The PhishingBox team has recently noticed a surge in phishing scams related to renewing domain names, web/email hosting, etc., and we want to give some insights on ways to identify the scam and protect yourself from falling victim.
The Domain Name Renewal Scam: What is it?
If you own a website or group of domain names, then you need to be aware of a new phishing scam out there, the ‘Domain Name Renewal Scam.’ The goal of this scam is to trick people into involuntarily switching domain registration companies and/or to steal sensitive payment information from consumers
This scam is particularly effective because it specifically cites your domain name and tries to pressure you into renewing your domain name as it “expires soon”. You think about it for a minute, and realize that your domain is, in fact, expiring soon and on the exact day they referenced.
Your first impulse may be to panic and simply pay the balance, but, little do you know, this is a scam. The scammers likely found your contact information and domain registration details on a website such as Whois.
Version 1 – The Phone ‘Domain Name Renewal Scam’
We recently spoke with a customer who experienced multiple phone calls about the expiration of their domain name. The scammer pressures the customer by stating that their domain name has expired and that this is a “last chance” to save the domain before it’s registered by someone else. Naturally, the scammer says the customer must pay immediately to renew the domain. As it turns out, the domain name was automatically renewed one day earlier and was never in jeopardy of being lost.
The immediacy of payment should be the first red flag you notice. The caller was from a local number, but sounded foreign, which could also be a flag.
Version 2 – The Email (Mail) ‘Domain Renewal Scam’
There is a variation of the Phone Domain Renewal Scam where unsuspecting victims will receive an invoice in the mail, or via email, that also pressures consumers to renew their expiring domains. These documents will look official, have your correct contact and domain information, and convenient payment methods.
Again, your first instinct may be to panic and pay the fee, but upon deeper inspection, you will see that this invoice comes from a completely different domain registrar company. The danger of paying this renewal fee and completing their small form is that you’re actually consenting to transfer your domain name to this shady imposter, paying them money, and giving up payment details. This oversight could prove to be a costly headache.
Domain Name Renewal Scam: How Can I Catch and Avoid Falling for this Scam?
Here are some tips on ways to avoid falling for these phishing scams:
You should always read the fine print and research before paying for anything that seems out of the ordinary. Professional phishers have become incredibly sophisticated in infiltrating any type of mail.
Make sure you know the name of your domain registrar and only renew your domain name through the official registrar’s website.
Avoid being pressured into paying for anything ‘immediately’, especially over the phone.
Trust your instincts. If something feels off, take the time to research and verify its legitimacy.
Always avoid responding to anything from the Domain Registry of America. This is a fake company.
Domain Name Renewal Scam: How to Report It?
You can make the people around you aware of this Domain Name Renewal Scam by sharing this post on your company’s social media channels. Please use the social media below to share this post.
You can report this scam to the Federal Trade Commission by using the link below:
Running simulated phishing tests will determine your employees' susceptibility to social engineering and phishing scams. Train your employees and help them identify spear phishing and ransomware attacks.