ICANN Notice Emails from Registrars

Tips on how to avoid a phishing attack or scam

Over the last week or two, I’ve received several emails from various domain registrars reminding me of ICANN’s requirement of keeping Whois information accurate. It’s important that you keep your information up to date, but it’s even more important to realize that some criminals use these mandatory emails as an opportunity for phishing attacks to steal account information.

Some of the subject lines from the emails are:

  • Action Required: Notice Regarding Your Domain Name(s) – Network Solutions
  • {MONIKER.COM} [Account xxxx] Action Required: Your Annual Whois Update Notification – Moniker
  • Important Notice Regarding Your Domain Name(s) – Go Daddy
  • Important Notice Regarding Your Domain Name(s) – Enom

If you receive an email from your domain registrar with a subject line like this, it’s probably a legitimate request, but here are a couple of ways to determine whether it’s real or not.

I think just about all registrars personalize these emails to you. They won’t say “Dear Customer” but they will say “Dear Elliot.” Please keep in mind that someone could specifically target individuals, so this is not the best indicator.

Most emails will have the names of domain names you own listed within the email. Again, this is not fail proof either because someone could do this manually and list a few of your domain names.

Finally, many registrars will list your account number within the email. This is likely the most difficult thing for a scammer to obtain since it’s more of an internal number than something someone could get elsewhere. It’s not fail proof either, as it’s possible for someone to find out this number if they’ve done business with you and had a domain name pushed from their account to yours.

Ultimately the best advice is to not click on the links in these emails. Visit the domain registrar’s website and there should generally be a link within your account or on the home page to ICANN’s update. If you keep your Whois information accurate, you should be fine.

Elliot Silver
Elliot Silver
About The Author: Elliot Silver is an Internet entrepreneur and publisher of DomainInvesting.com. Elliot is also the founder and President of Top Notch Domains, LLC, a company that has closed eight figures in deals. Please read the DomainInvesting.com Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest. Reach out to Elliot: Twitter | Facebook | LinkedIn

5 COMMENTS

  1. The way to tell if a link in an email is safe is to hover over it and see where the target of the link is (or do “view source code”).

    This should be SOP for any email with a link that you receive. Simply see where the link is going prior to clicking on the link at all.

    In generally it’s simply to easy to spoof an email to be exactly like a legit email.

    Consider even banks who send out emails with the last 4 digits of your credit card number. A phisher could simply email the same 4 digit number to 10,000 people and in addition people that would be fooled because they don’t remember the last 4 digits (or don’t care) there would be a probability that the last 4 digits would match for some people.

  2. Check subject line: not fool proof
    Personalized email: not fool proof
    Mail lists your domains: not fool proof
    Account number listed: not fool proof

    Thanks for this obviously well thought out post. You’ve made the world a safer place.

    • Thanks for the sarcasm, Fool.

      People often complain about stolen domain names… most of the time, it’s the domain owner who fell prey to a phishing “attack” like this. Maybe if people paid more attention, there would be fewer stolen domain names. But really, thanks for the well thought out comment. Your boss must not have a lot going on for you today pushing paper.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Recent Posts

Squadhelp Adds Escrow.com as a Payment Option

1
Squadhelp has added Escrow.com as a payment option for buyers. The addition of the Escrow.com option was shared by ARIYAS on X this morning: 👍...

Some Thoughts on .AI Domain Names

17
There is no question that .AI domain names have become a hot topic of late. With considerable amounts of venture funding flowing into AI...

Handoff to Dan on Imported Leads Can be Confusing

0
I've been using the lead import option at Dan.com more regularly. Although the 5% commission is not ideal, transactions tend to move more quickly...

ArtificialIntelligence.com Goes Up for Sale

11
I tried to buy the ArtificialIntelligence.com domain name multiple times over the last 10 years. The emails I sent to the registrant went unanswered,...

EU Gives More IP Protection to Food & Drink Producers

0
Did you know that some well-known food and drink varieties are protected intellectual property regulations? Popular types of drinks and foods that are protected...