Received apparently phone update for Firefox from OOVODPARKANDSUITES.ORG. Domain registered only yesterday. Security threat?
Found registration info:
Domain Name: OOVODPARKANDSUITES.ORG Domain ID: D189220251-LROR WHOIS Server: Referral URL: http://www.PublicDomainRegistry.com Updated Date: 2016-06-23T15:42:37Z Creation Date: 2016-06-23T15:42:36Z Registry Expiry Date: 2017-06-23T15:42:36Z Sponsoring Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com Sponsoring Registrar IANA ID: 303 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited Domain Status: addPeriod https://icann.org/epp#addPeriod Registrant ID: DI_48587223 Registrant Name: Tommy M. Thompson Registrant Organization: NA Registrant Street: 2030 Wilson Avenue Registrant City: Plano Registrant State/Province: Texas Registrant Postal Code: 75074 Registrant Country: US Registrant Phone: +1.9724772477 Registrant Phone Ext: Registrant Fax: Registrant Fax Ext: Registrant Email: admin@aongeheinz.com Admin ID: DI_48587223 Admin Name: Tommy M. Thompson Admin Organization: NA Admin Street: 2030 Wilson Avenue Admin City: Plano Admin State/Province: Texas Admin Postal Code: 75074 Admin Country: US Admin Phone: +1.9724772477 Admin Phone Ext: Admin Fax: Admin Fax Ext: Admin Email: admin@aongeheinz.com Tech ID: DI_48587223 Tech Name: Tommy M. Thompson Tech Organization: NA Tech Street: 2030 Wilson Avenue Tech City: Plano Tech State/Province: Texas Tech Postal Code: 75074 Tech Country: US Tech Phone: +1.9724772477 Tech Phone Ext: Tech Fax: Tech Fax Ext: Tech Email: admin@aongeheinz.com Name Server: NS1.EUROPEDNS.NET Name Server: NS2.EUROPEDNS.NET DNSSEC: unsigned >>> Last update of WHOIS database: 2016-06-24T18:43:51Z <<<
Усі відповіді (3)
. Whenever you get a message / popup that software / files need to be updated;
DO NOT USE ANY OF THE PROVIDED LINKS
While this may be a legitimate message, it could also be Malware or a Virus. Any time you want or need to check for upgrades, go to the website of the True Owner of the program in question. For example, to check out Firefox, go to https://www.mozilla.org {web link}
You can report such a site at; Google Report Phishing Page {web link} which is the same when done while on site by going to Help > Report Web Forgery
Help us safeguard Mozilla’s trademarks by reporting misuse {web link}
Domain registered only yesterday.
IMO, an indication of being a spammer or purveyor of Malware or viruses. Those types of cockroaches can register and throw up a website one day, "take in" enough people in one day, and then do the same the next day. There's enough naive people or "suckers" out there who fall for their crap for them to make a "living" out of it. Modern day version of a "boiler room" for sales of worthless securities and stocks, But unlike a "boiler room" they can changed their location everyday, because they are using 'virtual' locations, not constrained by geography or fixtures like desks and hard wire phone lines.
I saw this thread early on and thought about removing some of the details but no if this person is going to do websites with this fake Firefox updates to try and trick people into infecting their Windows, then he deserves to get spammed on email and phone#. The phone appears to be a voip #.