Scam Alert: WEBUPDOMAIN follows Domain Name Registry of America lead

Photo by Isai Ramos on Unsplash

WEBUPDOMAIN appears to have taken a lesson from the Domain Name Registry of America and added a new twist.  They’re trying to trick you into transfer your domain name registration to them just as Domain Name Registry of America has done for more than a decade.

WEBUPDOMAIN sent a domain name expiration notice using the contact form on my website this morning. If you’re a World-Weary WordPress Web Warrior, you recognize this as garbage and delete it immediately.

Unfortunately, I once had a client fall for the Domain Name Registry of America scam and I’m sure this one works in a similar manner.  This is a case where an ounce of prevention is worth a metric ton of cure.

The Domain Name Registry of America  scam begins with an official looking snail mail notice that tell you your domain name is about to expire.  They (accurately) list all the things that will happen if you allow your domain name to expire.  What they don’t tell you is that they are not CURRENTLY your domain name registrar.  They include a post card which, if you fill it out and send it to them will make them your domain name registrar. Tim Schlee wrote about this back in 2014 in his post Don’t Get Duped by the Domain Registry of America: How to Avoid Web Domain Scams.  Tim points out how falling for this scam can lead to you paying more for your yearly domain name registration fee.

I’m not a fan for paying more without any reason, which is what happens when you switch your domain name registration to Domain Name Registry of America.  I wish that paying more was the worst thing that can happen.  If you’ve got a low traffic website, then that is probably the extent of the damage you’ll suffer.

Unfortunately, one of my former clients fell for this scam a few years ago.  Her website was getting thousands of visitors each month on very lucrative keywords when she filled out the form and transferred her domain name to Domain Name Registry of America.   The way I learned what she had done was she contacted me asking what I had done to her website.

She noticed she hadn’t gotten any prospective client inquiries from her website contact form and set out to find out why. When she typed in her domain name, she was shocked to see that instead of her website, there was a page displaying PPC advertising links and display ads.  She thought I had done this, but I of course, I hadn’t.  So, I went to work to find out what had happened.  The first thing I did was to check her DNS settings.  That’s when I saw that she was no longer the Administrative contact for her domain name and that Domain Name Registry of America was the new registrar for her domain name.  Her DNS settings had been changed, thus the reason why she wasn’t seeing her website associated with her domain name anymore.

Since I had received DOZENS of these notices in the mail, I knew what had happened.

Here’s the really evil part: paying more for her domain name was just the beginning.  It turned out that as part of the transfer process, she had given them permission to remove her as the Administrative contact for her domain name.   Because of this change, there was no way for her to transfer her domain name to a reputable registrar.

She became quite cross with me when I suggested she hire a lawyer to sort this matter out.  Instead, she contacted Domain Name Registry of America and ask them to change her DNS settings so her domain name would once again display her website.  They did, but a few months later her domain name was once again pointing to the Adsense page.

It’s one thing to pay more for your domain name registration, it’s another to pay for a domain name to point to someone else’s Adsense page.  At this point, my client threw up her hands and gave up on having a website for her business.

This is why I encourage ALL of my clients to contact me any time they have a question about their domain name registration.   As a result, I’ve been able to thwart many of these scamming attempts.

I think it’s important to point out that these domain name registrar transfer emails are quite persuasive.  They’re also carefully composed.  They tell you what will happen if your domain name expires.  That part is true.  What they leave out is that they aren’t the current registrar.   They use terms like, “we reserve the right” even though they have no rights.  That is unless you assign them to them by giving them your credit card information.  Get this, the WebUpDomain site even uses https: to securely process your credit card payment.

So without further ado, here’s a screenshot of the ransom – er – I mean “expiration” notice.
Here’s the body of the message:

Message Body:
Disclaimer: We are not responsible for any financial loss, data loss, downgrade in search engine rankings, missed customers, undeliverable email or any other damages that you may suffer upon the expiration of acumenwebservices.com. For more information please refer to section 17.c.1a of our User Agreement.

This is your final notice to renew [domain name]

LINK TO SECURE WEBSITE TO PROCESS YOUR PAYMENT.  (Note – well played WEBUPDOMAIN.  You purchased an SSL certificate to securely process the payment that will transfer the domain name to your registry service.  You’ll steal my domain name, but use a secure website to process the payment.  Well played.)

In the event that [domain name] expires, we reserve the right to offer your listing to competing businesses in the same niche and region after 3 business days on an auction basis.

This is the final communication that we are required to send out regarding the expiration of [domain name]

Secure Online Payment:

SECOND LINK TO SECURE WEBSITE TO PROCESS YOUR PAYMENT.

All services will be automatically restored on [domain name] if payment is received in full before expiration. Thank you for your cooperation.

YOU NEED TO KNOW:

Your domain name registrar will NEVER contact you using either snail mail OR your website’s contact form.

If you don’t know who your domain name registrar is, do a WHOIS search for your domain name.  Your domain name registrar will be listed there unless you have paid to have your contact information made private.  This will also show you when your domain name was created and when it will expire.

IMPORTANT INFORMATION FOLLOWS:

What makes this so insidious is that they used your contact form to send this to you.   It’s a red flag that says, “THIS IS A SCAM!”  However, in the immortal words of BoJack Horseman, “When you’re wearing rose colored glasses, red flags just look like flags.”

When you get this type of garbage coming from your contact form DO NOT mark it as spam.  Why?  Because the message was sent from your website.  If you mark this message as spam in your Gmail, you’re telling Google not to trust emails from YOUR website.

Best case scenario, you’ll never see any messages from your contact form again because they’re landing in your spam folder.

Worst case scenario, your site is blacklisted for spam.

Stay vigilant World-Weary WordPress Web Warriors!