While you’re excited about becoming a proud website owner, these fraudsters are planning fishing scams on you. These phishing attempts are inevitable as your website’s ownership information is publicly available on the WHOIS database. Read on and see for yourself the modus-operandi of these scams targeting website owners and how to tackle them.

If you have already purchased a domain name, you already know what the WHOIS information is. WHOIS is a publicly available record on the internet that identifies who owns a domain and how to get in contact with them. It’s that information you provide to the domain-registrar while purchasing a domain. While the registrars give you an option to keep your contact info masked, that often comes with an additional fee which may not be acceptable for you.

Fraudsters and scammers (via automated scripts) continuously keep scraping the public WHOIS records and populating the database of their next victims. The scams range from phishing and theft of credit card information to hacking web hosting accounts, stealing domains to annoying unwanted email spamming.

Here’re samples of scams to be aware of:

  • Credit Card Fraud: The emails seem to have come from your hosting provider asking about “renewal notice“, or “final notice” that makes you scared enough. It can also come from an entirely different company with a subject line something like this: “Domain Notification: This is your Final Notice of Domain Listing“.

    They expect you get scared, quickly click on any link within the document and update your credit card info for payment. Easy, huh?

  • Hacking Your Web Hosting Account: These emails usually talk about unpaid invoices or some other technical issue with your account. And they usually contain a link that looks like a real support ticket on your hosting provider.

    What you’d fail to notice is the link’s destination is not the same as what it claims to be. Once you land on the fake page and try the login credentials for your hosting account, you’re robbed! Malicious scripts are usually immediately uploaded to your server to work as a back-door entry for the hackers should they need it in future for email-spamming or otherwise.

    To stay-safe, always copy the destination URL by right-clicking and then paste that in your browser. If that’s not an option, make sure you verify the domain name in your browser address-bar after you click the link.

  • Chinese domain registrar scam: You receive an email saying another company owns the trademark of the domain name you’re using. And the email would also ask you to respond if you want to claim your domain (and the scammers will attempt to make you purchase more domains with same name but different Chinese extensions such as .cn, .tw, .com.cn, .com.hk etc.)

What’s exposed here is the tip of the iceberg. We’ll cover these scams in separate articles.

The key to scammers’ success if THREAT. If an email makes you feel scared / threatened; it’s most probably one that should be investigated BEFORE you click on any links in there.

An email can very easily spoof the FROM address. I.e. I can easily send you an email that will looks like it’s sent from Barack Obama.
REMEMBER: Always keep your WHOIS email ID different from the one you use in transactions and account-credentials. And scrutinize every email you receive on that address listed in WHOIS.

The con-artists are working hard days and nights for money and they take time to prepare individual/personal responses, cater for each of their victims. What you learnt from this guide will definitely go a long way encountering that unexpected email seemingly from your domain/hosting provider. Drop in a comment if you need assistance or to share your detective story that may help others from falling into the trap.