We are using redundant databases and application server so usually we are very save when it comes to any server fault. One of the other systems can handle the additional load without problems. So we feel save for any possible server issue and are well prepared but today our website had a few hours of downtime.
This alone is very bad but the reason for the downtime is worst and unbelievable.
We did not clicked on a mail verification link in a really spammy looking mail a few weeks ago. As a result all our domains were completely not reachable, moreover the domain was completely on-hold. Fortunately our share services were not affected by this.
At first i would say:
Lesson learned for the future. Secondly: What the heck?
A little background:
Whenever you register a .com or .net domain at your provider, the Internet Corporation for Assigned Names and Numbers (ICANN) demands that the the owner’s email address gets verified. That is not bad at all but unfortunately one of the largest reseller for domains within europe is using a verification mail sender address which is named emailverification.info. Yeah, you read right, so i say it again loud and slowly: emailverification.info!
It sounds like a great phishing address, doesn’t it?
If you read that mail you will also see that they state to be connected with the ICANN:
So whenever you get a mail from them you must click on the link within that mail. If you do not do this your Domains get a new status on-hold which means they do not resolve any request from your visitors. As a result all your websites are completely offline!
So far so good, but we did not know that before and run directly into the trap:
Two weeks ago we changed the mail address of our DNS domain handler. As a result we got a few days later a mail from that unknown sender. I had a quick look at it and when i saw the link i had to click to confirm something and read that the mail was from someone who claimed to be connected directly with the ICANN. So it was more than obvious that it was spam or a phishing and i put it directly into my trash folder without thinking more about it.
Today, 11 days later it happened what i’ve never expected:
All websites under the property of my name became completely offline although all our server services were running perfectly.
It took me hours to find out the reason and finally to repeat that missing verification process.
When our provider explained me the reason for the downtime of our domains i was really shocked and could not believe it at first time.
If you ever get a mail from emailverification.info have in mind thats its not spam even when it does look like as one of the most obvious phishing mails
Do not delete it and verify that it is original. Than confirm the mail verification process with clicking on that link and your domains hopefully should be save for the next time.
If this post saves only one person from happening the same as we were faced with than i am very glad.
We have our lesson learned:
Even when it looks like spam it could be real.
Paying no attention to it can be very expensive!
So take care;)
Have you ever experienced something similar please let us know in the comments.