Why Domain Registrar Phishing Emails Are Bad For Us All

As I reported earlier today, there is an apparent  GoDaddy phishing attempt  making the rounds to domain registrants. I am not sure who these emails are targeting, but this issue appears to be widespread and targeting many domain investors. These types of phishing and spear phishing attempts are bad for all of us, and I will explain why.

The most obvious victims of domain registrar phishing emails are the people who click the links and expose their account information to the perpetrators. They are potentially giving thieves access to their domain registrar accounts, causing a number of issues, which includes the following:

  • Domain names can be transferred to other registrars
  • Domain names can be sold and pushed / transferred to others
  • Domain names may be canceled or have auto renew changed
  • DNS may be changed to different parking accounts
  • Websites may be taken offline or redirected
  • Hosting accounts may be altered or possibly deleted
  • Malware may be added to hosting accounts associated with domain registrar
  • Illegal bidding may occur on connected accounts
  • Thieves could register thousands of dollars in products or services to cause havoc

Not only is it bad for these people whose accounts could be at risk, but it also opens them up to future problems as well. The thieves can learn information about them based on their account records (address, phone number, domain preferences…etc). In addition, the thieves will now know that these victims may open subsequent emails as well. In the direct marketing field, there are lists of people who open emails and take action on emails because they are more valuable prospects.

It’s clear who the most obvious victims of phishing attempts are, but others may fall prey as well. People who unknowingly buy stolen domain names could also lose out. The domain owner may be able to use the court system or domain registrar processes to recover his or her stolen domain names, but a domain buyer may be out funds if the domain name is found to be stolen and taken from his or her account. It would be very difficult to track down a thief to recover monies paid for stolen domain names.

When a glut of stolen domain names get fenced, it casts a shadow of doubt on the entire domain name aftermarket. If there is a greater potential of buying a stolen domain name due to an increase in domain theft, it increases risk for all domain investors, and with more risk, the value of domain names could drop.

Domain buyers need to do Whois searches to make sure Whois records look “normal.” They should research the names and email addresses of sellers to make sure the sellers are legitimate. They should also use a tool like DomainTools History Tool to check on any recent Whois changes compared to previous entries to spot trouble.

Elliot Silver
Elliot Silver
About The Author: Elliot Silver is an Internet entrepreneur and publisher of DomainInvesting.com. Elliot is also the founder and President of Top Notch Domains, LLC, a company that has closed eight figures in deals. Please read the DomainInvesting.com Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest. Reach out to Elliot: Twitter | Facebook | LinkedIn

Leave a Reply

Recent Posts

Fox.org UDRP Decision is Upsetting

Last night, I saw that WIPO had posted an update regarding the Fox.org UDRP. Fox.org is a domain name registered in 1996, and I...

CEO of NFT.com Shares Domain Name Acquisition Learnings

Jordan Fried is the owner of some exceptional domain names. A few of the domain names he owns include NFT.com, PuertoRico.com, and Fried.com. This...

Taking a Blog Break

I have been writing articles on my blog since 2007. I have been fortunate to have the advertising support of many domain industry companies...

Some Thoughts About 2023

As the year winds down, I have been thinking about what to expect for the upcoming year. I am hopeful that it will be...

How I Am Preparing for the New Year

Less than a week remains in 2022. This is generally a quiet week in terms of domain name sales, so I tend to spend...