Attempting to steal my of my domain name.
I have just received an email today attemptimg to steal my domain name www.cymrumarketing.com or put a virus on my computer.
The person must own www.domainworld.com to set up an email address appertaining to the domain name.
Obviously this person is visiting my site in order to physically fill out my online form.
Here is the email source:
Return-Path: <hello@cymrumarketing.com> Delivered-To: hello@cymrumarketing.com Received: from mx3.pub.mailpod7-cph3.one.com ([10.27.31.13]) by mailstorage11.cst.mailpod7-cph3.one.com with LMTP id SOtuDYx1/182bwAAuBebmg for <hello@cymrumarketing.com>; Wed, 13 Jan 2021 22:34:52 +0000 X-HalOne-Spam: true DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=custmx.one.com; s=20201015; h=content-transfer-encoding:content-type:subject:reply-to:from:to:date: message-id:mime-version:x-halone-refid:x-halone-sa:from:x-halone-sa: x-halone-refid; bh=pxlGG9XBrN12C+0crgPcdw+d94ucLLWYzVsXG2traHQ=; b=YnT5IZgExxdj9xB9RbeitsFmfjOEe9fOHumJJcywYmtqIQFEl+3z1KWhA+dVaP4E+d2DcEnRG1XeG nIubyyLvSd+Rqf1KQOvHiYpl2co1v6widYvKWgHhUDykdMS/OHft+fRIcICgI8B6rb8mTuE07BFszu DpTNgpfcUfiX/yQqnEy9Xhp4nZ5ZfWBtIgwLL4Wl0MbWb5KITsAVaV2qa1BZzO+aEBFCEyWH7gKb5I wAjLMyDT+kpUqaQsGfDw5uNXnyfKkGrMd8zSjQCRtuhyLvvSc+vPAmkalRlKsPUmn9anFk28PTbrEn z2tJ4PxIT9t9CJk/MoT/Frfkhk4iDiA== X-HalOne-SA: 10.3 X-HalOne-RefID: str=0001.0A682F28.5FFED7B8.0037,ss=4,sh,re=0.000,recu=0.000,reip=0.000,cl=4,cld=1,fgs=8 Received: from mailout1-5.pub.mailoutpod1-cph3.one.com (mailout1-5.pub.mailoutpod1-cph3.one.com [193.202.110.150]) by mx3.pub.mailpod7-cph3.one.com (Halon) with ESMTPS id 8cb76b45-55ef-11eb-bb52-506b4b1a9fd0; Wed, 13 Jan 2021 22:34:51 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mailout.one.com; s=cust20200824; h=content-transfer-encoding:content-type:subject:reply-to:from:to:date: message-id:mime-version:from; bh=pxlGG9XBrN12C+0crgPcdw+d94ucLLWYzVsXG2traHQ=; b=WJ2XNYOHH4uI31uy3kBGWZV7PxD+C88aC7dILgoVpPnmzKmY+EpcMzpgXvKHZy93kVHU4eBXKze9F KttUkJ2spJy3zmyb36fKgGnYv2PIMr+91z8JbGodaUqpytbARweF+jbrkzo5G4YFkrMatlR29paxtx fUH7pvedbkNmLd/k74nXfiutcvB/bgNY48+4BD/AIRxBDO9nzBdaESBkN+iYamiUxEeVSSh8+UbSmG J/dH5wrgWCExDEc4+BXsqOFQfgzWaq4awGfxu3vsnqUONPoVcBQATaLIk10+NaoJmv4C+/TCm2ANoA W94fj/Y9wZqcmRjG9dlW11YFWjQ2zgA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cymrumarketing.com; s=20191106; h=content-transfer-encoding:content-type:subject:reply-to:from:to:date: message-id:mime-version:from; bh=pxlGG9XBrN12C+0crgPcdw+d94ucLLWYzVsXG2traHQ=; b=x0vhD62d4mAbHWI01jY/BsiNmOwsLDbXBR+dD0C+3j+LQhjrrwOSMPVPGZeb/1IN2ur9zfuW/mu7Q 0mT9tJ5grw+YuqfTiQTqEleGFTlxxjqpusfc4OaBNFSu5noO6FgAtESyjlK0qLy4EY1P3WJ2MLQCKg BdbyiFShiWz74uekkqWcwcp6vOk+BmCCL1sAYQF5khuQpfCDO75rWnDlj8Emi9g3un143lPUrsVmLS 86DcgmzKyUwokNHGttYnqgSyAQOJrgs+bNyTYqs7VjMmNjnk4iNP87240AwF7BaoR3xVHaHkSxsqfC rQf+z7fT2C+2I7WusIXgafAvdc9qPrA== X-HalOne-ID: 8cb76b45-55ef-11eb-bb52-506b4b1a9fd0 Received: from onecom-formmail1 (customer-nat.pub.webpod9-cph3.one.com [193.202.110.26]) by mailout1.pub.mailoutpod1-cph3.one.com (Halon) with ESMTPSA id 8c884cf8-55ef-11eb-99e9-d0431ea8a29d; Wed, 13 Jan 2021 22:34:50 +0000 (UTC) X-Originating-IP: 179.61.168.15 X-Onecom-RID: 07059d57-0dc5-441d-a45e-bab6e3416331 MIME-Version: 1.0 Message-ID: <1610577290817.26836.73294@formmail1> Date: Wed, 13 Jan 2021 22:34:50 GMT To: <hello@cymrumarketing.com> From: <hello@cymrumarketing.com> Reply-To: <info@domainworld.com> Subject: New message via contact form on cymrumarketing.com - Contact page Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable You received a new message from info@domainworld.com sent via the contact f= orm on cymrumarketing.com. ------------------------------------------------------------------------- Name: Joe Miller Email: info@domainworld.com Message: Notice#: 491343 Date: 2021-01-14 =20 YOUR IMMEDIATE ATTENTION TO THIS MESSAGE IS ABSOLUTELY NECESSARY! YOUR DOMAIN cymrumarketing.com WILL BE TERMINATED WITHIN 24 HOURS We have not received your payment for the renewal of your domain cymrumarke= ting.com We have made several attempts to reach you by phone, to inform you regardin= g the TERMINATION of your domain cymrumarketing.com CLICK HERE FOR SECURE ONLINE PAYMENT: https://yourdomainregistration.ga/?n= =3Dcymrumarketing.com&r=3Da&t=3D1610577289&p=3Dv1 IF WE DO NOT RECEIVE YOUR PAYMENT WITHIN 24 HOURS, YOUR DOMAIN cymrumarketi= ng.com WILL BE TERMINATED CLICK HERE FOR SECURE ONLINE PAYMENT: https://yourdomainregistration.ga/?n= =3Dcymrumarketing.com&r=3Da&t=3D1610577289&p=3Dv1 ACT IMMEDIATELY.=20 The submission notification cymrumarketing.com will EXPIRE WITHIN 24 HOURS = after reception of this email
This person is a parasite, the lowest of the low and I hope karma teaches him or her a lesson. Consider the consequences of your actions, next time you try to steal a domain name or try to ruin someone’s business!
This is the Whois Data.
Registrar Info
Name TUCOWS, INC. Whois Server whois.tucows.com
Referral URL http://tucowsdomains.com Status client
https://icann.org/epp#client
Transfer Prohibited
Transfer Prohibited
client
Update Prohibited
https://icann.org/epp#client
UpdateProhibited
Important Dates Expires
On 2021-04-24
Registered On
1997-04-23
Updated On 2020-12-04
Name Servers ns.domainkeep.com216.40.47.18ns2.domainkeep.com64.98.148.11
Registrar Data
We will display stored WHOIS data for up to 30 days.
refresh
Registrant Contact Information:
Name REDACTED FOR PRIVACY
Organization REDACTED FOR PRIVACY
Address REDACTED FOR PRIVACY
City REDACTED FOR PRIVACY
State / ProvinceCAPostal Code REDACTED FOR PRIVACY
Country US
Phone REDACTED FOR PRIVACY
Fax REDACTED FOR PRIVACY
Administrative Contact Information:
Name REDACTED FOR PRIVACY
Organization REDACTED FOR PRIVACY
Address REDACTED FOR PRIVACY
City REDACTED FOR PRIVACY
State / Province CA
Postal Code REDACTED FOR PRIVACY
Country US
Phone REDACTED FOR PRIVACY
Fax REDACTED FOR PRIVACY
Technical Contact Information:
Name REDACTED FOR PRIVACY
Organization REDACTED FOR PRIVACY
Address REDACTED FOR PRIVACY
City REDACTED FOR PRIVACY
State / Province CA
Postal Code REDACTED FOR PRIVACY
Country US
Phone REDACTED FOR PRIVACY
Fax REDACTED FOR PRIVACY
Information Updated: 2021-01-13 03:39:05
FINAL THOUGHTS
With what is going on in the world right now you would think low lifes in this world would learn to be honest and not harm people.
Obviously this individual thinks I am totally stupid and would fall for this scam.
I have done some research and I am not the only person this scumbag has attempted to con.
https://omniworxinc.ca/news/phishing-joemiller-domainworld
https://wedgwoodinsurance.com/blog/cyber-awareness/domain-scam-targets-businesses/
https://www.signal-arnaques.com/en/scam/view/271973
If you get any emails from this individual, ignore or report as phishing, do not press any links or reply.
Angry Is An Understatement To How I Am Feeling Right Now!
To the sender of this email “you reap what you sow”.
Anyone who has any information on this person please contact me.