The most common types of scams are:
- domain expiry/renewal scams, which also involve convincing people to transfer the domain to a new registrar
- search engine submission/SEO scams.
Details on how these scams work, and some examples, are below. There are also notifications that aren't scams but that can be confusing. We'll provide some information about those, too.
Really important information
- We will never send you postal mail to register, renew or transfer a domain.
- We will never call you to offer SEO, web development, or other services. Nor do we work with any partners who will.
- Never, ever send passwords or credit card details via email to us or anyone.
- Check the sender address of renewal or other notification emails. All our notifications and reminders are sent from an email address ending in @iwantmyname.com or @support.iwantmyname.com.
- Certain domain verification emails will be sent from registrant-verification@ispapi.net, and especially for ccTLDs like .CO.UK or .CA, you may get email from the registries, like Nominet or CIRA.
- ICANN checks WHOIS details from time to time, so if you receive a WDRP notice from them, that's legitimate. If you have any questions about that, let us know.
- Always make sure you are on the iwantmyname.com website. Check in your browser's address bar before entering any login information.
- Some scams are really sneaky and look very official, but we've seen lots and lots of them over the years. If in doubt, or if you have any questions about your domains, privacy, or security, feel free to ask!
Notifications that are not scams, but that can be confusing
There are some notifications you may get that are legitimate, and you will need to read them and possibly take action. They are nothing to worry about, though.
WDRP Notice
The WHOIS Data Reminder Policy (WDRP) notice is sent by ICANN, which is the internet's governing body. All it is meant to do is ensure that domain registrant contact information is up to date. We can provide more information about that if you need to make updates.
If your domain registrant contact information is out of date, just update it in your iwantmyname dashboard when logged in by clicking on edit contacts. If it's up to date already, you don't have to do anything.
ERRP Notice / Upcoming Domain Renewal Notice
Another notification from ICANN, and it is a notice regarding upcoming renewal (see example below). It will show "Upcoming Domain Renewals in Approximately a Month". It's also called an ERRP notice. What's confusing about this notification is that it usually arrives after you have already been billed to renew your domain.
This is part of ICANN's policy on renewal notifications and schedules. The result is that they impose their own notification schedule onto registrars, even though we have our own, since we're the ones billing and processing renewals. This occasionally results in notifications arriving out of order. That gets confusing.
If you were already billed for your domain renewal, as long as it's set to auto-renew, you're all set and don't need to do anything else. Your domain will renew. If you have any questions about your domain being renewed and safe, just let us know.
Please note that if you receive a second or third ERRP notice, it is likely that there was a problem and your domain has NOT been billed and won't be renewed unless additional steps are taken. Please get in touch with us if this is the case.
The upcoming renewal notice email comes from no-reply@domainrenewals.ispapi.net and looks like this:
Unsolicited offers for web development and other services
For domains where adding WHOIS privacy during registration is not possible, you might see unsolicited offers for website development or other services after registering a domain. These are not scams, but are usually spammy and unwelcome. You can ignore them.
We don't provide customer information to anyone, but per ICANN policy, registration information is publicly searchable unless a privacy service is in place. And even with WHOIS privacy in place, emails sent to the unique privacy service email address can be forwarded to the registrant.
We automatically add WHOIS privacy by default at registration for domain extensions that support it: full list of domain extensions that support WHOIS privacy.
If your domain supports WHOIS privacy but it's not in place yet, you can enable our free WHOIS privacy service in your dashboard to hide your contact information and prevent these people from contacting you. From the domain's page, click on enable privacy.
Expiry / Renewal Scams
These are official-looking renewal notices, sometimes sent by email, sometimes by postal mail. They are very misleading, and try to trick you into believing your domain is expiring and needs to be renewed with them, even though your domain is registered with us.
They convince you to "renew" your domain by transferring it to them, and they charge you very high transfer and renewal fees. They charge even more fees to get the domain back by transferring it away from them, which they make incredibly difficult to do.
The important details:
- The notice is not from iwantmyname, ICANN, or a registry as outlined above.
- It may have arrived by postal mail, which we never send.
- Renewing domains never involves a transfer. If you're asked to unlock a domain or get an authorization/EPP code, it's a scam.
