Pretty decent phishing scam attempt warning of Sonic disk over-quota

General discussions and other topics.
4 posts Page 1 of 1
by oddhack » Thu Aug 12, 2021 8:24 am
I just received a pretty authentic-looking email warning me that I was about to exceed my 5GB disk quota and be charged $52.50 for it. This obviously wasn't true since I'm an email customer, but the scam was well done - purportedly from 'srae @sonic.net', the email headers look authentic unless you look very closely at the IP addresses (eventually leading back to 64.142.111.50). The URL hiding isn't quite as well done and what superficially looks like a Sonic link actually directs to (full URL elided) arkolors .com .

I don't expect Sonic to do anything about this, but it would sure be nice if you could check it out and blackhole their domain. It appears to be some bogus business in Peru.
by dane » Thu Aug 12, 2021 8:35 am
The team here is locking and contacting the customer accounts here that are being used to send these, and we’ve blocked the harvest domain in our DNS. It’s not complete mitigation, but should help.
Dane Jasper
Sonic
by felix » Thu Aug 12, 2021 3:25 pm
They kinda had me going until they stepped it up with a disputed payment notice a little while ago causing me to immediately log into my account to find it's all bull%$#.
by oddhack » Fri Aug 13, 2021 5:23 am
This appears to be a systematic attack on the Sonic customer base - just got another one from 'brumby @sonic.net' directing to neivoberaldin .com (which motivated me to change account password and turn on 2FA, so that's good).
4 posts Page 1 of 1

Who is online

In total there are 5 users online :: 1 registered, 0 hidden and 4 guests (based on users active over the past 5 minutes)
Most users ever online was 999 on Mon May 10, 2021 1:02 am

Users browsing this forum: Bing [Bot] and 4 guests