The scammers and phishers have outsone themselves with an extremely credible phishing email that appears to come from GoDaddy. It's a work of art- no misspelled words, images drawn directly from GoDaddy's servers, a believable "From:" address, and none of the obvious hallmarks of your typical phishing email. And it's fooled quite a few people who have an account with GoDaddy so far.
Gotta hand it to the folks who put this fake email together- it's slick and polished to the limit. The only obvious giveaway is that most (but not all) of the links don't go to GoDaddy. They point to "hxxp://dextersss-com-ua.1gb.ua/zzx.htm" (URL intentionally crippled, DO NOT FOLLOW).
Here's a screen grab…looks authentic, doesn't it?
After a little detective work, it turns out that the URL redirects you one or more times so you end up on a Canadian pharmacy site. It may also serve malware (in fact, it would be surprising if it didn't). Aside from hovering over the links, the only way to tell that it’s fake is to view the header or source code of the email, in which case you’ll see that it’s not really from Godaddy.
It almost fooled me, as I have a number of domains registered at GoDaddy and the occasional renewal email is not unexpected. But the domains and amounts were way off- so much so that they were panic inducing, which almost made me click one of the links. Almost.
GoDaddy immediately put up a messge on their incoming phone system so that no matter what number you called, you got a warning about the phishing email. Kudos to GoDaddy for that. But you have to wonder just how many people reflexively clicked first before checking it out. Hundreds? Thousands?
Yep, the scammers are getting better. It used to be that phishing emails were laughably pathetic, with all sorts of spelling and presentation errors. But if this one is any sign of what's to come, the game has just been raised to a whole new level.