GoDaddy – providing a safe haven for scammers and cyber criminals

GoDaddy - providing a safe haven for scammers and cyber criminals
You’ve most likely heard of “GoDaddy” – they’re arguably one of the largest domain registrars and hosting providers in the world. Managing over 61 million domains names, over 5,000 employees globally and annual revenues of over $1.6 billion (USD).

All reputable hosting providers have published Terms of Service set out for what is and what isn’t allowed on their services, and have clear reporting routes that you can use to flag up harmful/dangerous content you come across on their services.

GoDaddy is no exception and claim to “take abuse of [their] services very seriously

GoDaddy take abuse of their services very seriously

Whilst many hosting providers only provide a simple abuse@… email address for reporting abuse, GoDaddy have gone a step further and setup a dedicated “Abuse Report Center” where anyone can easily report illegal activity, the exploitation of children, spam, phishing and malware, etc you encounter on websites they host.

GoDaddy - Abuse Report Center

All looks good so far!

In my experience, reputable hosting providers are generally swift to act (and either suspend or terminate the offending website) when you flag up harmful/dangerous content hosted on their networks to their attention.

…but do GoDaddy take action against any of the sites flagged up to them through their “Abuse Report Center”?

It appears not!

Here’s a couple of examples of live scam/phising websites currently hosted by GoDaddy:

monktech-dot-usmonktech(dot)us masquerade as official “customer services” and “technical support” portals for Gmail, Facebook, Hotmail, Microsoft, and Kindle, and purport to be able to help you recover/reset your password of the aforementioned services. This is a scam! This company doesn’t provide official customer service/technical support for these companies – they are simply after one thing; your personal login information! …this is known as “phising”, something prohibited by GoDaddy.

hotmailpasswordreset-dot-comhotmailpasswordreset(dot)com purport to be a “Hotmail Helpline” which “provides support for troubleshooting hotmail related issues like password recovery, hacked accounts or any other serious issues“. Again, this is also a scam! This company doesn’t provide official customer service/technical support for Hotmail, and again are after one thing; your juicy personal login information!

Both of these domains were registered through and are hosted by GoDaddy:

GoDaddy Hosting Scam Sites

Neither of these dangerous scam sites should remain online, as whilst they do unsuspecting users could potentially fall victim to their respective scams.

  • monktech(dot)us was reported to GoDaddy through their “Abuse Report Center” on 21st October 2016 (and again on 8th November 2016)
  • hotmailpasswordreset(dot)com was reported to GoDaddy through their “Abuse Report Center” on 12th December 2016

However at time of writing (22nd December 2016), both scam sites remain online, and GoDaddy have failed to act upon (or even to respond to!) these abuse reports.

Are GoDaddy unwilling to shut down such scam sites as these, and allow them to continue, simply so as not to loose revenue from the scammers behind them who pay GoDaddy to host them?

If GoDaddy can be this complacent about clearly obvious phising/scam sites such as these two examples, and continue to host them, it does make you wonder just how many other sites like these two they’re knowingly hosting? It also makes you wonder that if 2 months after first reporting one of these sites no action has yet been taken… what would happen in the event of a report of something more serious; exploitation of children – would GoDaddy allow these sites to continue online too?!

What are your experiences of submitting abuse reports to hosting providers like GoDaddy?

As a footnote; websites/services offering you help with “account/password recovery” for websites/services other than their own are scams. If you need to recover your account/reset your password for a particular service/site, you should always go directly to the site/service in question and follow instructions there.

UPDATE: 31st July 2017
Over 7 months since I first reported the two scam/phishing sites highlighted in this post, they both remain online and continue to be hosted by GoDaddy. Meanwhile, similar scam/phishing sites are popping up all the time – and guess what, they’re hosted by GoDaddy too!

Here’s another one that’s recently appeared, emailhelpers(dot)us:

GoDaddy hosting for scammers GoDaddy hosting for criminals

I’ve reported this one to GoDaddy today… but don’t hold out much hope that they’ll take any action!

UPDATE: 3rd August 2017
Here’s another one that I’ve just become aware of and reported to GoDaddy, anytimesoftcare(dot)com(dot)au:

Advertisements

One thought on “GoDaddy – providing a safe haven for scammers and cyber criminals

  1. Getting lots of those fake invoice emails from GoDaddys IP ranges today. Google somehow linked me here. Anyway I just wanted to point out that today is July 26th 2017 and both the websites you cite are still up! I guess its a waste of time asking godaddy to stop the crap coming from their servers.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s