Web Design & Development
Affordable, Professional, No-nonsense!

Tel: 0151 604 0495

Aug 21, 2018

Domain Renewal Scam Emails - WTF?

worried man reading his emails

This morning I received a seedy underhanded attempt to deceive in my email. It is a supposed domain renewal notification and includes links to a Website for making a 'secure online payment'. It is of course a scam.

On the face of it, the email itself looks quite official, it has scary looking underlined expiration notices and a warning that failure to 'renew' will make it difficult for customers to find you on the Web. It also contains genuine contact information which in case you didn't know, was publicly available by carrying out a simple 'whois' search right up until the revision of GDPR in May 2018. Add to this the fact that the domain is indeed due for renewal and it is easy to see how the unwary could easily be fooled.

Thankfully, I don't see as many of these emails as I used to which probably means people have wised up to this type of trickery now, but they are still about so please be aware.

Screenshot of scam email


How Can You Spot A Scam Email?

But if you do find something similar in your own inbox how can you tell if it is genuine or a scam?

Using a decent email client these types of mail are, in most cases, filtered straight into the spam folder with a notification like below:

Screenshot of spam filter in action


Spam Filters Not Foolproof

I use GMail and find it is pretty good at filtering messages like these but it is not foolproof and some might slip through the net and end up in the inbox. So one thing to look for is the sender's email address. In the crap I received it is from admin@jhohrea-faso.info (aka slimy lowlife) which is quite obviously not a genuine domain registrar's contact.

Now it is vital that you DO NOT CLICK ON ANY LINKS WITHIN A SCAM EMAIL as that could open up a whole can of very nasty worms. But for the purpose of explanation and under strict 'laboratory conditions' I decided to take a closer look at the domain itself. It turns out that jhohrea-faso.info leads to a dodgy looking login page, which despite the anchor text of the link saying "Secure Online Payment", is not encrypted and not secure.

Screenshot of dodgy login screen



Anyway, if you receive an email advising of a domain renewal and it is not from a company you recognise, or it looks like the one above, it is a scam and can be safely ignored.

Always remember that official domain renewal notices will come from the company you either registered the domain with or the company you have transferred it to. If in doubt, give me a shout.

Share This Article

About The Author

Tony Williams

Tony Williams is the founder of TDL Web Developments and specialises in creating effective and affordable Web solutions for local businesses in Wirral.

Follow on Twitter @tdlwebs

Join The Discussion