[Update: …and the real Network Solutions sent out notices warning about the scam today, which suggests it was pretty well-distributed]
[Update: already another one today, to a completely different address, also not associated with any domain registrations. This one came from a German IP address that’s pretending to be Yahoo, with disguised links leading to a different Russia-based domain owned by the same “Shestakov Yuriy”, through yet another Chinese registrar. Long ago, I set up a special filter rule for anything coming from a .biz domain; I think it’s time to apply the same rule to any mention of the TLD, in email or browser windows]
This is one of the more transparent scam emails I’ve seen recently.
I figure 5% of what they send out will slip past spam filters, 5% of the people who see it will click the link, and 1% of those will be stupid enough to enter the information necessary to have their identities stolen. If they sent out 100,000, that’s two identity thefts. And they probably sent out a lot more than 100,000.
From: "networksolutions.com Tech Support"
To: <email@example.com> Subject: Your domain is expired today! Date: Thu, 30 Oct 2008 15:35:57 +0200 Dear Network Solutions Customer, We recently notified you that the registration period for your Network Solutions domain name had expired. As a benefit of having previously registered a domain name(s) with Network Solutions, you are eligible to receive a percentage of the net proceeds that were generated from the renewal and transfer of the domain name you chose not to renew. Since you have chosen not to renew the domain name listed below during the applicable grace period, we were successful in securing a backorder for this domain name on your behalf and it has been transferred to another party in accordance with the Service Agreement. Renew your domain now - http://www.networksolutions.com.sys62.biz You must click on the following link, enter your domain name, and confirm your contact information in order to claim these funds. If your contact information is not correct, you must enter Account Manager and make the appropriate changes prior to clicking "submit" from the confirmation screen. If you do not do this, you will be confirming inaccurate information and will not receive any payment. Checks will only be made payable and mailed to the Account Holder of record. Sincerely, Network Solutions® Customer Support