Due Diligence: Subtle Email Address Changes

There are many different facets to doing due diligence when buying a domain name. I use DomainTools’ Whois history tool to verify as much information as possible before buying a domain name. I will often call the phone number listed on the Whois record, and I may even call previous phone number listings as well. I don’t think too much due diligence is possible.

One area that may tip people off to a potential issue is a subtle email address change. When I see a very subtle change in the listed email address, it sets off alarm bells in my head. For example, if a Whois email address for 10 years was FirstNameLastName@yahoo.com and it recently changed to FirstNameLastName@hotmail.com, it makes me wonder if the change was legitimate. This change could be used for social engineering or to make others think the domain name has not changed hands.

I have seen and heard of domain name thefts where the thief makes a very subtle, almost unnoticeable change to the Whois entry. Most people might miss it, and if they do miss it, they could be buying a domain name from someone who isn’t the rightful owner of said domain name. This is especially the case when the prospective buyer does not have a DomainTools account to compare the current email address to previous email addresses on file.

There are many reasons why a subtle change might be necessary and completely legitimate. For instance, if a domain owner decides to change his email provider, he or she will need to update the Whois records.

Whenever I see a change on a Whois record, especially if it was recent and the domain owner reached out to me to sell a domain name, I have my guard up. Due diligence is necessary to be sure that a domain name  sale is legitimate. Checking the email address is one facet of due diligence, and it should be done in conjunction with other due diligence.

Elliot Silver
Elliot Silver
About The Author: Elliot Silver is an Internet entrepreneur and publisher of DomainInvesting.com. Elliot is also the founder and President of Top Notch Domains, LLC, a company that has closed eight figures in deals. Please read the DomainInvesting.com Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest. Reach out to Elliot: Twitter | Facebook | LinkedIn

3 COMMENTS

  1. If in case after taking our measures still we buy a stolen domain name, from an unrightful owner and the old owner approaches us saying that the name was stolen and he needs it back. What would be our answer to this. It would be a name that is difficult to loose and the investment we made also is on the higher side. In your years have you come across something like that. If not also if in future if it happens how may you deal with it.

    • I guess it all depends on the situation (ie where you bought it, how it was paid for, when it was bought…etc. All of those things would play a major role in determining how I would handle the situation.

      If it happened to a domain name that my company bought, I would probably refer the situation to my attorney.

  2. True, when buying a domain one needs to be diligent. Although a change of address can also be used by the seller as an additional marketing tool. To explain, a big hook for domain registrars these days is to offer domain “backorders”. If you own good domains, there’s a good chance somebody placed a backorder. It’s kept confidential so you never know if someone is waiting. The backorder program usually includes sending the waiting party an update report whenever the domain’s who-is record changes. By simply changing periodically the who-is email address (like to sale@ or sale-ending@) could possibly renew their interest. Adding an extra year of registration can also push the backorder customer to not wait any longer and just buy the domain! Address changes can also be the seller shaking off spam build up.

Leave a Reply

Recent Posts

Hilco Digital Assets Announces $10m Investment in Squadhelp

1
Squadhelp has become a leading brand naming marketplace, connecting business owners and entrepreneurs with domain names listed for sales on its platform. Led by...

Questions Related to Uni —> Afternic Parking Migration

5
If you are a Uniregistry customer, you most likely received an email explaining the upcoming migration of the Uniregistry Market and parking platform to...

Some Uni-Registered New gTLDs Will be Transferred to 1API

2
I received an email from Uni (formerly Uniregistry) that I initially thought was a Whois verification email and almost ignored. It was, in fact,...

Advice and Resources for a Newbie Domain Investor

2
Someone reached out to me on Twitter seeking advice for selling domain names. In a short tweet thread, I shared a few thoughts and...

AI.com Now Forwarding to ChatGPT Website

1
Early this morning, Andy Booth tweeted about AI.com, asking if the domain name was acquired by ChatGPT. Andy presumably asked because the AI.com domain...