At the office, we have consolidated our many domain names (don’t ask why there are so many) to one registrar. And we have changed the contact email addresses on all of the domains to one email address, which is routed to three people only.
So imagine my surprise when I got a message from “Liberty Names of America” thanking me for my domain name renewal. And another email right after that my $94 payment had been recieved for that transfer. The email had a link that I could click on to confirm and complete my order. Wasn’t that thoughtful?
Danger, Will Robinson!
Did you ever get an bill in your snail-mailbox that was puzzling? Did you send them a check? That’s a common scam, especially for businesses. It’s a great way to make money.
The mantra in Information Security is “Trust, but Verify”. So I went to the local “Whois” tool to make sure that my domain name was properly registered. And verified that I had a ‘lock’ on the domain names to disallow transfers. ANd all was well (for now; I’ll keep checking).
I didn’t click on the “helpful” link in the email. Not in the “Safe Computing Practices” list. But I did note that if you search for the company’s name, you’ll find lots of warnings about this Domain Name change scam.
So, perhaps a slight revision: “Don’t Trust, Verify First”.