The Unbelievable Story of Why We Were Offline Today

We use redundant databases and application servers, so we are usually very safe if a server failure occurs. One of the other systems can handle the extra load without any problems. So we feel safe for any possible server problem and are well prepared, but today our website had a few hours of downtime.

That alone is very bad, but the reason for the downtime is even worse and more unbelievable:

We didn’t click on a mail verification link in a really spammy looking mail a few weeks ago. As a result, all of our domains were completely unreachable, plus the domain was completely on hold. Fortunately, our share services were not affected.

At first I would say:

Lesson learned for the future. Secondly: What the heck?

A little background:

Whenever you register a .com or .net domain at your provider, the Internet Corporation for Assigned Names and Numbers (ICANN) demands that the the owner’s email address gets verified. That is not bad at all but unfortunately one of the largest reseller for domains within europe is using a verification mail sender address which is named Yeah, you read right, so i say it again loud and slowly:!

It sounds like a great phishing address, doesn’t it?

If you read that mail you will also see that they state to be connected with the ICANN:

mail sample ICANN

So whenever you get a mail from them you must click on the link within that mail. If you do not do this your Domains get a new status on-hold which means they do not resolve any request from your visitors. As a result all your websites are completely offline!

So far so good, but we did not know that before and run directly into the trap:

Two weeks ago we changed the mail address of our DNS domain handler. As a result we got a few days later a mail from that unknown sender. I had a quick look at it and when i saw the link i had to click to confirm something and read that the mail was from someone who claimed to be connected directly with the ICANN. So it was more than obvious that it was spam or a phishing and i put it directly into my trash folder without thinking more about it.

Today, 11 days later it happened what i’ve never expected:

All websites under the property of my name became completely offline although all our server services were running perfectly.

It took me hours to find out the reason and finally to repeat that missing verification process.

When our provider explained me the reason for the downtime of our domains I was really shocked and could not believe it at first time.


If you ever get a mail from have in mind thats its not spam even when it does look like as one of the most obvious phishing mails

Do not delete it and verify that it is  original. Than confirm the mail verification process with clicking on that link and your domains hopefully should be save for the next time.

If this post saves only one person from happening the same as we were faced with than i am very glad.

We have our lesson learned:

Even when it looks like spam it could be real.
Paying no attention to it can be very expensive!

So take care;)

Have you ever experienced something similar please let us know in the comments.

Follow MashShare?