Domain Renewal Scam Emails – WTF?

by | Scam Alerts

This morning I received a seedy underhanded attempt to deceive me with a domain renewal scam in my email. It is a supposed domain renewal notification and includes links to a Website for making a ‘secure online payment’. It is of course a scam.

On the face of it, the email itself looks quite official, it has scary looking underlined expiration notices and a warning that failure to ‘renew’ will make it difficult for customers to find you on the Web. It also contains genuine contact information which in case you didn’t know, was publicly available by carrying out a simple ‘whois’ search right up until the revision of GDPR in May 2018. Add to this the fact that the domain is indeed due for renewal and it is easy to see how the unwary could easily be fooled.

Thankfully, I don’t see as many of these emails as I used to which probably means people have wised up to this type of trickery now, but they are still about so please be aware and don’t fall for these domain renewal scams.

Screenshot of domain renewal scam email

A screenshot of the domain renewal scam email that I received.

How Can You Spot A Domain Renewal Scam Email?

But if you do find something similar in your own inbox how can you tell if it is genuine or a scam?

Using a decent email client these types of mail are, in most cases, filtered straight into the spam folder with a notification like below:

Screenshot of spam filter in action

Spam Filters Not Foolproof

I use GMail and find it is pretty good at filtering messages like these but it is not foolproof and some might slip through the net and end up in the inbox. So one thing to look for is the sender’s email address. In the crap I received it is from admin@jhohrea-faso.info (aka slimy lowlife) which is quite obviously not a genuine domain registrar’s contact.

Now it is vital that you DO NOT CLICK ON ANY LINKS WITHIN A SCAM EMAIL as that could open up a whole can of very nasty worms. But for the purpose of explanation and under strict ‘laboratory conditions’ I decided to take a closer look at the domain itself. It turns out that jhohrea-faso.info leads to a dodgy looking login page, which despite the anchor text of the link saying “Secure Online Payment”, is not encrypted and not secure.

Screenshot of dodgy login screen

Conclusion

Anyway, if you receive an email advising of an urgent or pending domain renewal and it is not from a company you recognise, or it looks like the one above, it is definitely a domain renewal scam and can be safely ignored.

Always remember that official domain renewal notices will come from the company you either registered the domain with or the company you have transferred it to. If in doubt, give me a shout!



Tony Williams

Tony Williams

Tony Williams is the founder of TDL Webs and specialises in creating effective and affordable Web solutions for local businesses.

He is the author of The Magic In A Freelance Web Design Business and has been published in WebUser and Net magazine in the UK.

Related Posts

Scam Alert! – Mail Account Will Expire

Scam Alert! – Mail Account Will Expire

Today I received yet another attempt to get me to click on a button leading to a phishing scam. On the face of it the email looks very realistic so I thought I would put out another 'scam alert'. Here's a screenshot, see what you think: Some of the details to note: It...

read more
Password Tips & Tricks

Password Tips & Tricks

Do you know if your email account is sending spam? I am amazed at just how often I find that my email spam filter has caught junk emails sent from the accounts of people I know. I’m pretty sure that my friends aren’t interested in selling me dodgy pyramid schemes,...

read more

Share This

Share this post with your friends!