This morning I found an e-mail in my hotmail junk box: “The payment function of your bank account is blocked” (in perfect Dutch). Sender ING Bank N.V. So I took a look to see who really sent this message: iing.nl. So here we are. .NL is considered to be one of the safest domains, like most ccTLDs. So who facilitated in getting this domain iing.nl that looks a lot like ing.nl, but obviously isn’t, on the Internet? Here we go:
Domain name: iing.nl
DDS City B.V.
Nieuwe Herengracht 91
It runs on this IP address:
Amsterdam, Noord-Holland in Netherlands
Can we please shut down this account as of now, as it is obviously a fraud? Aimed at phishing people less versed in phishing than I am out of their bank account details? This is too easy people. Iing.nl, come on?!
Let’s make it even more interesting. In the past three years Iing.nl has been registered 26!!! times before. Let me guess what for? By the way, if you’re interested, you can buy it right now for € 410,=. It’s likely to be closed very soon, isn’t it?
For years I hadn’t seen phishing mails, but Hotmail is passing them on lately. All but one in my junk box, true. Most so far were aimed at ABN costumers, now ING’s. I decided to take action and report on it here and now.
No matter how many years have passed, it’s still so easy for criminals to take this road. Especially if someone wants to register a domain so close to a major bank, perhaps it’s time to check up better before registering? Especially if it concerns a ccTLD domain, I’d say.
DDS City take action. Hotmail start filtering better again. SIDN take notice of actions of your registrars.
Wout de Natris, De Natris Consult
Haarlem, 7 October 2012.