GoDaddy Shuts Down 15,000 Subdomains Used for Online Scams, Resets Account Passwords
- A security researcher found 15,000 subdomains were being misused
- GoDaddy’s abuse team has removed all the subdomains
- Domain name owners weren’t aware of these scams
Spammers continue to find new ways to lure unsuspecting users on the Web into clicking malicious links or buying illegitimate products. In a recent crackdown, GoDaddy has shut down over 15,000 subdomains linked to spammers. These subdomains were being used to sell fake products. What’s interesting here is that the rightful owners of the domain names weren’t even aware this was happening.
Jeff White, a security researcher at Palo Alto Networks, spent two years investigating these spammers. The operation involved sending spam emails in bulk and getting users to click on these subdomains that sold fake products.
A subdomain includes a prefix to an Internet domain name which can be directed to an IP address. GoDaddy customers can create up to 100 subdomains per domain name. In his white paper, White explained that the scammers could have tricked millions of users. The report was first spotted by ZDNet.
Since users landed on websites that appeared to be subdomains of legitimate domains, they were conned into believing they were buying a genuine product. All these subdomains featured landing pages with fake celebrity endorsements. The spammers were trying to sell supplements, diet pills, and other fake products.
The websites hosted on these subdomains carried fake endorsements from celebrities such as Stephen Hawking, Jennifer Lopez, Gwen Stefani, and even the Shark Tank TV show. The websites also linked to several affiliate networks to generate revenue.
White’s investigation took around two years. After collecting all the information on the scammers, White reported his findings to GoDaddy’s abuse team which was quick to take action by taking down all the malicious subdomains.
GoDaddy’s customers weren’t aware that their domains were being misused to create such fake websites. The scammers probably gained access to such accounts via phishing or credential stuffing methods. GoDaddy has reset passwords for all affected accounts.
In case you come across an email that makes insane promises, or you land on a webpage filled with celebrity-endorsed products, it’s always sensible to search the Web for more details rather than falling for a scam.