In the past few weeks, we’ve had two different clients email to ask if a snail-mail invoice they received for listing their domain with a company called Domain Listings is legit.
The quick answer? Not at all. It’s a known scam.
Essentially, the company is offering to add you to their sketchy listing service — selling you something you don’t need. They’re hoping to trick people who aren’t paying attention into sending them cash by making their offer look like an invoice, rather than an advertisement.
However, those emails set off warning bells among the IvyCats. If two of our clients did think to ask us about it, how many didn’t?
Stay safe! 6 Simple Ways to Increase WordPress Security
Domain Name Listing Scams
These types scams have been around for a long time, and come in several variations.
(And they’re not unique to the internet age — you’ve probably gotten snail mail “invoices” for things like life insurance or mortgage payment reduction scams.)
Often, these notices will come from a generically named company like “Domain Service” or “Domain Listing,” and try to catch your attention with fear-mongering language like Final Notice! or implications that you could lose your ownership of your domain name if you don’t register with them.
These notices can come in the form of emails, too, as Doug Isenberg notes for the Giga Law blog.
Domain Name Registration Scams
Other types of domain name scams revolve on registering your domain name with a company other than the one you originally bought the domain through.
In “domain slamming” a scammy domain name registrar tries to trick you into switching the registration from your original company to them, by pretending that you’re renewing your subscription.
Another form of domain name registration scam is when you get an “offer” to register your domain in different forms, like ivycat.co or ivycat.io, etc. Or, in different countries — particularly in China as Dan Harris writes for the China Law Blog.
All of these scams are attempts to get your money by making you think you’ll lose your domain without using their service.
Learn more about Domain Name Systems: Migrating WordPress: DNS Crash Course
Dealing with Domain Name Scams
If they’re paper, shred ‘em. These companies can be safely ignored.
If they’re emails, delete without clicking on any links. Along with trying to get you to purchase unnecessary services, some of these emails may include phishing links or malware that could lead to disaster.
Your basic rule of thumb: The only company that should be contacting you about your domain name is your Domain Name System (DNS) provider (i.e., SiteGround or Bluehost). If you get a notice about registration or expiration from any other company, view it with suspicion.
Another way to tell is that many of these invoices come via snail mail. Your DNS provider will never send you a paper invoice — legit notices that a domain is expiring will always emailed to the customer, by their DNS provider, with a link to their account.
Learn more about protecting your WordPress site: Get Free Sucuri Protection with WordPress Maintenance Plans
Protecting Your Domain Name
Since 2004, ICANN, the domain name governing body, has made it possible to lock your domain to a specific registrar. This prevents any unauthorized transfers as a result of these scams.
Best practice is to keep your domain name in “locked” mode unless you’re actively going to transfer it. Most DNS providers will have your domain names locked by default, but you can easily check the status in your dashboard.
Questions? Get in touch with us any time.
If anything seems suspicious or you have any questions, always feel free to reach out. We’re happy to help!