Spammers Abusing Domain Parking Service Security Hole
As first reported on the Symantec blog, Symantec software recently detected spammers abusing a security hole at large domain parking services. Symantec has consequently “automatically blocked tens of thousands of these domains”.

The security hole relates to an open redirect script hosted on said parking service providers, which can be used by spammers to redirect to other sites.

How exactly did spammers exploit this security hole?

It’s actually quite simple. Say happens to be parked on a parking service provider with this particular security hole. The spammers send an email with text similar to the one below to people they spam:

“Hello, I’d love for you to check out what I have been cooking lately. Just click below:”

The aHR0cDovL3d3dy5teXNwYW13ZWJzaXRlLmNvbQ== above is actually url base64 encoded as the said exploit requires base64 encoded urls to work.

So, the people being spammed are seeing a legitimate looking domain name like in their emails which gives them confidence that their click will take them to a legitimate website – only to be redirected to

Obviously, Symantec has spam blocked a huge number of these domain names which might even end up being banned by search engines – this is quite bad. Symantec has informed the parking service providers about the security hole so hopefully the parties involved will work to fix the problem. Let’s hope Symantec will then remove the domain names from their block lists to prevent long term damage.

About Eranet International Limited( was incorporated in Hong Kong in 2005, directly under, Inc. which was established in 2000. As one of the first ICANN (The Internet Corporation for Assigned Names and Numbers), Verisign, HKDNR, and CNNIC (The China Internet Network Information Center) accredited registrars, Eranet is also a leading provider of services in domain name registration and web hosting.

Register domain names here

Possibly Related Threads...
Thread Author Replies Views Last Post
  domain lawyer DNSBroker 13 10,027 04-18-2018, 12:01 PM
Last Post: Laxmi123
  How do i sell this valuable domain? fourwings 34 15,847 01-20-2018, 09:47 AM
Last Post: Sobhana123
  The domain register tips and steps-Shanghai IDC Co., Ltd WebGuru8 11 8,086 01-11-2018, 05:17 AM
Last Post: Sobhana123
  Why register a domain Williamhawk 0 1,302 12-15-2017, 05:15 AM
Last Post: Williamhawk
  Domain Hosting and Mail Different Server Williamhawk 0 1,427 12-12-2017, 05:10 AM
Last Post: Williamhawk
  Olympic related domain names Takwa 12 9,009 11-16-2010, 10:04 AM
Last Post: agrajtech11
  Problems registering .US domain names fleahol 26 13,005 07-15-2010, 08:22 AM
Last Post: user123
  New NY Bill Involving Domain Names Dave Zan 6 5,508 08-19-2007, 03:02 PM
Last Post: Ardoris
  Trademark service? llegent 10 7,271 01-09-2007, 01:38 AM
Last Post: Domaineer
  Same domain name kokotai 12 8,354 11-19-2006, 07:26 AM
Last Post: wondering

Forum Jump:

Users browsing this thread: 1 Guest(s)