14 DAY TRIAL // Domain name registrar Moniker has started notifying customers that its systems have been hacked. As a precaution, all passwords are being reset.
“Moniker’s Operations & Security team has discovered and blocked suspicious activity on the Moniker network that appears to have been a coordinated attempt to access a number of Moniker user accounts,” the company said in the notification sent to customers.
“While our password encryption measures are robust, we are taking additional steps to ensure that your personal data and domains remain secure. This means that, to be absolutely sure of the security of your account, we are requiring all users to reset their Moniker account password,” Moniker said.
The registrar says that it hasn’t found any evidence to suggest that domains have been lost or transferred. The company believes that confidential and payment card information has not been compromised.
Moniker has alerted appropriate authorities on the matter.
While it’s a good thing that the company has rushed to notify customers, the emails they’ve sent out might be problematic for some users.
As Conrad Longmore of Dynamoo’s Blog notes, while the emails instruct customers to go to moniker.com to change their passwords, the links contained in the emails actually lead to t.lt02.net.
t.lt02.net is a domain owned by VertexInternet, a company that runs an email marketing system called Listrak, which is being utilized to send out the notification emails to Moniker customers.
The suspicious-looking domain might lead many recipients to believe that the notifications might be part of a clever phishing scam, especially since users are aware that such incidents usually attract the attention of cybercriminals.
“If you are going to send out a message like this, make sure that all the links go to a site that the recipient would recognise. In this case the sensible option would be to link directly to moniker.com. I'm betting that quite a few people will ignore this message and then wonder why they cannot log into their accounts at a later date,” Longmore said.