New GoDaddy Phishing Email: “Immediate Verification Required”

I want to share another GoDaddy account phishing email that is playing on the ICANN verification requirements to get people to open the email and possibly click a link to a phishing website. One giveaway is the link to a non-GoDaddy owned website that tries to give people the impression it is associated with the company. The email subject is “Immediate Verification Required” and it may have one of your domain names listed as well.

I won’t mention the website used to avoid giving it publicity, but if you click any links (or paste links into a browser), make sure the website is the one you intend to visit. In addition, the GoDaddy email should have your name or registrant name, and any email requiring action should have a corresponding notification in your account to confirm that it is an outstanding issue.

If you ever have a question about whether or not a domain name is a phishing email, or if you know it is, you can report a phishing email to GoDaddy very easily and they can confirm.

Here is the content of the email:

As of Dec 1, 2014, the Internet Corporation for Assigned Names and Numbers (ICANN) has mandated that all ICANN accredited registrars begin verifying the WHOIS contact information for all new domain registrations and Registrant contact modifications.

You have registered one or more domains from Godaddy Inc. and verification of the Registrant email address is required for these domain name(s) to remain active. Please click the link below to verify the email address. You have until 01/01/2015 to verify this email address. After this date, the domain name(s) will be suspended until the email address is verified. please cut-and-paste the following URL into an open web browser to complete the verification process:

[link redacted]

Once you click the link, your email address will be instantly verified and there is nothing further for you to do on the following domains:


GoDaddy, Inc.

Elliot Silver
Elliot Silver
About The Author: Elliot Silver is an Internet entrepreneur and publisher of Elliot is also the founder and President of Top Notch Domains, LLC, a company that has closed eight figures in deals. Please read the Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest. Reach out to Elliot: Twitter | Facebook | LinkedIn


  1. Hi Elliot,

    I got similar mails two days back on my premium domains. And I accidentally clicked the link. The very next moment, I realized it was a phishing mail and went ahead and changed my GD password and PIN.

    And lo, the next day there was a similar mail with the same domain, asking me to click again. This time I have reported to Gmail and GoDaddy.

    Its easy to overlook these if you are not diligent.I recommend all those who have indeed clicked the link like me, to change your GD password and PIN.

    Thanks Elliot for sharing this. Stay safe.

    – Amaresh

  2. Hello Elliot,

    My name is Alex Kogan and I am the owner of

    Unfortunately I was the unlucky one who had an account at and on December 1, I also clicked through this email, after entering my user name and password, I realized there maybe an issue with it, and changed my password right away. Somehow two hours later after I logged into my account all my domain names were gone.

    Needless to say I have had a difficult last two couple of days, spending a lot of time on the phone with customer service from, but I realize there isn’t much they are going to do, so I am hoping someone can give me a pointer on what do I do next.

    Here is a list of stolen domain names. They are all now registered at eName in China. Needless to say, please do not purchase them, if they come up for sale.


    Elliot, if you can please give me suggestions on what would be my next step, I would really appreciate. Of course, I filed godaddy form, but I do not realistically believe this will lead to anything positive. I also filed the form, but once again I am sure it will not lead to positive results.

    The most expensive domain names on this list are and and I would be extremely happy if they two would come back to my account.

    Thank you,
    Alex Kogan

    • Hey Alex,

      Sad to hear about your loss. But, strangely, when I clicked the links, it did not ask me to login in to GoDaddy. It just redirected to the home page. Then impulsively I checked the actual domain on the link and found that it was registered this year from someone in China. That’s when I realized it was a phishing attempt and changed the password.

      I would say in addition to what you have done, bring the matter on the Domain forums and contact other major Domain Blogs.

      Hope you recover your stolen domains soon.


    • As a follow up – I think the main issue here is – simply allows you to transfer out instantly without waiting 5 business days as most other registrars do.
      If they would at least wait 24 hours this would never have happened, as I noticed the issue within 2 hours, but it was too late. While I take full responsibility of clicking through an email link which looked exactly like GoDaddy website, I think a better security system at GoDaddy would solve the issue.
      Also, one cannot reach out to their security department for some reason. I have talked numerous times on Monday night and Tuesday to their tech support, but at no time I was able to reach their security stuff, and by the time they got back to me (12 hours later) the domain names have been transferred away from GoDaddy. If anyone knows the number for GoDaddy security department, it would be great?

      I assume originally they were simply pushed away to a different account at and then transferred away from there. In either case, a little 24 hour protection/hold when the registrars are changing would be great,

      Thank you everyone who replied. I really appreciate your help in this matter and hope to find solution soon.

      Alex Kogan

  3. Likewise, almost fell for it as well but in the end still hesitated, thankfully..

    As this seems to have gotten overhand it would make sense to establish a warning platform (be it a specific website or whatever in the sense of HallofShame etc.) for us domainers enabling us to inform all others of the latest phishing attempts/mails circulating around and to have a trusted source to always visit quickly before trusting any future GoDaddy/Namecheap/other registrar mails..

    Anyone up for this project/task?

  4. Here is the thing, most domainers have some level of guard, the average mom and pops whose business relies on their single, or small portfolio of domains need to be protected.

    Godaddy you have a whole campus of smart minds there, put them together, and come out with a better mousetrap. This is really a joke, these guys can create domains in a minute, send thousands of emails, and rinse, and repeat again, and again.

    You need to protect your clients, with a better verification system, ICANN WAKE THE F UP!

Leave a Reply

Recent Posts

2024 ICA Member Meeting in Las Vegas

The Internet Commerce Association, an organization that advocates on behalf of domain investors and industry service providers, announced it would be hosting its 2024...

Be Mindful of TMs on AI + 3rd Party Generated Content

One semi-recent advance in relationship to domain name sales is the ability to create artificial intelligence content on landing pages. In addition to this... Announces 2023 Master of Domains

During the NamesCon conference today, announced its Master of Domains winners. The annual award celebrates "the highest grossing domain name brokers for deals...

How to Buy a Domain Name That is Owned by Someone

For a domain investor, buying a domain name is second nature. Investors hand register domain names, purchase domain names via expiry and private auctions,...

My 2023 Domain Industry PMC Jersey

For a number of years, I have created a domain industry Pan-Mass Challenge jersey to raise funds for Dana-Farber Cancer Institute. Many domain industry...