MyGov Phishing

Pemmbo · 17. Februar 2020 um 10:26

Hey, recently got this,

although I have the skillset to sufficiently mess with these people, I do not have the time nor the patience for this kind of stuff. They are attempting to steal MyGov information, which is basically the Australian equivalent to attempting to get your social security number, as all your government information is stored on there.

Number: +61490488891
Second Number: +61490340031
Website: https://myatorau.com/?resolve=61713&ID=8136737

please, if you do not know what you are doing, do not attempt to scam bait these people, take proper precautions in order to make sure your own identity is not compromised, etc.

(Side Note: I have not scoped out the website beyond entering fake details in order to confirm it is for phishing.)

Many Thanks,

Nick

grabscammersip · 17. Februar 2020 um 13:57

Bit of info on the site

Domain Name: MYATORAU.COM

Registry Domain ID: 2493170978_DOMAIN_COM-VRSN

Registrar WHOIS Server: whois.publicdomainregistry.com

Registrar URL: www.publicdomainregistry.com

Updated Date: 2020-02-16T16:17:38Z

Creation Date: 2020-02-16T16:17:37Z

Registrar Registration Expiration Date: 2021-02-16T16:17:37Z

Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com

Registrar IANA ID: 303

Domain Status: clientTransferProhibited EPP Status Codes | What Do They Mean, and Why Should I Know? - ICANN

Registry Registrant ID: GDPR Masked

Registrant Name: GDPR Masked

Registrant Organization: GDPR Masked

Registrant Street: GDPR Masked

Registrant City: GDPR Masked

Registrant State/Province: Hamburg

Registrant Postal Code: GDPR Masked

Registrant Country: DE

Registrant Phone: GDPR Masked

Registrant Phone Ext:

Registrant Fax: GDPR Masked

Registrant Fax Ext:

Registrant Email:

Registry Admin ID: GDPR Masked

Admin Name: GDPR Masked

Admin Organization: GDPR Masked

Admin Street: GDPR Masked

Admin City: GDPR Masked

Admin State/Province: GDPR Masked

Admin Postal Code: GDPR Masked

Admin Country: GDPR Masked

Admin Phone: GDPR Masked

Admin Phone Ext:

Admin Fax: GDPR Masked

Admin Fax Ext:

Admin Email:

Registry Tech ID: GDPR Masked

Tech Name: GDPR Masked

Tech Organization: GDPR Masked

Tech Street: GDPR Masked

Tech City: GDPR Masked

Tech State/Province: GDPR Masked

Tech Postal Code: GDPR Masked

Tech Country: GDPR Masked

Tech Phone: GDPR Masked

Tech Phone Ext:

Tech Fax: GDPR Masked

Tech Fax Ext:

Tech Email:

Name Server: ns1.netangels.ru

Name Server: ns2.netangels.ru

Name Server: ns3.netangels.ru

Name Server: ns4.netangels.ru

DNSSEC: Unsigned

Registrar Abuse Contact Email:

Registrar Abuse Contact Phone: +1.2013775952

URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/

Tails · 18. Februar 2020 um 11:27

For those who don’t know.

MyGov is the Australian Government’s answer to online customer service.

Basically, it’s a portal to other “services” owned by the government.

(Australian Government is crap anyway, and I’m not surprised this shit is going around)

Tails · 18. Februar 2020 um 11:30

@Pemmbo#128889 Hey mate, you might wanna report this to MyGov, they won’t do much, but it will help with the AFP cyberteam take down these phishy (not a pun) websites.

I would also report it to OpenDNS’ Phishtank, Microsoft SmartScreen for Edge and IE and Chrome Safe Browsing.

The grannies out there will fall for this as soon as they click the link.