0

Multiple email addresses for my domain have been compromised.

My client forwarded me an old email which he sent me few days ago but I haven't received that email. That email was sent to an email address just like mine but with an O replaced by a zero. So I found out that another domain has been registered just like my domain name.

My client sent an email at the correct address (ceo@rustamtowel.com) but i didn't received that email but scammer (ceo@rustamt0wel.com) received and replied it. Client doesn't know that it was the wrong person and scammer quote him wrong price and client booked an order on that price. How can scammer receive that email from my client which i haven't received?

How can I check that who is involved and be safe for future. Who can be responsible?

  1. My domain registration guy (my domain is using Nameservers for the hosting and no extra setting i believe)
  2. My Web Hosting Company
  3. Someone from My Own Office

Thanks in advance

ali-amir
  • 1
  • 1
  • I have edited out the domain specifics, otherwise this question would be far too localised and closed pretty rapidly. – Rory Alsop Feb 18 '14 at 23:18
  • I suggest rephrasing this question, as a "whodunit" situation is not likely to be helpful to others. I would also add that anyone with ten bucks CAN be responsible, although a company that wants to stay in business is unlikely to take part in such a scam. – KnightOfNi Feb 18 '14 at 23:22
  • @KnightOfNi thanks for your comment. please check i have added new paragraph for my situation. – ali-amir Feb 19 '14 at 07:39
  • OK, thanks. @RoryAlsop as the question has changed a bit you may want to edit your answer accordingly... – KnightOfNi Feb 19 '14 at 16:42
  • Sorry, one more question before I add my answer: have you verified through your customer that the scammer actually received the e-mail sent to you, and that it was actually sent to your e-mail address? If you haven't one of your employees might have looked at your clients and sent one an e-mail himself, and then they just responded. Please check with the recipient that a) the original message they sent was included in the scammer's reply and b) the e-mail they sent was originally directed to YOUR e-mail. – KnightOfNi Feb 19 '14 at 16:50

1 Answers1

1

Any of those 3 could be responsible, or it could be someone entirely different.

You have no way of knowing, and possibly no way of finding out, as the perpetrator may not even be in your country.

I wouldn't think your email address has been compromised though - nothing you have said indicates compromise.

It just looks like a scammer is being clever with domain names.

Rory Alsop
  • 61,367
  • 12
  • 115
  • 320
  • Rory, it IS possible to find out their IP without much difficulty, and thus their (rough) location, but as that is easily changed or spoofed I think you're right. – KnightOfNi Feb 18 '14 at 23:25
  • Never trust an IP address - it may be owned by an innocent. And IP addresses may not be located where they look. – Rory Alsop Feb 18 '14 at 23:36
  • I agree that they are easy to spoof, but most people don't check their e-mails through TOR... I'm not saying it's reliable, but it is an option. Sending multiple e-mails containing media on your webserver to one of their addresses over time could allow you to verify the validity of the IP (based on whether it changes). – KnightOfNi Feb 18 '14 at 23:38
  • @RoryAlsop Thanks for your answer, please change the answer as i have added minor detail to it – ali-amir Feb 19 '14 at 07:41
  • @RoryAlsop is there any way that i can ask domain registrar (tucows) about the person who make the payment for domain. i mean if i go by legal way through engaging an Attorney? – ali-amir Feb 19 '14 at 09:01
  • It may be possible - I'm guessing it would depend on jurisdiction, and it could be that tucows don't have real information, so I'd suggest it may be expensive and possibly ineffective. – Rory Alsop Feb 19 '14 at 09:38