auDA fake email requesting ID to confirm .au domain ownership

AJW on 21/01/2021 - 11:15
Last edited 21/01/2021 - 11:20 by 1 other user

Hey all, I had a fake email from auDA this morning asking for ID to confirm the ownership of a .com.au domain name. I've had a few clients say they received one yesterday or today, and so others will probably start to receive them too. Some clients have been sent emails where a generic email has been used in the domain registration (so we get the domain spam, not the clients), so it looks like the spammers have followed up on the registration ABN to find the owner and send to them direct in some cases.

The email looks and sounds legit, well worded and has official logos, but it's lacking in official header/footer info. The reply address is a vague resemblance to auDA's URL, so some people will miss spotting the difference (<[email protected]>), and that domain URL re-directs to the auDa website if you do check it. Of course they must be receiving emails from people conned by this.

Just a heads up people :) Email contents pasted below. Link to email screenshot: https://imgur.com/a/ZXCudYM

Greetings.

We would like to inform you that starting from the 10th of January 2021 we are requested to obtain and verify all .au domain name owners information.
You are listed in our database as the owner of xxxxxxxx.com.au domain name.
In order to keep the domain active please reply with the following :

  1. Photo Identification
    A clear, readable, valid and unaltered scanned color copy or photo of one of the following documents:
    • The photo page of your passport.
      or
    • Driver licence (front and back).
  2. A clear, readable, valid and unaltered scanned color copy or photo of your Medicare Card (front and back)

Rest assured that all documents are handled securely in accordance with our data privacy.
We are hoping for your kind understanding and we appreciate your response to this email within 24 hours to avoid the cancellation of your domain.

Looking forward to hearing from you regarding the matter.

Regards,

Jonathan B
auDA.org.au

Internet

Related Stores

auDA
auDA

Comments

  • Hybroid on 21/01/2021 - 11:19
    +1

    https://whois.domaintools.com/auda-domains.com

    Russian 'private person'. Clearly phishing/identity fraud attempt.

    • AJW on 21/01/2021 - 11:31
      +2

      I sent the auDA the info thanks!

  • scotty on 21/01/2021 - 12:40
    +10

    Just received an email contacting OzBargain regarding this post. Another domain owner also received the fake auDA scam email, was about to scan and send the ID. Fortunately he also googled and found this very forum post on OzBargain, which helped him to avoid the scam.

    Good job for notifying the public.

    • AJW on 21/01/2021 - 12:55

      YAY for me and ozbargain's SEO :) glad it it helps one person, and it got me out of 30 minutes work too

      Seriously, I only posted because this was the first email scam that I had personally nearly gone to stage 2 on. Most always an email scam is spotted a mile away, but because this was relevant to me (I was aware of some regulatory changes sent to me as a domain owner recently), the email sounded legit. It was only that it just didn't have enough info to warrant a huge request like your ID with address and signature.

      And yes, I get tons of the register your trademark now because some guy in China is buying all your domain name suffixes, so buy them before they do !!!1!!!1
      This one was different and a better executed than the every day stuff.

  • steven6 on 21/01/2021 - 12:54

    Have you heard of scammer.info ? It's a website where people post information just like you have posted here. I can post this information on scammer.info if you don't want to create an account?

    Will also send some d1ck pics to [email protected] lol

    • AJW on 21/01/2021 - 12:58

      feel free to post it thanks - auDA was aware but said:
      Please be advised that auDA did not send any email requesting photo identification and please proceed with reporting this instance to the Australian Cyber Security Centre (cyber.gov.au/report).
      So i will do that just to finish up.

      And mention auDA and Please confirm xxxxx.com.au domain name ownership email and email spam beware another time for good old SEO

      • steven6 on 21/01/2021 - 13:41

        I made the post . ACSC won't do anything, they will just say it's out of their jurisdiction.

        • AJW on 21/01/2021 - 14:59

          Australian Cyber Security Centre also not going to do much, their website says:
          You should NOT use ReportCyber when:
          you have received a scam call and no loss of personal information or money has occurred

  • AustriaBargain on 21/01/2021 - 13:37

    xxxxxxxx.com.au

    Are you running a porn site or something?

    • EightImmortals on 21/01/2021 - 14:24

      Man that's a lot of porn, most porn only has three 'x's

      • AJW on 21/01/2021 - 14:56
        +1

        We target the sophisticated clientele that can count past 3 :)

  • Zerko on 21/01/2021 - 13:37

    I got the email at about 11am too. Thought its was weird as I have a heap of .au domains and didn't get other emails.

    auda-domains.com redirects to auda.org.au, so the domain goes to a legit site, but mail would go to the scammers. Nice ID harvest.

    Cut and pasted the first line of the email into google and got here!

  • ode1online on 21/01/2021 - 13:45

    I got one today aswell

  • MisterX on 21/01/2021 - 14:51
    +1

    Just got an email from this Jonathan B from Auda too. Glad ozbargain has confirmed it for me that it's a scam.

  • This Void on 21/01/2021 - 16:52
    +1

    Got a couple of these for my .com.au domains, checked on the auda website and there is a blog entry now regarding this scam.

  • timmof on 25/01/2021 - 20:55

    Come for the bargains, stay for the sec warnings. Thanks for this. Two thumbs up.

Login or Join to leave a comment
Login Join