Posts

Persistent Domain-Renewal Scam Alive and Kicking

Author: Omid FarhangOmid Farhang Published: April 3, 2010 Reading Time: 1 min
Copy Link Bluesky Threads Mastodon X LinkedIn Reddit Telegram WhatsApp Email Facebook Hacker News

A friend of mine forwarded a suspicious email message recently. I’ve replaced the domain, order number, etc. below:

I validated for my friend that the email was bogus. The domain was not held by Domain Registry of America (DROA), and never had been. The domain was not expiring in the next 90 days. Later he received a follow-up email:

The scam attempts to get domain holders to transfer service and pay accordingly. It seems this scam has been around for at least eight years, though it has morphed over time. Apparently the DROA has chosen to test the 2003 judgment by the Federal Trade Commission (http://www.ftc.gov/opa/2003/12/domainreg.shtm).
One thing of interest here is the two-staged approach: The first message requires no action by the recipient, but the second message tells the user to obtain and hand over the keys to the castle.

Related note

Omid Farhang

I am a Frontend Architect and Engineering Lead with over a decade of experience building scalable web platforms, design systems, and high-performing frontend teams. My main focus is Angular, TypeScript, Nx monorepos, and frontend platform governance. My background in Linux, DevOps, and networking helps me design systems that work beyond the browser: reliable in development, predictable in CI/CD, and stable in…

Continue Reading

Related Posts

Child Tax Credit is the New Phishing Bait

Mar 26, 2010

IMF money-making scam

Mar 22, 2010

Blogger.com – -not!

Mar 7, 2010