Domain name scammers try their luck with emails
Just lately we’ve encountered a few instances of domain name scam emails circulating. A couple of people in the office have received them, and just the other day one of our readers left an excellent comment on an old post here about the same subject.
We’ve mentioned scams before, and that old article is still the best place to go for information on spotting the different types of domain scam you might encounter. However, because there seem to be a few emails doing the rounds, we thought we’d flag the problem again.
They want your domain names
Domain scams performed by email are generally designed to achieve one of two things:
- To get you to pay over the odds for domain names you probably don’t need.
- To trick you into disclosing login details for your domain name control panel.
Clearly it’s a real pain to fall for either of these, but if a scammer gains access to your control panel, they could steal domains from you. That can be catastrophic, particularly if you’ve built a strongly-branded business on the back of your domain name.
There are two main types of email you need to be on the look out for:
- The “someone else is trying to register your brand name” email
Many of these emails are sent by unscrupulous registration companies. The message will say that someone is trying to register domain names which contain your brand name or trademark.
The message might ask outright whether you want to register the domain names yourself, but often the scam is more subtle. The email will just ask you to reply if the domains listed contain your brand name.
Once you reply, they’ll start bombarding you with sales emails or calls, pressurising you to buy these domains at inflated prices. Their pitch will have a real sense of urgency; you’ll be told that if you don’t act fast, the (fictitious) company interested in the domains will purchase them instead
If you do go ahead and buy from the scammers, it won’t finish there. They’ll probably lock you into restrictive terms and make it virtually impossible to transfer the domains away from them.
- The “please update your details” email
These messages are a form of phishing. They’re a malicious and underhand way to gain control of your domain name(s) by posing as a legitimate company.
Here’s how it works. You receive an email which appears to have been sent by a domain name registration company. The design looks genuine, but actually it’s a fake.
It says you need to “verify” or “update” your details for some reason, and provides a link for you to do just that. It also creates a sense of urgency by imposing a deadline, perhaps giving you seven days before your domain is cancelled.
When you click the link, you get taken to a website. Again, although this might look like it’s genuine, it isn’t.
You’ll be asked to input some details – typically, your username and password. If you enter them, they get sent to the scammers, who can then log in to your account and transfer your domain names away.
Some of these scam attempts are laughable. You might know you don’t have domains registered with that company, there might be awful grammar and spelling errors, or the design of the email and fake website might be all wrong. (This terrible attempt to con Google Mail users into handing over their login details is unlikely to have fooled many.)
But remember: some phishing scams them are surprisingly good, so don’t expect you’ll spot them all on site.
How to avoid these scams
Ok, so you know how they work. Here are a few key tips to help you avoid falling for these tricks.
They need your contact details
To pull off these scams, the con artists need to be able to contact you. If you own particularly valuable domains, they might target you specifically, using the WHOIS database to look up your contact details, then emailing you directly.
You can reduce the threat by hiding your details in this database, either using the free WHOIS opt-out for .uk domains, or buy purchasing a product like our WHOIS privacy for other domains.
Of course, this won’t stop them finding contact details on your website, or spamming you at random, but it will help counter scams targeted at you specifically.
Use security software
A decent security package on your PC will scan your incoming emails and flag up any which look suspicious. Many web browsers (including Firefox) also have anti-phishing features built in. These will warn you if you’re on a website which isn’t what it appears to be.
These extra security measures will never be 100% effective, but they’re another good line of defence. They’ll certainly filter out a good proportion of scam emails and websites.
Check with the sender, and type in website addresses
If you’ve received an email which you think is genuine, but you’re not totally sure, ask the company it appears to have come from. They should be able to tell you if it’s genuine.
If you are suspicious, don’t click any links in the email. Instead, type your domain registration company’s address straight into your web browser. That way you can be completely certain you’re not on a fake website.
Search Google
If you’re being scammed, chances are that someone, somewhere, has run into the same trick before. Copy a phrase from the email you’ve received and paste it into Google. Then hit Search. With luck, you’ll find a blog or forum post from someone who can confirm it’s an attempted scam.
Buy the domains elsewhere
If you receive an email urging you to register domain names quickly because “someone else is interested in them”, don’t respond. Not even if you’re interested in the domains yourself.
Instead, search for the relevant domain names using your usual domain name registration company (you can use our domain name search). If you decide to buy the domains, get them there too.
They’ll likely be much cheaper, and if you use a reputable registration company, you won’t get locked in to a restrictive contract. For instance, we give you loads of flexibility with your domains, and allow you to transfer them away from us for free, so you always keep full control.
Just ignore them
Many scams are easily spotted and best ignored. As long as you know which company your domain names are registered with and when they’re due to expire, you can usually safely ignore dodgy messages urging you to “verify your account details”.
Remember that if you’re a 123-reg customer, you can always log in to your 123-reg control panel to check the status of your domain names. Just go to http://www.123-reg.co.uk and click Log in to your control panel.
