Your guide to a successful online business!

Don’t get conned into handing over cashWe wrote about a typical domain name scam a couple of weeks ago. Since then, a couple of people in the office have been targeted, so we thought we’d revisit the subject in a bit more detail.

Generally, domain scams are tricks to get you to part with money, your domain, or even both. At the very least, they are a headache.

But if you rely on your website for business, they can be much more than that: if you lose control of your domain, the impact of having to change your site’s address can cost you money. Because of this, it’s worth learning how to spot the scams. Here are the three most common.

The urgent letter in the post

This ploy uses an official-looking letter to coerce you into transferring your domain to a different registration company.

  • How does it work?
    You receive a letter through the mail (they use the post because it seems more official) informing you that your domain name is due to expire. These letters often have titles like ‘Domain name expiration notice’, and encourage you to renew your domain.

The notice creates a sense of urgency, often by warning that ‘failure to renew your domain name by the expiration date will result in a loss of your online identity’. However, if you reply, you would not only be renewing your domain – you’d also be transferring it away from your current registrar.

  • How do I avoid it?
    Make sure you know how your existing registration company contacts you. For instance, at 123-reg, we don’t send out letters – so you can be sure that a notice like this didn’t come from us.

You can also familiarise yourself with the way your registration company handles renewals. At 123-reg, everything is done via your online control panel. So if you receive a communication instructing you to renew in a different way then it’s almost certainly some sort of scam.

The pressurised cold call

With this you, you’ll get the hard-sell down the phone.

  • How does it work?
    The scammers get hold of your phone number – usually from your business’s website or another publicly-available source (like the phone book or something). Then they call you up. Their pitch is normally along these lines:

“Hello, I’m calling from such-and-such company. A client of ours has asked us to register [insert some domain names very similar to yours] on their behalf. I have them on the other line and they are all ready to pay, but I needed to do a check to make sure they’re allowed to register them. If you want to register them instead, I can put that through for you now – it will cost [insert extortionate amount].”

  • How do I avoid it?
    This sort of scam tends to increase when new domain extensions – like .eu or .asia – are released. The best course of action is to politely decline (or just slam the phone down – it’s up to you). The ‘client’ is just a ploy to force your hand.

Again, find out if your registration company would ever contact you in this way. At 123-reg we might email you to let you know a new domain extension has become available, but we wouldn’t call.

The phishing scam

It’s just like those emails asking you for your bank details and PIN.

  • How does it work?
    This is rather like the postal scam above, but the messages are sent via email and not in the post. This lets the scammers target more people – they can send out millions of emails automatically, at a very low cost.

The less malicious versions simply say that your domain is soon to expire and encourage you to ‘renew’ it. Or they can be more sinister: they may pose as a message from your existing registration company in an attempt to fool you in to entering your account details.

  • How do I avoid it?
    If you’re in any doubt about the origin of an email, don’t click any links and don’t enter any information. If you’re not sure if a particular email was sent by your registration company then contact them to check.

And if – as with 123-reg – you need to log in to a control panel to administer your domains, do this by typing the address into your web browser rather than following a link in an email.

Other ways to combat the scammers

There are a couple of other things you can do to make life difficult for the domain name crooks out there. We covered these last time, but to reiterate:

  • Hide your details. With some domains, you can opt to remove your personal details from the WHOIS database. Take advantage of this by using our WHOIS privacy service. If the scammers can’t see your details, they can’t contact you.
  • Keep your domain locked. A locked domain can’t be transferred. If your domain is registered with 123-reg, you can lock and unlock it from within your 123-reg control panel.

Finally: use your commonsense. If you think a letter, email or telephone call might not be what it appears, then don’t take any action.

Check when your domain is actually due to expire, and be wary of any communications that aren’t from the company you registered it with. A quick search on Google can often confirm your suspicions – and you can always get in touch with your registration company directly.

Have you ever been stung by a scam? Leave a comment and let us know.

Was This Article Useful?

Let Others Know

Leave a Reply

13 Responses

  • Matt

    I think the last point about checking on a search engine issue is always your best bet. The domain community is so active and vocal you can bet your house that blogs and forums will have news about any scam almost instantly.

    March 10, 2008 at 4:37 pm
  • Alikhan

    There are different types of scams out there. Im currently unsure about my current circumstances with someone buying a domain that I used to own., and they are now pointing at my old web space. Now although this would appear to be beneficial to me, as I can re-generate that site, I can’t control what that domain is pointing to, so I can’t send and establish that link. Im unsure whether there is any malicious intent involved, and even more unsure about what I can do.

    March 11, 2008 at 6:24 am
  • John

    Hi Alikhan,

    Thanks for the comment. Unfortunately, if your domain expires and somebody else registers it, there isn’t a whole lot you can do. They become the new owner of that domain.

    If the domain was very important to you then you could try and buy it back from the new owner (assuming you can find a way of contacting them), but be prepared to pay well over the odds. Or if the domain contained your trademark you might have some claim to it.

    Generally, once your registration has lapsed, a domain is fair game for anyone else who wants to buy it.

    It seems a little odd that they’ve chosen to point the domain back at your website. Perhaps they’re trying to attract your attention with a view to selling you the domain.

    March 12, 2008 at 6:30 pm
  • Nadeem

    Yeh, Alikhan, your nutts, what you should do is to register a new domain name and set up a forwarder to the new domain.

    I have over 100 domains registered and get a load of scam garbage of all types.

    Once someone from china emailed me and tried to do the exact same as mentioned above about having a client wanting to register my domain name in china (cn), so what I did was quickly register it with my existing registrar within minutes of reciept of the email.

