A Domain Renewal Letter Scam
Today’s question is about suspicious letter about an expiring domain received from iDNS Canada.
Question: “We received this letter in the mail about one of our domains, but I thought you had our two domains bundled for us. Do we need to do anything? Here is a scan of the letter.”
Answer: These letters are tricky. They are a kind of like a paper based version of phishing. Here’s how they work.
Domain expiration dates are very easy to find online, as is the contact information for a domain owner. iDNS finds domain expiration dates and sends out letters to the domain owners like you prompting you to switch your domain to iDNS.
Seems harmless enough – after all- most domain registrars offer very similar services. The catch is that iDNS prices are 4x or more higher than the average domain name registration fee. Your average domain renewal is between $9-18 dollars. This letter shows a fee of $40 for 1 year, but in recent years we’ve received letters from iDNS with listed prices of $140 per domain, for a single year!
This scam works well because most website owners don’t know or remember who their domain is registered with.
When people receive this legitimate looking letter, they are often fooled into thinking they must complete the form in order to keep their domain and website going. By completing this form and paying the very high fee, you would be transferring your domain to iDNS.
What you may not realize is that your current domain registrar will likely auto renew your domain, if you selected that option at the time of domain purchase (and most people and web developers do so when first setting up a website). If auto renew is not turned on, your domain registrar will email you regarding renewal at the email address you provided when registering your domain. If ever in doubt, simply call your web developer or domain registrar.
We advise that you always make and keep a note of who you register your domain with, as well as your user name and password for your domain registrar account, and keep it in a safe file. Then, if you receive suspicious domain renewal letters or emails from anyone other than your current domain registrar, simply don’t respond. In this case, we advised shredding this letter.
Do you know someone who was fooled by a similar letter? Did they later try to switch back to their regular provider and encounter problems? We’d love to hear about it. Tell us in the comments below.
We receive a lot of questions via email. When we can share helpful nuggets of generalized advice, we do. Because you may never return to this blog again, sign up for our monthly email newsletter to get small business IT tips in your inbox.