Fraudulent Email Renewals

Just a quick warning about domain name renewals.

Your domain name in on the public record. These records include the domain administrator’s name, phone number and email address as well as details of the domain itself such as the expiry date.

This is normally a good thing so legitimate entities can see to whom the domain belongs and enter into correspondence for legitimate reasons (such as renewal notices). Unfortunately, there are individuals and companies out their that comb the Internet for this information and will try to make a quick dollar by deception at best, but in most cases just by fraudulent behaviour.

This means that some will offer a genuine renewal but at a price that could be as much as 20 times the normal price. Other, however will simply take you payment and disappear without renewing your domain.

So these fraudsters harvest domain name date and look for domains that approach their expiry date. They then sends an email to the owner (the admin contact) notifying them of the fact that the domain needs to be renewed. If you are too busy to look closely (and who isn’t), then be prepared to be scammed!

Below is an example of such an email… Note there is no business name, ABN or any other information on this email that would make it possible to contact the company. All you see is links that take you to a payment system where you get ripped off at best.

FRAUDULENT EMAIL

At EZiHosting we send out numerous reminders to notify you about the upcoming expiry date of your domain. However, these emails only work when your email address on file is current. When we email you, the email should look something like the below. Notice that this is the same email address as in the fraudulent email so we are not immune from attempted scams…

 

REAL EMAIL

 

 

So what can you do about these types of emails and general emails you expect could be fraudulent?

In relation to domain name management you can do several things.

  • Make sure that the admin details of your domain are up to date. This will ensure that you will get notified about expiry dates so you can act accordingly. However, you may be contacted by fraudsters.
  • Have all your domains under one roof. This will ensure that you are familiar with the correspondence so a different renewal notice will stand out as “odd” at best.
  • If you do not want to be involved in the renewal process then you can change the admin details to a third party. This third party will then be the contact and will deal with any issues surrounding your domain. You can contact us directly if you would like EZiHosting to act on your behalf.

What about general tips to detect a fraudulent emails?

  • Look for anonymity. If you can’t identify who sent you the email then raise the red flag. Return emails – business name – ABN – phone number etc…
  • Often, fraudulent emails come from outside Australia so in many cases the language used will be less than perfect English. Ie, it may look like it was translated using Google or there may be misspelled words.
  • If the email does little more that create urgency to open the attachments then think twice. For example, “Please see the outstanding account in the attachment. Failure to pay will result in legal action.”
  • If the contents of the email seems to good to be through then it probably is. There are no opportunities waiting for you in foreign countries be it love or fortune…
  • Hover over links in the email (don’t click) and the link will show in a popup box or at the bottom of your browser. Analyse the link to see if it makes sense. If you get an email from a government department then the links should go to this department.
  • Copy and paste links from your email to your browser but delete any information after the doman. For example, hover over a link, right click and copy the link and then paste it into your browser. Ie, copy http://ayursl.info/link.php?M=221065&N=6&L=1&F=H but then after pasting it into your browser delete the identifying information. http://ayursl.info/. You can then execute your browser and see what type of website you are dealing with. In the case of the above fraudulent email, you can see that the URL is going to a site designed to redirect you to another site to further provide anonymity for the fraudster.
  • Look at the URL more closely… https://ato.gov.au can be masked by a website https://ato-gov.com or something close to the real URL.
  • Never open attachments when you are not 100% sure the email is legitimate. Attachments are often loaded with trojan software that will corrupt your computer or harvest your personal details such as passwords and credit card details.
  • Be especially aware of emails that warn you about fraudulent emails! They create urgency to act now before it is too late. In your urge to be secure you will compromise your privacy.
  • Copy and paste a small section of your suspect email in your browser and type the word “scam” in front of it. Often you will find others have already detected the email as fraud.
  • Visit Scam Watch; an Australian ACCC initiative. https://www.scamwatch.gov.au and search for relevant information.

I hope this helps you stay safe. Feel free to call us at any time if you require any further information or leave your comments below…

 

 


 

Fraudulent Email Renewals - Rene NusseFraudulent Email Renewals by Rene Nusse

Leave a Reply

WordPress is the #1 website platform in the world.

For that reason it is also the most targeted platform for hackers!

Protect your site today with WordFence


Google Chrome is moving towards a more secure web