Report Suspicious Go Daddy Phishing Emails

GodaddyLike every other domain registrar, Go Daddy is required to send domain name owners an annual email for each domain registration per ICANN regulations. These emails ensure that the registrant’s Whois information is accurate. GoDaddy also sends customers emails for renewals and account updates.

Some nefarious individuals take advantage of this, and they spoof Go Daddy’s emails, in the hopes that a domain registrant will click one of the fraudulent links and type in their GoDaddy account and password, giving account access away to the thief. This is one way domain names are stolen from Go Daddy accounts and from other domain name registrars.

I’ve received phishing emails like this in the past, and I generally delete them without clicking on the link to avoid giving any information to these thieves and to avoid landing on a website laden with malware. Although hitting the delete button (and/or reporting the email as phishing with your email provider)  is probably the safest way to dispose of an email like this, recipients can do something that will be more helpful to GoDaddy and other customers.

If you receive what you suspect is a fraudulent email from Go Daddy, you should file an abuse report with the company. They will ask for a variety of information from the email you received. This will help the company track down the thieves and become aware of the attempt. This can also help Go Daddy get the website shut down to prevent others from falling prey to this scam.

Domain owners should know that this doesn’t only happen at Go Daddy, as other registrar accounts are also targets. If you receive a phishing or malware email that purports to be from GoDaddy, you should report it to the company.

Elliot Silver
Elliot Silver
About The Author: Elliot Silver is an Internet entrepreneur and publisher of Elliot is also the founder and President of Top Notch Domains, LLC, a company that has closed eight figures in deals. Please read the Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest. Reach out to Elliot: Twitter | Facebook | LinkedIn


  1. GoDaddy is partially responsible for these phishing emails.

    When GoDaddy sends out the annual WhoIs verification emails , the
    email contains a link you are supposed to click on which brings you to their site (or their reseller’s site) where you have to enter a “Domain Information Key” which is included in the email..

    To be fair, GoDaddy does address you by name in the email instead of a generic salutation and may include the relevant domains listed.

    But IMHO it is bad policy to have us click on any links in an email.

    GoDaddy should ask us to independently log in to our account and then there should be a link where we can enter the Domain Information Key.

    I recently emailed GoDaddy about this and they responded that they are taking it under advisement.



  2. It is best to not use any links in an e-mail. Some PayPal and Ebay emails also seek to trick owners. To be safe, bookmark or type-in the address.

    I find many phishing messages to request an owner to update their Craig’s List account. I don’t take any chances. Better to spend a few minutes being safe than to make a mistake that will cost you time and money to fix the problem.

    Thanks for sharing info.

  3. @ tricolorro

    “To be fair, GoDaddy does address you by name in the email..”

    Yeah, everytime I get one of these GoDaddy phishing emails, it starts out with “Dear User.”

    I just delete them.

  4. Delete them if you like, but be sure to take it as a reminder to check to be sure your contact info is up to date. If not, you could ultimately lose your domain names. The reminders and keeping accurate contact info are both requirements imposed on all registrars and registrants by ICANN.

  5. Watch out of this e-mail: Viktoria Ireland []. They say they want a tutor for their son, and after several e-mails they require your bank info to wire money to you (for the excuse of paying you in advance). It was send to all PhD students in my department.

  6. Other sites have a very easy way to forward a suspicious email to them. GoDaddy doesn’t so I will just delete it. What a shame.

Leave a Reply

Recent Posts

Be Mindful of TMs on AI + 3rd Party Generated Content

One semi-recent advance in relationship to domain name sales is the ability to create artificial intelligence content on landing pages. In addition to this... Announces 2023 Master of Domains

During the NamesCon conference today, announced its Master of Domains winners. The annual award celebrates "the highest grossing domain name brokers for deals...

How to Buy a Domain Name That is Owned by Someone

For a domain investor, buying a domain name is second nature. Investors hand register domain names, purchase domain names via expiry and private auctions,...

My 2023 Domain Industry PMC Jersey

For a number of years, I have created a domain industry Pan-Mass Challenge jersey to raise funds for Dana-Farber Cancer Institute. Many domain industry... Profitably Resold for 8 Figures

In March of this year, I reported on the sale of The domain name was acquired by HubSpot Co-Founder Dharmesh Shah for more...