If you are a Web site owner, someone probably notified you in the past that your domain was about to expire, and they could help you renew it immediately. Even though we are licensed reseller of registrar services, even we have received these notices, countless times, about our company's own domains.
The truth is that if these "courtesy calls" seem like scams, it's because they are. The point of these shady offers is to get you to transfer your domain away from your current registrar, to a third-party registrar, or worse, sign over administrative control and even ownership in some cases, leaving you legally powerless to regain command over your domain. The company can then try to force you to pay exorbitent prices to keep renewing the domain. Because this company has gained complete access to your domain, they may even pressure you to switch hosting providers.
Spotting The Fraud
Here's how the scenario plays out. You receive a notices in the mail, by email, or by phone, supposedly alerting you that one of your domains is about to expire. The company contacting you implies they are official representatives for your registrar, and they are doing this to help prevent your domain from expiring. They offer to help you renew the domain. It sounds sincere enough.
The mailed letters appear legitimate, and some even display the logo or name of your actual registrar. The letter contains a form for you to complete, for the purpose of making corrections to your contact information as it appears on the domain. You are also asked to provide a credit card number or include a check with the letter, so that the domain can be renewed. What the form doesn't clearly state, however, is that by completing the document and submitting payment, you are agreeing to transfer the domain away from your current registrar, to one used by the company that sent you the letter. Sure, the domain will be renewed for you -- but the fine print states that the price you are paying for this one-year renewal may go up substantially (double or even triple) when it comes time to renew next year.
Emails follow along similar lines, routing you to a secure Web site where you are requested to fill out an online form (again, to "correct" any "wrong" information on your domain). You are asked to include credit card information, and, below all the 4-point legalese (which states that, by submitting this form, you are signing the domain over to this company), you are required to check a little "I agree to these terms" box at the bottom of the form in order to submit your information.
The third way this plays out is by phone. And this is the most troubling. Someone, typically with a foreign-sounding accent, calls you up, and asks for you by your full name. They then say who they are with (a company that, no doubt, you've never heard of), and inform you your domain is about to expire. They ask for a fax number where they can send a form for you to complete. Like the postal mail and web site forms, this faxed document also is considered a legally binding contract, and by completing it, you are giving your approval for the company to renew the domain, but also transfer it to their own registrar.
The Fraudsters At Work
One of the companies of the "renew by mail" method is the "Domain Registry of America". From their
online price chart, you can see that they typically charge $30 per domain, per year. Unless you're using Network Solutions, that's a lot more than you're likely paying with your current registrar. A simple
Google search on the company name brings up the official web site, along with thousands of results from online posters claiming the company is fraudulent.
Another company is "Domain Registry Support". Likewise, a
Google search turns up a lot of results from people questioning the legitimacy of this fraudster. They actually called us. We immediately questioned who they were with, which elicited a serious, "Can we please have your fax number??" reply. We hung up on them, and upon reflecting how one of our customers might have been taken for a ride by their deceptive tactics, decided to post this blog to serve as a general warning to all customers -- beware of this and other shady companies!
Scams like this are very real. Over the years, we've been occasionally contacted by one of our customers asking why we didn't notify them their domain was about to expire (we didn't, because it wasn't about to), and so they chose to auto-renew with one of these companies. Or, we've discovered a customer's web site is no longer functioning properly, only to learn they are no longer in control of the domain, and the "new" owner, who promised to renew the domain for them, has instead pointed the domain to another web host.
How To Fight Back
With a few pointers, you can ensure nothing like this happens to your domains. A few easy steps can verify whether the callers, mail-sender, or emailer is actually affiliated with your current registrar, or if it's a third-party fraudster.
1. These days, every registrar permits the auto-renewal of domains online, via a secured Web site. There is no need to renew domains by mail. Even though some registrars do send out renewal notices, you can always log onto your account with your registrar's Web site, and access a renewal/payment form. Unless you expressly requested that your registrar use postal mail to send you renewal notices, we recommend disregarding all printed notices, because after all, your registrar has your email address, and is more likely to contact you that way, than by postal mail.
2. For renewal notices that come into your inbox, be especially suspicious as to who sent the message. If in doubt, examine the hyperlinks in the email that will take you to a payment page. Does the link point to your own registrar's Web site, or somewhere else? Perhaps a site you've never heard of? If in doubt, visit your registrar's actual Web site, log into your account, and you should be able to immediately see the status of all your domains, and whether any are up for renewal. While the emails sent to you may have been well-intentioned, email fraud is far more rampant than mail fraud, when it comes to domains.
3. For notices by phone, hang up. No registrars contact their existing customers by phone for renewals. Ever. Those that do are not your registrar, but a competitor trying to steal away your business. Question who the person calling is, question again, act suspicious, and if they don't clue into the fact you're not buying it, feel free to play their game for a minute. However, under no circumstances should you provide them any -- ANY -- contact information, because this is a dead giveaway they don't have your WHOIS record handy. Remember, your own registrar already has all your contact information. The easiest thing, therefore, is to not play the game at all, but simply hang up.
4. If in doubt of any of these, question, question, question your registrar's support staff. If you are hosted with Canvas Dreams, call us. We know exactly how to dig up the information you need, and would be delighted to assist you in clarifying any uncertainties.
We hope this information is helpful, and provides a bit of insight into the risky business of domain renewals. Please contact us for more information about this and anything else related to domain registration and management.
All the best,
Canvas Dreams Staff
