Spot the tricks and stop domain name scams
We wrote about a typical domain name scam a couple of weeks ago. Since then, a couple of people in the office have been targeted, so we thought we’d revisit the subject in a bit more detail.
Generally, domain scams are tricks to get you to part with money, your domain, or even both. At the very least, they are a headache.
But if you rely on your website for business, they can be much more than that: if you lose control of your domain, the impact of having to change your site’s address can cost you money. Because of this, it’s worth learning how to spot the scams. Here are the three most common.
The urgent letter in the post
This ploy uses an official-looking letter to coerce you into transferring your domain to a different registration company.
- How does it work?
You receive a letter through the mail (they use the post because it seems more official) informing you that your domain name is due to expire. These letters often have titles like ‘Domain name expiration notice’, and encourage you to renew your domain.
The notice creates a sense of urgency, often by warning that ‘failure to renew your domain name by the expiration date will result in a loss of your online identity’. However, if you reply, you would not only be renewing your domain - you’d also be transferring it away from your current registrar.
- How do I avoid it?
Make sure you know how your existing registration company contacts you. For instance, at 123-reg, we don’t send out letters - so you can be sure that a notice like this didn’t come from us.
You can also familiarise yourself with the way your registration company handles renewals. At 123-reg, everything is done via your online control panel. So if you receive a communication instructing you to renew in a different way then it’s almost certainly some sort of scam.
The pressurised cold call
With this you, you’ll get the hard-sell down the phone.
- How does it work?
The scammers get hold of your phone number - usually from your business’s website or another publicly-available source (like the phone book or something). Then they call you up. Their pitch is normally along these lines:
“Hello, I’m calling from such-and-such company. A client of ours has asked us to register [insert some domain names very similar to yours] on their behalf. I have them on the other line and they are all ready to pay, but I needed to do a check to make sure they’re allowed to register them. If you want to register them instead, I can put that through for you now - it will cost [insert extortionate amount].”
- How do I avoid it?
This sort of scam tends to increase when new domain extensions - like .eu or .asia - are released. The best course of action is to politely decline (or just slam the phone down - it’s up to you). The ‘client’ is just a ploy to force your hand.
Again, find out if your registration company would ever contact you in this way. At 123-reg we might email you to let you know a new domain extension has become available, but we wouldn’t call.
The phishing scam
It’s just like those emails asking you for your bank details and PIN.
- How does it work?
This is rather like the postal scam above, but the messages are sent via email and not in the post. This lets the scammers target more people - they can send out millions of emails automatically, at a very low cost.
The less malicious versions simply say that your domain is soon to expire and encourage you to ‘renew’ it. Or they can be more sinister: they may pose as a message from your existing registration company in an attempt to fool you in to entering your account details.
- How do I avoid it?
If you’re in any doubt about the origin of an email, don’t click any links and don’t enter any information. If you’re not sure if a particular email was sent by your registration company then contact them to check.
And if - as with 123-reg - you need to log in to a control panel to administer your domains, do this by typing the address into your web browser rather than following a link in an email.
Other ways to combat the scammers
There are a couple of other things you can do to make life difficult for the domain name crooks out there. We covered these last time, but to reiterate:
- Hide your details. With some domains, (like .co.uk), you can opt to remove your personal details from the WHOIS database. Take advantage of this. If the scammers can’t see your details, they can’t contact you. You can find out how to do this on the 123-reg support site (scroll down to the Whois opt out heading).
- Keep your domain locked. A locked domain can’t be transferred. If your domain is registered with 123-reg, you can lock and unlock it from within your 123-reg control panel.
Finally: use your commonsense. If you think a letter, email or telephone call might not be what it appears, then don’t take any action.
Check when your domain is actually due to expire, and be wary of any communications that aren’t from the company you registered it with. A quick search on Google can often confirm your suspicions - and you can always get in touch with your registration company directly.
Have you ever been stung by a scam? Leave a comment and let us know.
On March 10th, 2008 at 4:37 pm
I think the last point about checking on a search engine issue is always your best bet. The domain community is so active and vocal you can bet your house that blogs and forums will have news about any scam almost instantly.
