Here's the (long) story:
I signed up to be a listener at an AM sport radio station so I could stream their broadcast online. Less than a week later, I receive an email claiming to be from that radio station's program director. It's obvious right away it is a phishing email - and not even a good one. The logo is pixelated, the address isn't right, and the link they offer doesn't go where it claims, according to "View Source".
I look at the header, and see the website is something.something.yimg.com. So I do a WHOIS search, and find this...
| quote | Whois lookup for yimg.com.
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered with many different competing registrars. Go to http://www.internic.net for detailed information.
Domain Name: YIMG.COM Registrar: EMARKMONITOR INC. DBA MARKMONITOR Whois Server: whois.markmonitor.com Referral URL: http://www.markmonitor.com Name Server: NS5.YAHOO.COM Name Server: NS4.YAHOO.COM Name Server: NS3.YAHOO.COM Name Server: NS2.YAHOO.COM Name Server: NS1.YAHOO.COM Status: REGISTRAR-LOCK EPP Status: clientDeleteProhibited EPP Status: clientUpdateProhibited EPP Status: clientTransferProhibited Updated Date: 22-Jul-2005 Creation Date: 13-May-1997 Expiration Date: 14-May-2012
>>> Last update of whois database: Thu, 19 Oct 2006 21:21:51 EDT <<<
MarkMonitor.com - The Leader in Corporate Domain Management ---------------------------------------------------------- For Global Domain Consolidation, Research & Intelligence, and Enterprise DNS, go to: www.markmonitor.com ----------------------------------------------------------
The Data in MarkMonitor.com's WHOIS database is provided by MarkMonitor.com for information purposes, and to assist persons in obtaining information about or related to a domain name registration record. MarkMonitor.com does not guarantee its accuracy. By submitting a WHOIS query, you agree that you will use this Data only for lawful purposes and that, under no circumstances will you use this Data to: (1) allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via e-mail (spam); or (2) enable high volume, automated, electronic processes that apply to MarkMonitor.com (or its systems). MarkMonitor.com reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy.
Registrant: Yahoo! Inc. (DOM-273003) 701 First Avenue Sunnyvale CA 94089 US
Domain Name: yimg.com
Registrar Name: Markmonitor.com Registrar Whois: whois.markmonitor.com Registrar Homepage: http://www.markmonitor.com
Administrative Contact: Domain Administrator (NIC-1382062) Yahoo! Inc. 701 First Avenue Sunnyvale CA 94089 US domainadmin@yahoo-inc.com +1.4083493300 Fax- +1.4083493301 Technical Contact, Zone Contact: Domain Administrator (NIC-1372925) Yahoo! Inc. 701 First Avenue Sunnyvale CA 94089 US domainadmin@yahoo-inc.com +1.4083493300 Fax- +1.4083493301
Created on..............: 1997-May-14. Expires on..............: 2012-May-15. Record last updated on..: 2006-May-17 11:10:55.
Domain servers in listed order:
NS1.YAHOO.COM NS5.YAHOO.COM NS2.YAHOO.COM NS3.YAHOO.COM NS4.YAHOO.COM
MarkMonitor.com - The Leader in Corporate Domain Management ---------------------------------------------------------- For Global Domain Consolidation, Research & Intelligence, and Enterprise DNS, go to: www.markmonitor.com ---------------------------------------------------------- |
|
I usually report phishing emails to the domains they come from, if those domains are yahoo.com, google.com, etc. abuse@yahoo.com for example. However, in this case, I'm not sure. I could just delete it, but this kind of thing irritates me.
I did email the radio station and warn them that they might have a security problem since the phishers had my info in less than a week.
So what do you think I should do?
------------------