Due Diligence: Look at Whois History on Registrant Email Domain Name

Performing due diligence is a critical task before buying a domain name in the aftermarket – both private acquisitions and even on auction purchases. With GDPR in force, doing the necessary due diligence is more difficult, and as time goes by, it will become even more challenging. One area of due diligence that should not be overlooked is related to the registrant’s email address.

One (devious) way people have been known to take possession of a valuable domain name is to gain control of another domain that is used for the Whois information. For example, let’s say the Whois email address for DomainInvesting.com is Elliot@ExampleDomainName.Global. If ExampleDomainName.Global expires, someone else could register it. Depending on the account settings, they could set up the Elliot@ email account and do a registrar password reset for the Elliot@ExampleDomainName.Global email address. Assuming that is the public and private email address on file, they could then change the registrar password and theoretically gain control of the domain names in that account.

I have seen this play out numerous times over the years. The person who controls the domain name related to the Whois email address may be able to take possession of the registrar account via password resets. As far as I am aware, this would not allow them to get legal possession of the domain names, but with control of the registrar account, they could go about selling domain names within the account. Unless the real registrant notices quickly, the domain names could be sold to someone else.

When doing due diligence, I like to do a Whois history search on the domain name in the registrant email address. Obviously this would not be necessary with a free service like Gmail or Hotmail, but I like to double check to ensure it doesn’t look like the domain name associated with the registrant email had recently changed hands or was just registered.

If I notice something funky, I will ask more questions of the seller and possibly use the older contact information to connect with the former registrant on the phone or through an older email address.

Taking control of a Whois email address is one tricky way to get possession of a domain name, and performing due diligence on the associated domain name is just another step to take when buying a domain name.

Elliot Silver
Elliot Silver
About The Author: Elliot Silver is an Internet entrepreneur and publisher of DomainInvesting.com. Elliot is also the founder and President of Top Notch Domains, LLC, a company that has closed eight figures in deals. Please read the DomainInvesting.com Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest. Reach out to Elliot: Twitter | Facebook | LinkedIn


Leave a Reply

Recent Posts

Escrow.com Announces 2023 Master of Domains

During the NamesCon conference today, Escrow.com announced its Master of Domains winners. The annual award celebrates "the highest grossing domain name brokers for deals...

How to Buy a Domain Name That is Owned by Someone

For a domain investor, buying a domain name is second nature. Investors hand register domain names, purchase domain names via expiry and private auctions,...

My 2023 Domain Industry PMC Jersey

For a number of years, I have created a domain industry Pan-Mass Challenge jersey to raise funds for Dana-Farber Cancer Institute. Many domain industry...

Chat.com Profitably Resold for 8 Figures

In March of this year, I reported on the sale of Chat.com. The domain name was acquired by HubSpot Co-Founder Dharmesh Shah for more...

First Look at my 2023 Domain Industry PMC Jersey

This August, I will be riding in my 10th Pan-Mass Challenge ride to raise funds for Dana-Farber Cancer Institute. I will be riding...