    I emailed him back to say that thanks for your information, I have just registered it with another registrar.

    I got an angry email back … LOL 🙂

    So not all scam emails are a waste of time 🙂

    March 20, 2008 at 4:00 pm
  • Nomin

    I thought that pointing multiple domain names to the same site would result in penalties with engine searches. I had experienece of this with a a couple of previous domains, I allowed one to expire because is waht no longer used, it was then bought up and they pointed it to my existing site, Google for sure didn’t like this and penalised my rakning.

    March 26, 2008 at 8:19 pm
  • Matt

    Yeah it does. If Google sees multiple domains pointing to one site it thinks you are trying to spam its directory and gain extra listings. To prevent getting penalised set up a 301 re-direct on the domains you want to diretc traffic from to the main domain name, this way the Google robots understand the relationship. You can read more about this here

    March 28, 2008 at 10:16 am
  • Dave

    Just got one of those letters addressed to my son who is currently out of the country. I knew it was a scam so just binned it, the domain renewal isn’t due until about August.

    My brother phoned me a couple of years ago because he’d just had a phone call from some woman who was warning him that someone was wanting to register his company name, but she could help him out. He asked if he could phone her back and called me. I told him it was a scam so he called trading standards. The trading standards guy said they knew it went on but could never catch anyone. “No problem”, said my brother, “Here’s their phone number!!”

    March 28, 2008 at 3:33 pm
  • Rod Fauvel

    I have the site for about 6 years now. in January of this year we had a company with a simlar name claiming that we were passing our company off as theres to benifit from there traffic.

    This company was having a laugh as i did an internet search and found they had about 20 pages indexed and we had thousands, so how we could be benifiting from them is a joke. They originally asked for the domain name and then asked for a fee to use it it. Well at that stage we got our solitors involved along with having a check with the guys at the patent office and it came to light that they did not have a leg to stand on. No trade mark! only registered there domain in the last year! not even in the same line of business as us! the list goes on. the point i am making is that this company soon ran with there tails between there legs when we got our solicitors to contact them and were obviously trying it on. How many companies which don’t have solicitors or are small and think i do not want to get in trouble would just hand over there domain name no questions asked?

    The bottom line is if anyone ever contacts you for your domain our money regarding your domain they are doing it for one of two reasons.

    1. They think your domain as value which you have worked hard for and they now want to reap the benifits.

    2 Or they simply want to extort money from you.

    Either way never give your domain or any money to anyone other than your domain company and the safest way is to ignor links in emails and do it direct on the site. as for trade mark issues or claims to the domian name, never hand it over unless you have checked there claims and taken legal advise

    March 31, 2008 at 12:41 pm
  • Rod Fauvel

    Another scam Just received today 1st november 2008

    Email heading

    Inaccurate whois information. [IncidentID:32052]

    Information with in the email.

    Dear user,

    On Sat, 1 Nov 2008 20:13:29 +0900 we received a third party complaint of invalid domain contact information in the Whois database for this domain. Whenever we receive a complaint, we are required by ICANN regulations to initiate an investigation as to whether the contact data displaying in the Whois database is valid data or not. If we find that there is invalid or missing data, we contact both the registrant and the account holder and inform them to update the information.

    The contact information for the domain which displayed in the Whois database was indeed invalid. On Sat, 1 Nov 2008 20:13:29 +0900 we sent a notice to you at the admin/tech contact email address and the account email address informing you of invalid data in breach of the domain registration agreement and advising you to update the information or risk cancellation of the domain. The contact information was not updated within the specified period of time and we canceled the domain. The domain has subsequently been purchased by another party. You will need to contact them for any further inquiries regarding the domain.


    If you find any invalid contact information for this domain, please respond to this email with evidence of the specific contact information you have found to be invalid on the Whois record for the domain name. Examples would be a bounced email or returned postal mail. If you have a bounced email, please attach or forward with your reply or in the case of returned postal mail, scan the returned letter and attach to your email reply or please send it to:

    [Address removed]


    Thank you,
    Domain Services


    A few things about this email that stick out like a sore thumb.

    You tend to find that most scam emails start with the “dear user” this would sugest they have no idea who you are and that you are just part of a bulk email scam. most companies that you do deal with at very least use your contact name.

    Theres also a good chance in scam emails that spelling & grammer will be bad and that they even trip over themselves with what as been said.

    Remember bulk scams have one set email for everyone they target so they are always general, not once did it mention my domain name or my name or any of my contact details.

    Funny slip up: the above email even states that they contacted me on the 1st of november and that i did not respond in time to stop them from canceling my domian? BIG lol! this email was sent on the 1st of november in the morning. So it would seem that they act quickly, is there response time a minute? not only are they scammers but very poor ones at that.

    Most important thing to remember here is never believe anything anyone says by email before checking out the full facts first. if something does not seem right it tends to mean its not. To be on the safe side i consider every single email i receive to be a scam that way you will never get caught out.

    November 1, 2008 at 4:21 pm
  • Directory

    Very informative article, which I found quite useful. Cheers ,Jay

    February 5, 2009 at 5:23 pm
  • Steve Nutt

    I had one of the letters and I could imagine they are quite convincing for those who are not savvy at this sort of thing. Has anyone found out which country the scammers come from?

    September 1, 2010 at 4:44 pm
  • Brian

    I had an email saying one of my domain names was due to expire and asking me to pay much more than I normally do to renew it. That is often a good clue as well, if you are being asked to pay more than the normal amount, it is probably a scam.

    February 23, 2012 at 5:08 pm