Official-looking e-mails appear to be from prominent registrars — they’re really attempts to steal your domains
Both eNom and Network Solutions, two very large registrars that handle millions of domain registrations, are the target of a major phishing attack. It is believed that the perpetrators’ purpose is to acquire the login details for victims’ domain registrar accounts and thereby steal or otherwise compromise their domain registrations.
These e-mails make a dire warning about “innaccurate whois information” or some other problem with your domain, and warn you that you must take immediate action to avoid having your domain registration canceled.
The above image contains the actual text in one of these e-mails that I received. Since I have my e-mail program set to display the actual URLs of links, you can see that the link to “verify your contact information” is set so that it would appear to be a link to enom.com but in fact is a link to enom.com.ssl45.mobi.
If you receive any e-mail about your domain registration (or any other online account you may have) you should never click any link in the e-mail. If you want to verify things for yourself, go directly to the website where you have your account by entering the address in the address bar of your browser.
And it never hurts to drop into your domain registrar account to double-check that your contact information (particularly your e-mail address) is current, and to lock your domain, if your registrar offers such an option. Security experts recommend that you change your password regularly, and that you do not use free web-based e-mail accounts (such as GMail) for any sensitive accounts.