Due Diligence: Subtle Email Address Changes

There are many different facets to doing due diligence when buying a domain name. I use DomainTools’ Whois history tool to verify as much information as possible before buying a domain name. I will often call the phone number listed on the Whois record, and I may even call previous phone number listings as well. I don’t think too much due diligence is possible.

One area that may tip people off to a potential issue is a subtle email address change. When I see a very subtle change in the listed email address, it sets off alarm bells in my head. For example, if a Whois email address for 10 years was FirstNameLastName@yahoo.com and it recently changed to FirstNameLastName@hotmail.com, it makes me wonder if the change was legitimate. This change could be used for social engineering or to make others think the domain name has not changed hands.

I have seen and heard of domain name thefts where the thief makes a very subtle, almost unnoticeable change to the Whois entry. Most people might miss it, and if they do miss it, they could be buying a domain name from someone who isn’t the rightful owner of said domain name. This is especially the case when the prospective buyer does not have a DomainTools account to compare the current email address to previous email addresses on file.

There are many reasons why a subtle change might be necessary and completely legitimate. For instance, if a domain owner decides to change his email provider, he or she will need to update the Whois records.

Whenever I see a change on a Whois record, especially if it was recent and the domain owner reached out to me to sell a domain name, I have my guard up. Due diligence is necessary to be sure that a domain name  sale is legitimate. Checking the email address is one facet of due diligence, and it should be done in conjunction with other due diligence.

Elliot Silver
Elliot Silver
About The Author: Elliot Silver is an Internet entrepreneur and publisher of DomainInvesting.com. Elliot is also the founder and President of Top Notch Domains, LLC, a company that has closed eight figures in deals. Please read the DomainInvesting.com Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest. Reach out to Elliot: Twitter | Facebook | LinkedIn


  1. If in case after taking our measures still we buy a stolen domain name, from an unrightful owner and the old owner approaches us saying that the name was stolen and he needs it back. What would be our answer to this. It would be a name that is difficult to loose and the investment we made also is on the higher side. In your years have you come across something like that. If not also if in future if it happens how may you deal with it.

    • I guess it all depends on the situation (ie where you bought it, how it was paid for, when it was bought…etc. All of those things would play a major role in determining how I would handle the situation.

      If it happened to a domain name that my company bought, I would probably refer the situation to my attorney.

  2. True, when buying a domain one needs to be diligent. Although a change of address can also be used by the seller as an additional marketing tool. To explain, a big hook for domain registrars these days is to offer domain “backorders”. If you own good domains, there’s a good chance somebody placed a backorder. It’s kept confidential so you never know if someone is waiting. The backorder program usually includes sending the waiting party an update report whenever the domain’s who-is record changes. By simply changing periodically the who-is email address (like to sale@ or sale-ending@) could possibly renew their interest. Adding an extra year of registration can also push the backorder customer to not wait any longer and just buy the domain! Address changes can also be the seller shaking off spam build up.


Please enter your comment!
Please enter your name here

Recent Posts

Poll: Are You Going to ICANN 79?

The ICANN 79 Community Forum Meeting is coming up in a couple of weeks. The meeting will be held in Puerto Rico from March...

Domain Broker’s Ad Campaign Highlighted by X Business with a Repost from Elon Musk

When looking at domain investor Twitter, I've noticed a few promoted/advertising tweets mentioning Rob Schutz and/or Snagged.com. I recently wrote about Rob and his...

NameJet Announces Platform Enhancements

Last Summer, NameJet made some "big changes" to its platform. In essence, NameJet appears to have become a clone of Snapnames, its sister auction...

Rationale Behind CoFounders.com Acquisition

It's not often that we hear from the founders of a company to discuss why they spent what they did to acquire a specific...

.Bet Domain Name Acquired for 5 Figures, Reportedly Resold for $600k

According to a tweet from Identity Digital (formerly Donuts), the Bet.bet domain name reportedly sold for $600,000. I have not verified or researched the...