There is an email scam that seems to pop up every couple years. The sender poses as a Chinese registrar company and attempts to convince the receiver that a company is trying to register variations of the receiver’s domain name.
Here is an example:
Subject line: It's very urgent, please transfer this message to your CEO. Thanks
We are the domain registration and solution center in China. On Oct 24, 2019, we received an application from Kangwei Ltd requested "conceptdigitalmedia" as their internet keyword and China (CN) domain names (conceptdigitalmedia.cn, conceptdigitalmedia.com.cn, conceptdigitalmedia.net.cn, conceptdigitalmedia.org.cn). But after checking it, we find this name conflict with your company name or trademark. In order to deal with this matter better, it's necessary to send this message to your company and confirm whether this company is your distributor or business partner in China?
Best Regards
***************************************
Adrian Liu | Service & Operations Manager China Registry (Head Office) | 6012, Xingdi Building, No. 1698 Yishan Road, Shanghai 201103, China
Tel: +86-02164193517 | Fax: +86-02164198327 | Mob: +86-13816428671
Email: adrian @ chinaregistry .org .cn
Web: www. chinaregistry. org. cn
***************************************
It might look like a legitimate domain name registry, but it is not.
This fake site sends out thousands of emails every month to scam business owners into sending money to secure a domain name.
These emails tell you to act quickly to protect your domain name. They claim a Chinese company is attempting to register your domain name with the .cn extension. For a fee, the company will prevent this from happening.
Responding to these emails will only result in exorbitant prices for your own domain name.
In addition to seeking money, the purpose of the scam is to gather more specific information about your company and in order to commence a targeted attack.
What to do if you receive this email?
If you get one of these emails, send it to your company’s IT department for evaluation, and then delete it. And Remember the three key anti-phishing rules:
1. If you receive an email from out of the blue, never click on a link or attachment.
2. If you receive an email from someone you know, but it includes an attachment that you were not expecting to receive, call the sender to confirm it came from the sender and not a hacker.
3. Finally, if you forget rules 1 and 2 and click on something which opens a dialog box asking you to supply additional information—or click on something to enable a later software version or to open a zip file—close it immediately and call your company’s IT department to have a scan run on your computer.
Never under any circumstance provide information about your company or yourself to someone you don't know, regardless of the form in which the request is made (email, text, or phone call). What may seem like innocuous information can be used by hackers to develop a strategy to target you or your company.