I received this email scam this morning which at first glance looks like a domain registration renewal advisory. It’s not.
Let’s take a moment and and understand some basic security checks you can do when you’re not sure about an incoming email. These are quick easy things – they won’t take much time and you’ll quickly know if the email is legitimate.
Here’s the email I received. You can click on any of the images to see them larger.
The first clue – embedded links
In Outlook and other Email readers you can hold your mouse over a link and it will show a popup of the link destination. When you do this on this email you see the following link:
“Registrationdom.com” sounds like a legitimate domain, but it’s not somebody I deal with and I don’t recognize it. Let’s check it out by going to http://registrationdom.com. (make sure you have a link scanner running to stop you going to a malware site) What you get is the web page, shown below, that immediately wants you to confirm your credit card details – red flag right away!
The sender’s email address:
Now I go back and I look at the email more closely. In my Inbox the senders name shows as “Domain Expiry Notice” and looks legitimate. However when you open the email the senders email address isĀ Domain Expiration Notice [shahirakidwell@0371nk.com]. Never heard of them – so let’s check it out. An easy way to check is to browse to the URL side of the email address. In this case, a quick browse to 0371nk.com brings up this page – definitely not a domain renewal service and not targeted to the English language.
I now notice too that at the very top of the email it says, “This is a solicitation”. Look at the price, $75 per year!
I’m done checking and I’m angry now. This is a scam similar to the office products scam a few years back. Scam companies would fax an invoice for office supplies to large corporations. Invariably they would get paid since nobody was really overlooking all the supplies. Tons of money was lost by companies this way.
These guys most likely pulled my information from a WhoIS search and statistically, some people will click and renew.
Spam only works because people click – don’t be one of those people!
If you don’t recognize the sender or the contents of an email you have received, don’t just assume it’s okay. Check it out and be sure. I know we’re all busy but a little time with the easy steps shown above and we can all help shut down these types of scammers – and save our money to use for the right things.
What about you? Have you seen this scam go by? Have you ever fallen victim to something like this? Let us all know so we can be watchful.
I also received this email from the following address ulatindall@0371nk.com.
Thanks for the post!
Anna
I just received this also. However, they sent this to my home email, indicated my home phone number on the invoice, but put my company address and company domain as what needed to be renewed. My thought was they may have received this information (home phone and home email) from someplace I shopped online and had the package shipped to my office. I found your information while I was holding on with my tech support for our domain name. Thanks for posting this. My email came from supritivanover@0371nk.com.
I too received one of these scam letters/bills today from the following lyndachavarria@0371nk.com
Thanks for the tip
Janet
Janet, spam has increased a lot over the past month, I find. Thanks for passing on the info.
/Technicaguy
Thanks! This has been very helpful. I received a similar ‘Notice of Expiring Domain’ from ariaowen@0371nk.com. It did not feel right and the expiration date mentioned was wrong, so I wrote them an e-mail (no answer yet), started to check and found your information.
Marie-Anne