- If the "renewal" pricing is a lot more than the registration or previous renewals, it's likely a scam. Our registration and renewal prices are here.
- The notification can arrive any time, even if you only recently renewed your domain with us. Check any domain's expiry date and next billing date in your dashboard, or ask us. Unless the expiry date is within the next month or two, it's likely a scam.
These are some of the common sources of expiry/renewal scams.
Domain SEO Service Registration Corp
These scammers will "customize" the URL sent to you using your domain name. So you will see something like http://www.mydomaincom.domainsrimatic.com.
The website lists a US address, but the domain registrant and registrar are in China. Also, the contact information lists a contact email address of domainrseo@mail.com. No legitimate company is going to use a free email address like that. Additionally, the website is set up from a very basic template and lacks branding features like a logo, etc.
Their "competitive" rates will be much higher for renewal, and supposed SEO services, than your actual renewal, likely $64.00USD. Note that our renewal price for a .COM domain is $14.90USD.
We do not offer SEO services or any other services besides domain registration and DNS management, so domain renewal includes only the price of renewing your domain.
There are legitimate services to help you improve your website, branding, and content. However, they typically do not send you unsolicited mail. Additionally, we are not partnered with any and none that would approach you represent us.
This scam is definitely NOT from one of the legitimate service companies. Those services also don't have anything to do with domain registration or renewal.
If you’ve recently received a domain renewal notice from Domain Registry of America or Domain Registry of Canada in the mail, please be aware that it’s a long-running scam. Domain Services has been becoming increasingly prevalent as well.
Domain Registry of America has been in a number of disputes over the past decade for sending what appears to be official renewal statements, but are really misleading mailers forcing responders to pay extremely high domain transfer and renewal fees.
We have seen these for a number of years. It appears to be based in Canada. They send misleading and fake "Expiration Notices" by mail. The letter they send looks like this.
A domain renewal phishing scam that makes notifications look like they're from ICANN.
You can see some more in this article, including a couple from Australia.
Search Engine Submission / SEO Scams
These scams are most common soon after you register a new domain name, and tend to show up along with offers to build build your website.
Again, if you registered your domain since February 2016 and your type of domain supports it, WHOIS privacy is already in place by default. You can also enable our free WHOIS privacy service for many types of domains to hide your information and prevent them from contacting you.
Note that occasionally you might receive a spam email despite having WHOIS privacy enabled. We can provide some more information on why that can happen, and some recommendations. The bottom line, though, is that having WHOIS privacy in place if possible is still the best way to prevent spam.
Most of these scammers contact you via email, but sometimes they make phone calls as well. These people are not affiliated with us in any way.
These offers rely on most people not knowing the complexities of how search engines work. It gets pretty complicated and is changing all the time. These are the most important and misleading points:
- You do not need to submit your domain/website to search engines. Their "robots" find sites all by themselves.
- No other company can improve your search rankings by offering services to submit your domain to search engines, especially paid services.
- You can work with a legitimate web development company or SEO consultant to design your site to be the most user-friendly and easy for search engine 'bots to analyze, but you don't have to. Be careful about hiring, though, as there are a lot of people claiming to do this, and some are scammers.
- There are no fees to get search engines to detect your site, either to submit it or for "late fees".
- New websites don't need to be "registered" to be found on the Internet, and there is no expiration date for when you have to do that.
- If your new website isn't showing up in search results yet, it's not because it hasn't been submitted.
This is an excellent starter guide on how SEO (search engine optimization) and search engines work. Also, feel free to ask us if you have other questions or concerns. Bottom line, the best way to rank really well with search engines is to build a good site with great content that is useful to people.
Here are two examples of common search engine submission email:
Chinese Trademark Scams
In these scams, a domain owner is contacted about a domain name they own, a supposed potential "trademark conflict" with that domain, and similar domains wanted by a Chinese "client" of the company contacting you.
Typically they try to scare you into purchasing several domains to secure name usage rights/trademark. Usually at inflated prices from some sketchy China-based registrar, not the one your existing domain is already registered with, like us.
An example is posted below. You can ignore and delete any messages like this.