Uncategorized Registrars battle spammers as Whois data goes away – Domain Name Wire
Domain Name Wire | Domain Name News
Domain Name Industry News
by — Domain Registrars
Spammers and scammers have to get creative to contact domain name owners.This month, a GoDaddy customer received an email shortly after registering a domain name. We’ll call the domain example.com for this story.
Subject: example.com isn’t registered yet
The message suggested it was in some way coming from GoDaddy. Which it sort of was, because it was sent through a Domains By Proxy email address.
Here’s the rest of the message:
Good morning, my name is Matthew from Domain Management.
A quick note to tell you, as of this morning, example.com has been claimed and is in your GoDaddy.com, LLC account.
The next important step is to register the domain name to be visible on search engines like Google, Bing, Yelp, MSN, Yahoo and more.
Without that registration your domain will not be indexed by their crawling algorithm that searches the web – and you do not want someone else to claim example.com as their own domain before you do.
Click here to register your domain to be visible in search engines now. [Link removed, but it went to domainsupportus/.com]
This allows potential customers and visitors to see your website and click on it from Google when they search.
It is an important step for any new domain owner.
Click here to register your domain now and become visible in search.
If you have any questions, don’t hesitate to ask!
Internet Domain Registration Authority
About the Internet Domain Registration Authority (IDRA).
We’re the folks who manage the registry that develops policies to support the global internet community.
You are receiving this email because you recently performed an action regarding a domain name and this is the email address listed in our database as the registrant for the domain. It’s important that you are made aware of changes / updates regarding your domain names and therefore you are unable to stop receiving these important transaction notifications.
Below the main message was white space that actually contained lots of white-on-white text about sloths. The text was presumably there to trick spam filters. That perhaps includes the Domains By Proxy filter.
As most domain registrars remove email and phone contacts from Whois, scammers and spammers have had a more challenging time finding victims. They have to rely on contact forms and Whois privacy forwarding addresses. But not getting blocked by these services is a challenge.
In response to an inquiry about the spam email above, a GoDaddy spokesperson told Domain Name Wire:
We’ve reviewed the email and are always strengthening our filtering to prevent unwanted emails. Blocking spam email is an ever-evolving challenge and we’ll continue to look for ways to protect our customers.
In addition to Domains By Proxy forwarding, people also try to contact domain owners through the “contact domain holder” link on GoDaddy Whois records. (Registrars are required to provide people with a way to contact domain owners.)
I’ve received several emails through these contact forms this month. In all cases, the users had Gmail addresses with multiple dots in them. Gmail ignores dots in emails, so firstname.lastname@example.org is the same as email@example.com. I suspect the spammers are adding dots to make one email address look like many and evade GoDaddy’s spam filters. I also suspect the senders are trying to harvest registrant email addresses to sell to marketers.
GoDaddy isn’t the only company fighting spammers using its forms and proxy email address.
I built a test site on Wix that contains a contact form. The contact forms send emails to me from an @crm.wix.com email address. I received this message earlier this week:
My name is Oliver and I represent a company that employs 48 experts in design and optimization of websites for wix.
There are several errors in your site source code that cause most of the website content to not even be indexed by Google which results in low traffic.
Your site was created in the wix editor so it’s easy to fix all the errors.
If you want to know which parts of your website need to be changed to achieve much higher position in Google , please fill out the form below: [Link to webhelper/.us removed]
The spammer is leveraging Wix’s name and sending through Wix contact forms, yet Wix’s filter isn’t catching it.
As a domain owner, I generally want people to be able to contact me. I certainly don’t want my registrar or host to screen an email from someone who wants to buy my domain, for example.
But these companies also need to protect their customers, especially unsophisticated ones. This will be a continual game of cat and mouse.
I advise carefully examining an email you receive through a proxy forward, site contact form, or Whois contact form. Be extra careful before responding to a Whois contact email, and ignore any that have multiple dots in a Gmail address.
i get a bunch of spam from the whois message system godaddy has. always says basically nothing, just the generic message that they are interested in the domain/website and lists reply to as gmail addresses split up with a bunch of periods. kinda strange.
Thanks for mentioning that spammer. I am always in disbelief how that email always shows up in my mailbox hours after registering a godaddy name.
“In addition to Domains By Proxy forwarding, people also try to contact domain owners through the “contact domain holder” link on GoDaddy Whois records.”
If you have a significant number of domains at Godaddy, you will receive numerous and frequent spam emails like this. If you contact Godaddy to notify them of the high number of spam inquiries using their system and provide proof as they request, they will still not act to stop the emails (or be able to).
That have to provide a mechanism to allow people to contact you, so they’re kind of stuck. Perhaps they could ask for more information from the contactor, but then this is an avenue for someone to add a spam message.
This site uses Akismet to reduce spam. Learn how your comment data is processed.