Online fraud has existed for well over a decade now and every day sees a new type, a new way and a new reason to rob that money from your wallets. Over these years, we have been seeing a varying degrees of frauds surrounding the use of domain names and one of the newer ones have been popping up quite often in the recent times.
As domain names are a core part of our consumer line of services, imagine our surprise when we got an email claiming that our domain name was going to expire if we didn’t pay up soon! The email we received went something like this:
The question we asked ourselves when looking at this was: Wait… what? you want us to pay you for a domain which we own, we manage and we renew ourselves?
The email reminds us with BOLD letters and ACT IMMEDIATELY messages that our domain registration is going to expire and we must take quick action if we are save ourselves from doom! This clearly falls under phishing fraud. The immediate thought we had was, if we as a domain provider are getting these sort of emails for our own domain, it was most likely that all our customers would eventually receive this as well and many who aren’t aware of phishing frauds were most likely to fall prey to this. Which is why we are doing this blog post, to inform you that you should NOT under any circumstances reply or make any sort of payments on emails like this.
Firstly, stay calm, none of your information has been compromised nor is it happening because your domain is currently hosted with us. This information is picked up from the public whois registry which shows the registrant information of every domain name. For example, you could go to this link and type in your domain name to see what information is displayed to the public: http://www.whois.com/whois/
As you would have noticed, the email appears believable to some extent because it has information that you recognize. This is the premise of many phishing emails, getting you to believe that the email is genuine by including information that you would recognize. However, this is publicly available information in the whois database and this is what they use to trick you into paying for the service because, hey, no one likes loosing their domain name! Although the email itself says it is for SEO registration renewal, the way the email has been formatted is primarily focusing on the word “Domain” to confuse you into thinking your domain itself needs renewal rather than a service associated with your domain needing renewal.
Further more, if you look at the link in the email, you will see this:
And sure enough, it leads you to a domain “differingt…. org” (we do not want to link to the domain, hence scrambled). But it obviously tries to confuse you into believing it is genuine by including your domain name in the front of the fraudulent domain name. Once you open it up, here is what you get:
You would almost believe it to be true with such a clean payment interface! The next page leads you to enter your credit card details in the payment form. Now, here is the important part. You would think that even if you made the mistake of paying for it, that would be the end of it and you could move on. Nope! Remember, this is a fraud scheme and you just entered your your Credit Card details with your CVV number on a site they control, which means, they aren’t going to charge you $64, they are probably going to end up making hundreds of dollars worth of purchases on your card back to back faster than you could block it because that is their real intention. They have nothing to do with any SEO service or your domain name whatsoever. They just want your Card number and CVV for making fraudulent purchases.
Here are the important takeaways:
- If you ever get any emails like this, please do not reply to it or click on any of the links.
- Email our support team separately asking if the email you received is genuine or not.
- Under no circumstances should you pay for any such schemes that ask you for your money via email.
- Remember the renewal dates of your domain name as mostly they do not match.
- If for any reason, you have already fallen prey to this, please have your credit card blocked immediately.
- Update your domain whois records if you feel their is too much personalized information in it.
Share this with your friends that have domain names with other providers as well and keep them safe from these types of frauds.
We hope this post has been informational and if you do have any questions, please do not hesitate to open up a support ticket or email support or even give us a call.