ventra_ip_email_phishing_scam

Ventra IP Email Phishing Scam

Dozens of domain investors have recently contacted us to let us know they are receiving hundreds of “Ventra IP” phishing scam emails.

Although these emails look obviously fake to professional domain investors, and not from the real Ventra IP domain company, there may be hundreds of small business owners clicking on the phishing links and handing over their username and password to the scammers.

From our research today, this is the series of events and URLs that occur in sequence as part of the phishing scam.

First, you (or your admin team or domain agent) receive the following fishy-looking email:

Below you will see, if we hover over the “Support” FROM FIELD, the email comes from: “RandomNumbers@calacatta.it” and not from the real “VentraIP.com.au” URL.

If we then hover over the phishing link, you can see it redirects to “sportsball.co.uk”

You should NOT click on the link, but we will show you what happens below if you do.

In the meantime, if we go directly to “sportsball.co.uk” you can see it is a legitimate “Sports Ball” website in the UK, however the website is NOT SECURE and it looks like the owners of this domain name and website have been HACKED by the phishers/scammers to do their dirty work on their website and brand.

Meanwhile, we decided to click on the phishing link to show you what happens next.

We clicked on the following link:

and this is what happened next…

We were taken to the following page:

“gardengames.co.uk” appears to be another domain name and website that has been hacked by these phishers/scammers.

We then entered the Captcha Numbers to see what they had planned next…

And low and behold, THIS is where they want to PHISH you, and get you to enter your email address and password:

TO BE CLEAR:

The above is NOT the real Australian Domain Registrar “Ventra IP” but an inpersonator.

If you, or someone managing your domain name, were to enter your email address and password in the above box, you would be giving that information to scammers/thieves and they would then attempt to hijack your domain name with that information from the real Ventra IP and may also try your identity details at various bank accounts and other online services.

Please make sure you share this article around to your own business teams and business friends so they don’t get tricked by these scammers/thieves.

When is the next Assets Show?

Sign up to receive new episodes of The Assets Show in your inbox.

We don’t spam!