iing.nl, phishing mail by courtesy of DDS City

This morning I found an e-mail in my hotmail junk box: “The payment function of your bank account is blocked” (in perfect Dutch). Sender ING Bank N.V. So I took a look to see who really sent this message: iing.nl. So here we are. .NL is considered to be one of the safest domains, like most ccTLDs. So who facilitated in getting this domain iing.nl that looks a lot like ing.nl, but obviously isn’t, on the Internet? Here we go:

Domain name: iing.nl
Status: active

DDS City B.V.
Nieuwe Herengracht 91

It runs on this IP address:

IP address:
Server Location:
Amsterdam, Noord-Holland in Netherlands
LeaseWeb B.V.

Can we please shut down this account as of now, as it is obviously a fraud? Aimed at phishing people less versed in phishing than I am out of their bank account details? This is too easy people. Iing.nl, come on?!

Let’s make it even more interesting. In the past three years Iing.nl has been registered 26!!! times before. Let me guess what for? By the way, if you’re interested, you can buy it right now for € 410,=. It’s likely to be closed very soon, isn’t it?

For years I hadn’t seen phishing mails, but Hotmail is passing them on lately. All but one in my junk box, true. Most so far were aimed at ABN costumers, now ING’s. I decided to take action and report on it here and now.

No matter how many years have passed, it’s still so easy for criminals to take this road. Especially if someone wants to register a domain so close to a major bank, perhaps it’s time to check up better before registering? Especially if it concerns a ccTLD domain, I’d say.

DDS City take action. Hotmail start filtering better again. SIDN take notice of actions of your registrars.

Wout de Natris, De Natris Consult

Haarlem, 7 October 2012.


About Wout de Natris

As a consultant I specialise in establishing new and different relationships between industry, governments and law enforcement where internet safety and the fight against cyber crime are concerned. This makes me a bridge builder. Hence the blogs name. In this blog I intend to stress the need for interaction, cooperation and exchange of information in order to change the mentioned relationships. On offer: a comprehensive training on all non-technical aspects of spam enforcement and a cyber awareness presentation for companies and institutions
This entry was posted in Cyber crime, Internet governance, spam and tagged , , , , , , . Bookmark the permalink.

One Response to iing.nl, phishing mail by courtesy of DDS City

  1. tifkap says:

    How do you know the difference between domains used for typo-squating and bank-scams? One is annoying, but legimate, while the other is cleary a scam.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s