Gizmodo did a solid job of covering a scam that seems to target Netflix account holders. If you haven’t read the article and seen the videos, I urge you to do so. Although this scam is targeting Netflix customers, I could see the potential to target domain registrants as well.
If someone is able to get access to your domain registrar account password and log in name or account number, stealing your domain names could be fairly easy for them. Obviously the key is to not let that happen, and falling for a scam like the one covered by Gizmodo could do jus that.
Here are a few tips to avoid falling for a phishing attempt:
- Don’t click links in emails
- Use 2 factor authentication at your registrar if possible
- Directly navigate to your registrar
- If you need to call your registrar, find the support number on their website
- If you suspect a phishing email, report it to your registrar and email host
- Mark phishing emails as spam / junk
Most of these tips are along the lines of common sense, but there are people who fall prey to this on a regular basis. Sometimes this involves high value domain names that end up on the aftermarket where an unsuspecting domain investor may pick it up, but oftentimes, it involves domain names that are owned by people who have been using them for their business. Whatever the case may be, domain theft is a major issue and phishing is a major culprit for domain theft.
Domain registrants also need to understand that there are phishing attempts called “spearphishing” which can target individual people. Someone could easily reference your name or a domain name you own in a phishing attempt that is highly targeted. This may make an email look more legitimate, and that is what makes it trickier to catch. Regardless of the emails you receive, make sure you don’t fall for a phishing attempt.