too and don't want Cloudflare to be the internet police.


 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00


eero Pro 7 Review
Posted 23-Jul-2025 12:07


BeeStation Plus Review
Posted 21-Jul-2025 14:21


eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01


WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32


RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26


Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24


Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05


Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01


Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01


Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22


Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46


Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42


D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34


Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.