As a web developer I own my own domain name of www.tualatinweb.com and several others for clients. Almost every week I receive phony email messages from bogus companies asking me to renew my domain name, or else. Here’s a typical example that I just received a few minutes ago in my In Box:
After a quick glance it could be a credible email because it has a pleasant heading color of orange, and a big, blue button that they want me to push labeled: Renew Now
As an owner of a domain name it is important for you to keep your real account updated so that your web site continues in service without any embarrassing interruptions or down time. Now, let’s dive in and start taking a closer look to understand why this particular email is a phishing scam and not legitimate.
- My Full Name
A legitimate vendor has my full name on file, and they will use it in all email communications. Notice that this email has name or personalization included at all. Strike one.
2. My Account Number
Where is my account number in this email? Not to be found. So that’s strike two, folks.
3. Who are You?
As I hover my cursor over the From email address is reveals that the sender of this email is using a domain name of romconsults.com, which is not my actual vendor’s domain name. And that gaffe makes it strike three. But wait, there’s more.
4. English grammar
They used a very odd phrase, “search engine registration” which makes no technical sense to me. Correct phrases would be “search engine optimization” or “domain name registration”.
5. Renew Now
Hovering my cursor over the big, blue button reveals a strange URL address of www.thedomainregistration.net, which is not the name of any vendor that I do business with.
Summary
Trust email only from vendors that you know, where they include your full name, show an account number, have a company logo, and use links to only vendor addresses that you are 100% certain of, otherwise it is a bogus email trying to phish your credentials and cheat you out of money.
Very helpful tips, Daniel, and likely applicable to other suspect emails. I’m going to try the ‘hovering’ on some of those just to see what comes up.
Kathy, thanks, yes these tips help identify other phishing an scam emails. The bad guys are sending out a record number of fake emails, so it pays to be informed and diligent.