Attempted hack on website (beware phishing attempts)

  • I have received a phishing email in very good (can't say it's "perfect") Dutch on both the 2nd of May and 3rd of May. It claimed to be from a hosting service called TransIP, and said that the domain name was about to expire and ought to be renewed through Domain Renewal. It then offered a link that should be clicked to log in, which does not lead to the actual TransIP website, but a fake, where you're supposed to be able to log in and then pay in order to supposedly keep the domain name.

    It is interesting to me that in over 10 years of being active in the SWBF2 community, I have never before had an email such as this - not even during the times of 327SC, when there surely was more at stake. Like, an actual active forum, for one. This forum is inactive af, and yet, someone or some people apparently still deem it worth going through the trouble of conjuring up a very specifically targeted phishing email, along with a proper fake login for which they might've even used a paid service (or, y'know, they're just very chummy with a bunch of people in that industry, I suppose).

    The full contents of the email (English further down):

    Beste klant
    Het is tijd om uw domeinnaam te vernieuwen
    Uw domeinnaam zal verlopen binnen 3 dagen.
    U kan uw domein automatisch verlengen door het aanvragen van een Domain Renewal .
    Klik op de link in deze e-mail om het domein te vernieuwen voor een ander jaar . U zou uw domeinnaam zo > spoedig mogelijk moeten verlengen opdat het in uw naam blijft geregistreerd .
    Klik hier als u uw domein wil vernieuwen:[dot]com/
    Zodra wij uw betaling hebben ontvangen , zult u een bevestiging ontvangen dat uw domein verlengd is.
    Wij danken u voor uw vertrouwen.
    Met vriendelijke groeten,

    In English, that would be:

    Dear customer
    It is time to renew your domain name
    Your domain name will expire in 3 days.
    You can automatically renew your domain by requesting Domain Renewal.

    Click the link in this email to renew the domain for another year. You should renew your name as soon as possible so that it will remain registered under your name.
    Click here if you would like to renew the domain name:[dot]com/
    As soon as we have received your payment, you will receive a confirmation that the domain name has been extended.
    We thank you for your trust.
    Kind regards,

    Please be aware that there apparently are some salty people out there who would like to ruin our website, or worse. The email mentions payment - as such, it seems they are also after personal details and banking information. If you see or hear anything odd, you can of course let me know.

    Never click any dodgy links you might receive - even if you don't log in, other things could still happen. The hostile website could attempt to perform actions on other websites on your behalf that you are still logged into, without your knowing and without you even doing anything (through browser and website exploits/bugs). Or it could gather information about you, like your IP address and browser information. Never click links in emails you don't fully trust. As a general rule: when in doubt, don't click it. If you are worried (emails usually claim speedy action is required), contact any such organisation directly instead of contacting them through links or reply-to's in emails and texts.

    In case anybody is reading this who would like to investigate further, the obvious fake domain mentioned in the emails was loiscarreraabogados [dot] com.


    P.S.: I also couldn't help but think of this lol

Log in to reply


Looks like your connection to Remains of the Republic was lost, please wait while we try to reconnect.