Finally, if you haven’t checked our previous posts on domain name scams, have a look now. You can find them here and here. They cover some other tricks that we haven’t mentioned in this article. And if you get targeted by scammers, please let us know in the comments. I’d like to build up a more comprehensive list of scamming techniques, so we can help people avoid getting caught out.
Share and Enjoy
On November 18th, 2008 at 2:14 pm
Just what you were refering to.
Domain Notification: PAUL KNIGHT This is your Final Notice of Domain Listing – KNIGHTGROUP.US
From: Domain Extension Notification ([hidden]@[hidden].com)
Sent: 16 November 2008 22:50:47
To: (E-Mail – was correct)
Domain Extensions – United States Country TLD
[hidden]
Las Vegas, [hidden]
United States of America
Fax: [hidden] Notice Tracking Number – [hidden]
NOTICE
ATT: PAUL KNIGHT
ADMINISTRATIVE CONTACT
XXXXX XXXXXXX
(Address was correct – from database)
UNITED KINGDOM
Phone: [hidden]
http://WWW.KNIGHTGROUP.US Domain Name: KNIGHTGROUP.US
Is Now Available for Registration
Requested Reply
November 17th,2008
Please be advised that the above noted domain name has now become available for registration.
Consequently the possibility of a conflicting domain registration may occur.
IN ACCORDANCE WITH THE UNITED STATES LEGAL CODE
TITLE 15, Sec 1125. False descriptions, and dilution of Trademarks and the Uniform Domain Name Dispute Resolution Policy (UDRP)
Be advised: Protecting a domain name registrant or trademark owner from confusing and/or conflicting domain name registrations is not the responsibility of the domain and trademark registration processes. In the event of a registration of the above noted domain by a third party, the UDRP may be applied under the following conditions.
Evidence of Registration and Use in Bad Faith. – For the purposes of Paragraph 4(a)(iii), the following circumstances, in particular but without limitation, if found by the Panel to be present, shall be evidence of the registration and use of a domain name in bad faith:
(i) circumstances indicating that the domain name registered or acquired the domain name primarily for the purpose of selling, renting, or otherwise transferring the domain name registration to the complainant who is the owner of the trademark or service mark or a competitor of that complainant, for valuable consideration in excess of your documented out-of-pocket costs directly related to the domain name; or
(ii) the domain name has been registered in order to prevent the owner of the trademark or service mark from reflecting the mark in a corresponding domain name, provided that you have engaged in a pattern of such conduct; or
(iii) the domain name has been registered primarily for the purpose of disrupting the business of a competitor; or (iv) by using the domain name, registrant has intentionally attempted to attract, for commercial gain, Internet users to their web site or other on-line location, by creating a likelihood of confusion with the complainant’s mark as to the source, sponsorship, affiliation, or endorsement or your web site or location or of a product or service of a web site or location.
In addition to remedies provided for by the URDP, section 4a (1)(2)(3) & b (1)(2)(3)(4) existing registrants, trademark and service mark owners are provided by DNNP on domain names that are identical with new ccTLD, TLD extensions, or domain names that are confusingly similar to their own.
PLEASE READ CAREFULLY
Note: you may disregard this notice. If you disregard this notice or fail to reply:
(a) The licensing rights of this domain name may be assigned to any other applicant who wishes to register it,
(b) DNNP and or any ICANN accredited registrar will not be liable for loss of domain name license, identical or confusingly similar use of your company’s domain name; or interruption of business activity or business losses.
If you fail to register this domain it may be registered by any third party without further notice. Please advise us of your intent to (a) secure this domain name or (b) to leave this domain name for Public Registration.
————————————————————————————————————————–
DOMAIN REGISTRATION FORM
This is not a bill, you are under no obligation to register this domain. Should you wish to register KNIGHTGROUP.US, please complete and agree to the following as it applies to you. Once we receive your request to register this domain, we will send you further instructions on how to make a payment. Please be aware that payments for domain registrations are non-refundable.
Domain Registration Form – Register KNIGHTGROUP.US
Please ensure that your contact information is correct or make the necessary changes.
Full Name: PAUL KNIGHT Domain: KNIGHTGROUP.US
Telephone #: XXXXXXX Email:
Please select the number of years you would like to register this domain:
10 Years for $295.00
5 Years for $185.00
2 Years for $99.00
1 Year for $75.00
The 10 year plan has been reduced to $295.00 and offers the best value at
only $29.50 per year.
Today’s Date: _______________________ Signature: ____________________________
Notice Tracking Number – [hidden]
Once you have completed all the required information,
please return it to us by fax 1 (718) [hidden]
————————————————————————————————————————–
The information in this letter contains confidential and/or legally privileged information from the notification processing department of the DNNP. This information is intended only for the use of the individual(s) named above.
Go to [hidden] if you do not want to receive further updates from DNNP. If you are not the intended recipient, you are hereby notified that disclosure, copying, distribution or the taking of any action in reliance on the contents for this letter is strictly prohibited.
On October 14th, 2009 at 11:35 pm
Great ideas!