Remember this recurring nightmare? You’re suddenly back in high school, you realize it’s finals day, and you not only haven’t studied, you haven’t even been to class all year. That’s the same kind of cold sweat IT and web managers wake up with when they imagine having failed to renew an important domain name. And that’s the fear that domain name scammers play on when they target small business owners.

For professional IT managers, long experience managing domain names tempers paranoia, but doesn’t entirely relieve it. They know by experience, for example, that even domain names set to auto renew at a registrar can fail to do so due to technical glitches, billing credit cards expire, etc.

For small business owners who are managing their own web sites, the anxiety can be greater because they may only deal with their domain name once a year or every couple of years. For those folks, recalling, the difference between a “registrar” and a “web host” is simply not top of mind. And that makes them targets for scammers who want to play on their fear of losing a domain name.

DOMAIN SLAMMING

One technique of scammers (even some fairly large and otherwise legitimate companies) is slamming. This involves sending an domain name expiration notice to an unsuspecting business owner. The business owner clicks on the link to renew the domain and goes through the process. The problem? They’ve just transferred their domain to a different company, possibly months or even years before that domain was actually set to expire, and at a higher annual cost!

MISLEADING DOMAIN MESSAGES

Another way people get taken in is by misleading email messages. These have enough real information in them to provide the company sending them plausible deniability – but you really have to read the fine print. Here’s an example that one of our clients forwarded me the other day.

Spammy Domain Name EmailThis email suggests that the recipient had already been subscribed to this service (he hadn’t), and that if the service expires, he’ll be harder to find on the Internet (sheer hogwash). The language in the footer tells the real story, although some of these statement are also questionable. It’s dubious that the recipient opted in for this email as claimed. And the “this is not a bill or invoice” language in the footer is there, in very small type, specifically because this email was designed to suggest exactly that.

For those of us who work in the industry and have spent decades dealing with domain registrars, SEO and the like, these emails may seem like obvious spam.

But for somebody who is focused on running another kind of business and hasn’t made domain name registrars an area of expertise, these emails have patina of legitimacy and urgency. This is exacerbated because the company sending the email seems to know some specific details about the domain name and the person who registered it.

HOW DID THEY GET MY INFORMATION?

When you registered your domain name you provided information to the registrar that’s published publicly. Scammers, spammers and lowlifes who don’t respect the terms of use of the ICANN WHOIS site can look up who registered a domain name and get the mailing address phone and email, as well as the expiration date of the domain name and other details about the registrar. They can then use this to email or snail mail bogus or misleading offers.

WHAT CAN I DO?

Specific to your domain name, the simplest way to avoid scams is to simply keep track of where you registered your domain and your login credentials for that registrar. If you get any kind of solicitation for domain renewal, you can skip clicking on the link and instead go directly to your registrar and login to review your domain information. If you’re domain really is expiring, you can renew it there. While you’re at it, set your domain to auto-renew. And if you want to be really bulletproof, set a reminder in your calendar to confirm that auto-renewal happened. (Usually this works fine, but if you registered your domain through a service like a web hosting company that is in turn using another registrar to do the actual registration, the auto-renew can get botched up. It may renew on the web hosting company side but not get pushed through by them to the actual registrar.)

The rule of thumb online, really as regards everything you encounter, is skepticism. Here are two very simple ways to exercise this.

  1. If you get an email that doesn’t feel right, don’t click it. If it’s your bank telling you to reset your password, call your bank directly – don’t use the contact information from the email. Taking a suspicious attitude toward email will not only prevent you from getting scammed, it’ll prevent you from picking up viruses and malware as well.
  2. Enter the language from the email into a search engine. If it’s a scam or fishing attack somebody will have likely written about it.

On the web, and frankly, in life in general, healthy skepticism is a useful trait. Caveat emptor, quia ignorare non debuit quod jus alienum emit, my friends.

 

 

Get A Free Web Health Checkup For Your Business Site

Just provide your website URL and we’ll send you a free report that shows how the web sees your site, and your brand. From reviews and ratings to website speed and mobile optimization, you’ll find plenty of great information to help improve your business’ online reputation. No commitment, no credit card required.

Send My Report