How don’t let fraudsters steal your domain through phishing emails

The only case when the registrar asks you to click the link inside the еmail is when you have to verify your mail. Usually, you have to verify your mail after the domain registration, changing your contact information, or transferring the domain to another registrar. All the operations with the domain names can only be performed through your client area, but not through email.

However, there are a lot of cases when scammers use your domain’s open whois data to send you a phishing email. Their goal is to steal your data and money. Wherein the scammers do everything possible for this email cannot be identified as a phishing email. They copy a visual style of the registrar’s emails, they fake the email headers and subject, and they add technical and legal information about the company (in most cases this company is fictional, but it looks like a genuine one).

If you have received such an email, do not hurry to meet its requirements and make any payments. It is possible that this email was sent by the scammer.

How to identify a phishing email:

  • If you are asked to make a payment within a day in the email and you are told that your domain is expiring or is already expired, it is phishing. You can always use any whois service to check the expiry date of your domain. The registrar never sends an email one day before the expiry date of your domain asking to make a payment for this domain within a day. The registrar starts to send notifications about the domain renewal 60 days before the expiry date of your domain.
  • If you see a link or a button that leads to the payment page in this email, it is phishing. The renewal of the domain registered through Fozzy can only be made through Fozzy client area by paying the invoice. Any proposal to make a direct payment to a card/wallet/bank account is phishing.
  • If you see a sender’s mail account of this email in your mail client and this account is definitely not the registrar’s mail account, it is phishing. The genuine registrar’s mail account contains the registrar domain name in the account’s domain part.  These are our registrars’ mail accounts:
      • (there can be sales/billing/support/automail/partners/noreply/etc at the login part of the account, but at the domain part of the account there will always be the registrar’s domain);
  • If you still cannot define whether this email is phishing or not, try to view the email’s headers and look for the sender of the email. It can be found in front of the From: and Sender: headers. In case these mail accounts do not look like a registrar’s mail account, it is phishing.
  • Also, you can contact our support team at any time. We are always glad to help you.

If you have recognized a phishing email, ignore it and do not meet any requirements described in this email. It is better to delete such emails. Please remember that the only case when the registrar asks you to click the link inside the еmail is when you have to verify your mail.

3/5 - (3 votes)
Share this article
Notify of
Inline Feedbacks
View all comments
In this article