WARNING: Phishing scam targeting Nachi Members

Hello -

I am a brand new Nachi member - just signed up a few days ago. Last night I got an email that is clearly a phishing scam. It claims to be from the “InterNACHI Security Team” and says that I need to “follow the instructions and fill verification form to re-activate your InterNACHI membership” The link redirects to InterNACHI Member Verification – My Blog which contains a request for Name, Email address, NACHI username and credit card information. (Screenshot Attached)

Obvious phishing, obviously targeted at NACHI members. Since I received this within 48 hours after signing up, I suspect it is targeted at new NACHI members.

Also - Hello everyone.

That’s a first.

Contact Nick at fastreply@nachi.org and let him know. Someone has created a fake domain mimicking nachi.org. Nick needs to have it shut down.

Domain Name: NACHISCHOOL.ORG
Registry Domain ID: D402200000004528586-LROR
Registrar WHOIS Server: whois.namesilo.com
Registrar URL: Cheap Domain Names-Domain Name Registration-Transfer-Renewal: NameSilo
Updated Date: 2018-03-14T14:27:15Z
Creation Date: 2017-12-12T09:36:17Z
Registry Expiry Date: 2018-12-12T09:36:17Z
Registrar Registration Expiration Date:
Registrar: Namesilo, LLC
Registrar IANA ID: 1479
Registrar Abuse Contact Email: abuse@namesilo.com
Registrar Abuse Contact Phone: +1.4805240066

Good catch, Adam. Thanks!

We’re working with the company that this site is hosted with to have it shut down. An Indonesian hacker has been targeting home inspectors with emails like this over the last few months. So far we’ve been able to get each site he sets up shut down, but he keeps on popping up. Always check to make sure you’re on NACHI.ORG if you click a link in an email that appears to be from InterNACHI.

Also, due to the nature of the underlying email protocols, it’s possible to fake the “From” address on messages, so it’s possible that these messages will look like they’re coming from an @nachi.org or @internachi.org email address. Always be careful when you receive an email that’s suspicious, even it parts of it look legitimate.

CM