Gladiator Research and Security - » Domain Registrar Scam

Links

Other Posts: July Microsoft Patch Tuesday; Adobe Patch Released for Reader and Acrobat Vulnerabilities

Domain Registrar Scam

Posted on July 8th, 2010 by Benjamin Harbin

Gladiator has received reports that an old email scam regarding domain registry has resurfaced, and the amount of scam-related emails sent to website owners has picked up greatly. Basically, the scammers will send a deceptive email to a user at the organization, usually the person whose name is listed as registering the website or the CEO of the organization, if this information is listed on the public-facing website. The email states that the organization’s domain registration is going to expire in Asia, and directs the organization to send money to a domain registrar in order to keep others from buying the domain space. (A perfect example of one of these scam emails can be seen by clicking here.) Most of the scam email examples that Gladiator has seen have been sourced from China or other nations in Asia. Basically, these scammers are instigating fear on the part of the unsuspecting user by suggesting that his organization may lose its domain space (.com address) unless he acts as they direct.

In order to combat this type of scam, keep in mind the following important information regarding valid domain registration protocol and interacting with the registrar:

All legitimate communication regarding the renewal of a domain name and domain space will come directly from your registrar. So if you have registered your site with Godaddy, for example, it will be the only registrar sending you valid emails regarding the current status of your domain name.
Any future domain purchases will be done through the same registrar, unless you decide to completely move to another registrar. So, for example, if you own mydomain.com and wish to purchase mydomain.net, mydomain.us, etc., this type of purchase will be done solely through your original registrar.
If you do wish to move to another registrar, the change will be handled through your current registrar. There are steps in place to make such a move, and each registrar will provide detailed instructions on how to move your domain space. This change will never be “brokered” through a third party.

If you happen to receive one of these fraudulent domain registrar emails, you may delete the email and block the sender with the preferred method. We encourage Gladiator eShield clients to forward any offending emails to Gladiator so that we can include the information on a blacklist. To protect our clients, Gladiator continues to proactively research popular email scams and spammers and keeps a global blacklist which is constantly updated.

Reference Links:

Federal Trade Commission (FTC) – (http://www.ftc.gov/bcp/edu/pubs/consumer/alerts/alt084.shtm)
ScamWatch – (http://www.scamwatch.gov.au/content/index.phtml/tag/DomainNameRenewalScams)

Reader Comments

Sorry, comments are closed.