Unfortunate situation but mildly amusing post on another forum.
A forum moderator had his Godaddy hacked and names gone. Hacker changed victims Godaddy username to'nameprosidiotmoderator'

http://www.dnforum.com/f26/my-godaddy-account-got-hacked-stolen-names-market-beware-thread-443299.html

***BE FORWARNED IF YOU GET ONE OF THESE EMAILS"

QUOTE FROM SCAMMEE:

Found out what happened... Fake ICANN update email. Geez they are good fakes..

The link is masked and leaded to GobDaddy instead.

****************************** ***********
Important ICANN Notice Regarding Your Domain Name(s)
****************************** ***********

Dear User,

it is that time of year again. ICANN(the Internet Corporation for Assigned Names and Numbers) annually requires that all accredited registrars (like GoDaddy.com) ask their domain administrators/registrants to review domain name contact data, and make any changes necessary to ensure accuracy. According to our records you are the ADMINISTRATIVE CONTACT for one or more domains registered at GoDaddy.com, Inc. as of May 1st, 2010.

To review/update your Account data, simply:
+ Login to https://dcc.godaddy.com/ default.aspx?isc=ICANN0908a& amp;ci=8987
+ You will be taken to a landing page and asked to enter your account information
Please take a look that your account and domain information is up to date.

If, however, your domain contact information is inaccurate, you must correct it. (Under ICANN rules and the terms of your registration agreement, providing false contact information can be grounds for domain name cancellation.) To review the ICANN policy, visit:http://www.icann.org/ whois/wdrp-registrant-faq.htm

Should you have any questions, please email us at support@godaddy.com or call our customer support line at (480) 505-8877.

Thanks for your attention and thank you for being a GoDaddy.com, Inc. customer.

Sincerely,
GoDaddy.com, Inc. Domain Support

You get what you deserve using that company.

An example of spear phishing as the e-mail is expected and appears to come from a reputable source. Very difficult to counter

a reputable source.

:eek:

Godaddy's insistence in using OTHER domain names for it's own mail server - including an internally used ccTLD hostname that is in fact owned by someone else sure doesn't help people identify legitimate Godaddy emails...

Received: from smtpout25-02.prod.mesa1.secureserver.net (smtpout25-02.prod.mesa1.secureserver.net [68.178.232.30]) by...

Received: from unknown (HELO gdmailer05.dc1.corp.gd) (208.109.14.190) by smtpout25-02.prod.mesa1.secureserver.net

Godaddy is using corp.gd internally.

# whois corp.gd
Yes
corp.gd is registered.

Domain Name: corp.gd

Registrant, Technical Contact, Billing Contact, Admin. Contact
SRA, MII
Private Registration, b-dul Unirii 80, Bacau, , , , ramsmith59@yahoo.com
Romania
E-mail: domainmailfwd@modone.gd
Phone: 1.44.7833722420
Fax: 1.40.72729289

Resource Records (2):
ns ns1.register.com
ns ns2.register.com



If Godaddy breaks something and that hostname gets out in the wild, they're in for a world of hurt.

Feel free to repost this to that thread at dnforum - maybe Godaddy will take notice and fix this monumental cock-up.