On March 11th, 2008 at 6:24 am
There are different types of scams out there. Im currently unsure about my current circumstances with someone buying a domain that I used to own. Ak-images.co.uk, and they are now pointing at my old web space. Now although this would appear to be beneficial to me, as I can re-generate that site, I can’t control what that domain is pointing to, so I can’t send and establish that link. Im unsure whether there is any malicious intent involved, and even more unsure about what I can do.
On March 12th, 2008 at 6:30 pm
Hi Alikhan,
Thanks for the comment. Unfortunately, if your domain expires and somebody else registers it, there isn’t a whole lot you can do. They become the new owner of that domain.
If the domain was very important to you then you could try and buy it back from the new owner (assuming you can find a way of contacting them), but be prepared to pay well over the odds. Or if the domain contained your trademark you might have some claim to it.
Generally, once your registration has lapsed, a domain is fair game for anyone else who wants to buy it.
It seems a little odd that they’ve chosen to point the domain back at your website. Perhaps they’re trying to attract your attention with a view to selling you the domain.
On March 20th, 2008 at 4:00 pm
Yeh, Alikhan, your nutts, what you should do is to register a new domain name and set up a forwarder to the new domain.
I have over 100 domains registered and get a load of scam garbage of all types.
Once someone from china emailed me and tried to do the exact same as mentioned above about having a client wanting to register my domain name in china (cn), so what I did was quickly register it with my existing registrar within minutes of reciept of the email.
I emailed him back to say that thanks for your information, I have just registered it with another registrar.
I got an angry email back … LOL
So not all scam emails are a waste of time
On March 26th, 2008 at 8:19 pm
I thought that pointing multiple domain names to the same site would result in penalties with engine searches. I had experienece of this with a a couple of previous domains, I allowed one to expire because is waht no longer used, it was then bought up and they pointed it to my existing site, Google for sure didn’t like this and penalised my rakning.
On March 28th, 2008 at 10:16 am
Yeah it does. If Google sees multiple domains pointing to one site it thinks you are trying to spam its directory and gain extra listings. To prevent getting penalised set up a 301 re-direct on the domains you want to diretc traffic from to the main domain name, this way the Google robots understand the relationship. You can read more about this here http://en.wikipedia.org/wiki/URL_redirection
On March 28th, 2008 at 3:33 pm
Just got one of those letters addressed to my son who is currently out of the country. I knew it was a scam so just binned it, the domain renewal isn’t due until about August.
My brother phoned me a couple of years ago because he’d just had a phone call from some woman who was warning him that someone was wanting to register his company name, but she could help him out. He asked if he could phone her back and called me. I told him it was a scam so he called trading standards. The trading standards guy said they knew it went on but could never catch anyone. “No problem”, said my brother, “Here’s their phone number!!”
On March 31st, 2008 at 12:41 pm
I have the site http://www.internetshopuk.com for about 6 years now. in January of this year we had a company with a simlar name claiming that we were passing our company off as theres to benifit from there traffic.
This company was having a laugh as i did an internet search and found they had about 20 pages indexed and we had thousands, so how we could be benifiting from them is a joke. They originally asked for the domain name and then asked for a fee to use it it. Well at that stage we got our solitors involved along with having a check with the guys at the patent office and it came to light that they did not have a leg to stand on. No trade mark! only registered there domain in the last year! not even in the same line of business as us! the list goes on. the point i am making is that this company soon ran with there tails between there legs when we got our solicitors to contact them and were obviously trying it on. How many companies which don’t have solicitors or are small and think i do not want to get in trouble would just hand over there domain name no questions asked?
The bottom line is if anyone ever contacts you for your domain our money regarding your domain they are doing it for one of two reasons.
1. They think your domain as value which you have worked hard for and they now want to reap the benifits.
2 Or they simply want to extort money from you.
Either way never give your domain or any money to anyone other than your domain company and the safest way is to ignor links in emails and do it direct on the site. as for trade mark issues or claims to the domian name, never hand it over unless you have checked there claims and taken legal advise