You may have heard that many high-profile domain registrars are being targeted by a massive phishing attack against domain owners.
We have received reports that some of those attacks are using EPAG and Tucows branded emails to target some of our resellers and possibly end users all over the world. The fraudulent emails claim that a particular domain name has been suspended and ask users to click a link. Email addresses such as domainabuse@tucows.com.org, legal@tucows.com.it, legal@tucows.com.q7.ubermutant.net, and legal@tucows.com.em are being used as “From” and “Reply-to” addresses.
We are asking all resellers to be extra vigilant of these fraudulent suspension notices. In case you or your end users receive an email from one of these email addresses:
- Do not click any links
- Do not reply to the email
- Do not call any phone numbers listed within the email
In order to help mitigate possible phishing attacks against EPAG customers, we have updated the Registrant Verification emails so that the registrant name or organization name is now displayed in the email text. All emails sent as of October 29th 11:00 UTC will include the registrant name listed in the registrant contact being validated.
We strongly encourage all resellers to communicate this information to their end users. If you have any questions or concerns about this issue, don’t hesitate to contact our support team at support@epag.de.
