Targetting domain owners has been going on for years. There has been numerous types of entrapment with scammers getting more inventive .. hoping that domain owners fall for their trick.
A lot of information is held on public records such as RIPE and Nominet which actually aids scammers in looking more authentic by supplying them with valid information about the site. eg valid email contact name and email address. Until fairly recently, a large portion of .co.uk domains had their private information such as real name, home address, home phone no, all available for scammers to see in the Nominet database.
Ive always felt that Nominet disclosed too much information about their co.uk domain owners and far too strict about what they classed as private and trading. Its taken many years for Nominet to reverse their stance on what [private] information they made public, but the problem here is that once information is released on the Internet, then you can never go back and scrub that info for good. Thanks to Nominet scammers could access the full name of domain holders plus a valid email addresses.. together with postal address and phone no. Having this info to hand helps the scammers look more authentic.
Hackers are also very aware that some domain owners use aliases for email addresses. Such domains are easily identifiable by 'hackers' looking at the email addresses used in some of the large hacked databases such as dropbox, myspace, facebook etc. If you have an email address for any of those large breaches in the format of dropbox@mydomain.com & facebook@mydomain.com then they can try their luck against many innocent (and un-hacked) websites. It doesn't take them 2 mins to set up a script to pull out and identify what domain owners think are unique email address. I suspect this method has been used against some members of this forum. Whilst I havent had the unique name I use for this forum disclosed, I have had a couple of my so called unique aliases attempts against sites I know havent been hacked - inc one for my isp forum where I supposed been watching porn from
.
