Have you ever received an email or letter in the mail about your domain name from a company you do not recognize? We have received multiple inquiries from our customers asking about the legitimacy of domain renewal reminders addressed to them. The purpose of this article is to bring awareness to fake domain renewal scams that exist and advise you on how not to fall victim to them.
Example Domain Renewal Scam
Fake domain renewal scams go out to domain owners all of the time. Cybercriminals locate the contact information of domain owners in the public WHOIS database and use that information to send fake renewal notices. The goal is to get people to believe it is a legitimate notification and pay the fake invoice or visit a fraudulent website. People who fall victim to these types of attacks, often find out the truth when their domain name expires because it was never really renewed.
Here is an example of a solicitation from Domain Listings LLC.
Image Source: PKTech
A 101domain client recently asked one of our support agents via LiveChat on our website if we had any affiliation with Domain Listings LLC. Our client was rightfully questioning the “invoice” they received in the mail from Domain Listings LLC. 101domain has no affiliation with Domain Listings LLC, and although the notice may look similar to an invoice, it is not.
After doing some research we realized that this company is sending these domain renewal scams to hundreds of thousands of domain owners. Companies such as PKTech and Bizmktg have also reported letters from Domain Listings LLC addressed to their customers.
How to Spot a Fake Domain Renewal Email
Just like any other phishing attempt, there are key indicators that can help you identify if a domain renewal is fake or legitimate.
Below is an example of a legitimate domain reminder email from 101domain.
The first thing you want to do is check the email sender. In this case, you see it is from 101domain.com from the email address [email protected]. This is a good starting point, however, email addresses and even domain names can be spoofed. Luckily, here at 101domain, we have email authentication set up to combat email impersonation and we secure the spoofed variations of our domain names to protect our customers for this exact reason.
Contact a member of our sales team today to learn about email authentication and brand protection best practices.
The next thing you can check is if the links and buttons in the email go to a website address you recognize, in this case, my.101domain.com. You can see this by hovering your cursor over a button, icon, or anything that is linked in the email. The URL will appear on the screen or in the lower corner of your browser.
Some other key indicators to pay attention to:
- Is this company where I have my domain registered? If not, disregard the email and log in directly to your domain account manager for accurate and up-to-date information regarding your domain renewals.
- Does this email look like the other emails I receive from this company? Looking at the email’s design, tone, and language should give you some clues as to the legitimacy. If it doesn’t look or sound like past emails you have received, that could indicate something is up. However, please do not solely base your decision on looks because email designs can also be easily spoofed.
How to Protect Yourself from Domain-Based Scams and Solicitations
In addition to implementing the best practices we outlined above to spot domain renewal scams, there is a security feature you can add to your domain names to shield your personal information from public view, including scammers.
Private Registration hides your personal information including name, email, physical address, and phone number in the public WHOIS directory, combating unwanted calls and emails from spammers. With Private Registration, your personal information will be replaced with that of our Private Registration service in the WHOIS directory so that spam is filtered out and only legitimate emails from customers and partners can get through to you.
- Prevents domain-related spam
- Helps stop domain hacking
- Helps protect against stalkers and harassers