Why Domain Registrar Phishing Emails Are Bad For Us All

As I reported earlier today, there is an apparent  GoDaddy phishing attempt  making the rounds to domain registrants. I am not sure who these emails are targeting, but this issue appears to be widespread and targeting many domain investors. These types of phishing and spear phishing attempts are bad for all of us, and I will explain why.

The most obvious victims of domain registrar phishing emails are the people who click the links and expose their account information to the perpetrators. They are potentially giving thieves access to their domain registrar accounts, causing a number of issues, which includes the following:

  • Domain names can be transferred to other registrars
  • Domain names can be sold and pushed / transferred to others
  • Domain names may be canceled or have auto renew changed
  • DNS may be changed to different parking accounts
  • Websites may be taken offline or redirected
  • Hosting accounts may be altered or possibly deleted
  • Malware may be added to hosting accounts associated with domain registrar
  • Illegal bidding may occur on connected accounts
  • Thieves could register thousands of dollars in products or services to cause havoc

Not only is it bad for these people whose accounts could be at risk, but it also opens them up to future problems as well. The thieves can learn information about them based on their account records (address, phone number, domain preferences…etc). In addition, the thieves will now know that these victims may open subsequent emails as well. In the direct marketing field, there are lists of people who open emails and take action on emails because they are more valuable prospects.

It’s clear who the most obvious victims of phishing attempts are, but others may fall prey as well. People who unknowingly buy stolen domain names could also lose out. The domain owner may be able to use the court system or domain registrar processes to recover his or her stolen domain names, but a domain buyer may be out funds if the domain name is found to be stolen and taken from his or her account. It would be very difficult to track down a thief to recover monies paid for stolen domain names.

When a glut of stolen domain names get fenced, it casts a shadow of doubt on the entire domain name aftermarket. If there is a greater potential of buying a stolen domain name due to an increase in domain theft, it increases risk for all domain investors, and with more risk, the value of domain names could drop.

Domain buyers need to do Whois searches to make sure Whois records look “normal.” They should research the names and email addresses of sellers to make sure the sellers are legitimate. They should also use a tool like DomainTools History Tool to check on any recent Whois changes compared to previous entries to spot trouble.

Elliot Silver
Elliot Silver
About The Author: Elliot Silver is an Internet entrepreneur and publisher of DomainInvesting.com. Elliot is also the founder and President of Top Notch Domains, LLC, a company that has closed eight figures in deals. Please read the DomainInvesting.com Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest. Reach out to Elliot: Twitter | Facebook | LinkedIn

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Recent Posts

Atom.com Shares Non .com Sales Distribution

3
I have spent more money on non-.com domain names this year than ever before. My perspective is that startups are using them as less...

MAD Comment from NTIA About “Wholesalers”

4
Andrew Allemann wrote about the US National Telecommunications and Information Administration (NTIA) statement about the .com registry extension agreed upon with Verisign. As a...

Beware When Using AI for Domain Name Descriptions

6
Artificial Intelligence can be a time saver. For domain investors, it can make it easier and quicker to create marketing copy to help promote...

Atom.com Promoting Black Friday Sale

0
Atom.com is promoting a Black Friday sale with a prominent header banner on its home page. Atom CEO Darpan Munjal shared some insight and...

Fluid.io Becomes 2nd Largest Publicly Reported .IO Sale

5
This afternoon, Joshua Schoen reported the $199,995 sale of Fluid.io. The domain name was sold at his BIN price via Afternic, according to a...