123 Reg logo Blog

Domain name scammers try their luck with emails

By John - November 10, 2008

Just lately we’ve encountered a few instances of domain name scam emails circulating. A couple of people in the office have received them, and just the other day one of our readers left an excellent comment on an old post about the same subject.

We’ve mentioned scams before, and that old article is still the best place to go for information on spotting the different types of domain scam you might encounter. However, because there seem to be a few emails doing the rounds, we thought we’d flag the problem again.

They want your domain names

Domain scams performed by email are generally designed to achieve one of two things:

  1. To get you to pay over the odds for domain names you probably don’t need.
  2. To trick you into disclosing login details for your domain name control panel.

Clearly it’s a real pain to fall for either of these, but if a scammer gains access to your control panel, they could steal domains from you. That can be catastrophic, particularly if you’ve built a strongly-branded business on the back of your domain name.

There are two main types of email you need to be on the look out for:

  • The “someone else is trying to register your brand name” email

Many of these emails are sent by unscrupulous registration companies. The message will say that someone is trying to register domain names which contain your brand name or trademark.

The message might ask outright whether you want to register the domain names yourself, but often the scam is more subtle. The email will just ask you to reply if the domains listed contain your brand name.

Once you reply, they’ll start bombarding you with sales emails or calls, pressurising you to buy these domains at inflated prices. Their pitch will have a real sense of urgency; you’ll be told that if you don’t act fast, the (fictitious) company interested in the domains will purchase them instead

If you do go ahead and buy from the scammers, it won’t finish there. They’ll probably lock you into restrictive terms and make it virtually impossible to transfer the domains away from them.

  • The “please update your details” email

These messages are a form of phishing. They’re a malicious and underhand way to gain control of your domain name(s) by posing as a legitimate company.

Here’s how it works. You receive an email which appears to have been sent by a domain name registration company. The design looks genuine, but actually it’s a fake.

It says you need to “verify” or “update” your details for some reason, and provides a link for you to do just that. It also creates a sense of urgency by imposing a deadline, perhaps giving you seven days before your domain is cancelled.

When you click the link, you get taken to a website. Again, although this might look like it’s genuine, it isn’t.

You’ll be asked to input some details – typically, your username and password. If you enter them, they get sent to the scammers, who can then log in to your account and transfer your domain names away.

Some of these scam attempts are laughable. You might know you don’t have domains registered with that company, there might be awful grammar and spelling errors, or the design of the email and fake website might be all wrong. (This terrible attempt to con Google Mail users into handing over their login details is unlikely to have fooled many.)

But remember: some phishing scams them are surprisingly good, so don’t expect you’ll spot them all on site.

How to avoid these scams

Ok, so you know how they work. Here are a few key tips to help you avoid falling for these tricks.

They need your contact details

To pull off these scams, the con artists need to be able to contact you. If you own particularly valuable domains, they might target you specifically, using the WHOIS database to look up your contact details, then emailing you directly.

You can reduce the threat by hiding your details in this database, either using the free WHOIS opt-out for .uk domains, or by purchasing a product like our WHOIS privacy for other domains.

Of course, this won’t stop them finding contact details on your website, or spamming you at random, but it will help counter scams targeted at you specifically.

Use security software

A decent security package on your PC will scan your incoming emails and flag up any which look suspicious. Many web browsers (including Firefox) also have anti-phishing features built in. These will warn you if you’re on a website which isn’t what it appears to be.

These extra security measures will never be 100% effective, but they’re another good line of defence. They’ll certainly filter out a good proportion of scam emails and websites.

Check with the sender, and type in website addresses

If you’ve received an email which you think is genuine, but you’re not totally sure, ask the company it appears to have come from. They should be able to tell you if it’s genuine.

If you are suspicious, don’t click any links in the email. Instead, type your domain registration company’s address straight into your web browser. That way you can be completely certain you’re not on a fake website.

Search Google

If you’re being scammed, chances are that someone, somewhere, has run into the same trick before. Copy a phrase from the email you’ve received and paste it into Google. Then hit Search. With luck, you’ll find a blog or forum post from someone who can confirm it’s an attempted scam.

Buy the domains elsewhere

If you receive an email urging you to register domain names quickly because “someone else is interested in them”, don’t respond. Not even if you’re interested in the domains yourself.

Instead, search for the relevant domain names using your usual domain name registration company (you can use our domain name search). If you decide to buy the domains, get them there too.

They’ll likely be much cheaper, and if you use a reputable registration company, you won’t get locked in to a restrictive contract. For instance, we give you loads of flexibility with your domains, and allow you to transfer them away from us for free, so you always keep full control.

Just ignore them

Many scams are easily spotted and best ignored. As long as you know which company your domain names are registered with and when they’re due to expire, you can usually safely ignore dodgy messages urging you to “verify your account details”.

Remember that if you’re a 123-reg customer, you can always log in to your 123-reg control panel to check the status of your domain names. Just go to https://www.123-reg.co.uk and click Log in to your control panel.

Finally, if you haven’t checked our previous posts on domain name scams, have a look now. You can find them here and here. They cover some other tricks that we haven’t mentioned in this article. And if you get targeted by scammers, please let us know in the comments. I’d like to build up a more comprehensive list of scamming techniques, so we can help people avoid getting caught out.