An interesting blog post on Sucuri talks about a domain renewal scam being carried out via normal mail, as opposed to email (the usual medium).
Domain scams are where you receive an email (or, in this case, a snail mail) urging you to renew your domain, but which is not from the company with which you originally registered it.
It’s from a scammer.
Because your domain is renewed once a year, or less frequently if you register it for a longer period, it’s an easy item to overlook when it comes to renewal time.
It’s often not something that people have at the top of their mind and that makes it easy for the scammers to find victims – particularly as many are not familiar with how the Internet works and the need to regularly renew domain registrations.
The renewal prices that are quoted by the scammers are often a lot higher than the real price of renewal. But they come in official looking messages along with an invoice and an invitation to follow a link to renew the domain.
But . . .
Following that link to renew your domain not only gives the scammers instant income, it also gives them your credit card details which they can then sell and re-sell to other scammers.
A situation best avoided.
How to protect yourself against domain renewal scams
It’s possible to see who has registered every domain in existence by querying the ‘whois’ database, which contains the name, physical address and email address of every registrant.
Unless, that is, you have signed up for domain privacy.
Domain privacy is a paid service that runs in conjunction with your domain renewal period and hides your personal contact details from people querying the ‘Whois’ database.
So the first step in protecting yourself is to make sure you have domain privacy because, if you do, the scammers have no way of contacting you.
The next step is simply by keeping good records. Make sure you keep a record of the company you bought the domain from and how much you paid. Your genuine renewal will come from the same company, by email, and for the same amount.
So make sure you have those details.
Of course it’s possible that the company you originally got your domain from could have been bought out or merged with another company. This will usually be made clear on the renewal email but, if it’s not, be sure to check by searching for the original company to see what’s happened to it since you last renewed (or registered) your domain.
Finally, avoid clicking links that claim to take you right to the registration/renewal page..!
The genuine renewal notice will ask you to log in to your account in order to renew your domain. It may well give a link, but that will be a link to your account log in page: you must login with your username and password before you can renew your domain.
Carrying out those few simple steps will help to protect you from the domain scammers but never let your guard down – the scammers are becoming ever more resourceful and sneaky!
If you would like more information about managing your domains please get in touch – to do so:
To read the full article on the Sucuri blog click here.