Registrars battle spammers as Whois data goes away

Spammers and scammers have to get creative to contact domain name owners.

A picture of multiple cases of spam meat with the word "spam" on top.

This month, a GoDaddy customer received an email shortly after registering a domain name. We’ll call the domain example.com for this story.

Subject: example.com isn’t registered yet

The message suggested it was in some way coming from GoDaddy. Which it sort of was, because it was sent through a Domains By Proxy email address.

Here’s the rest of the message:

Good morning, my name is Matthew from Domain Management.

A quick note to tell you, as of this morning, example.com has been claimed and is in your GoDaddy.com, LLC account.

The next important step is to register the domain name to be visible on search engines like Google, Bing, Yelp, MSN, Yahoo and more.

Without that registration your domain will not be indexed by their crawling algorithm that searches the web – and you do not want someone else to claim example.com as their own domain before you do.

Click here to register your domain to be visible in search engines now. [Link removed, but it went to domainsupportus/.com]

This allows potential customers and visitors to see your website and click on it from Google when they search.

It is an important step for any new domain owner.

Click here to register your domain now and become visible in search.

If you have any questions, don’t hesitate to ask!

Yours,

Matt G.

Internet Domain Registration Authority

About the Internet Domain Registration Authority (IDRA).

We’re the folks who manage the registry that develops policies to support the global internet community.

You are receiving this email because you recently performed an action regarding a domain name and this is the email address listed in our database as the registrant for the domain. It’s important that you are made aware of changes / updates regarding your domain names and therefore you are unable to stop receiving these important transaction notifications.

Below the main message was white space that actually contained lots of white-on-white text about sloths. The text was presumably there to trick spam filters. That perhaps includes the Domains By Proxy filter.

As most domain registrars remove email and phone contacts from Whois, scammers and spammers have had a more challenging time finding victims. They have to rely on contact forms and Whois privacy forwarding addresses. But not getting blocked by these services is a challenge.

In response to an inquiry about the spam email above, a GoDaddy spokesperson told Domain Name Wire:

We’ve reviewed the email and are always strengthening our filtering to prevent unwanted emails. Blocking spam email is an ever-evolving challenge and we’ll continue to look for ways to protect our customers.

In addition to Domains By Proxy forwarding, people also try to contact domain owners through the “contact domain holder” link on GoDaddy Whois records. (Registrars are required to provide people with a way to contact domain owners.)

I’ve received several emails through these contact forms this month. In all cases, the users had Gmail addresses with multiple dots in them. Gmail ignores dots in emails, so example@gmail.com is the same as ex.amp.l.e@gmail.com. I suspect the spammers are adding dots to make one email address look like many and evade GoDaddy’s spam filters. I also suspect the senders are trying to harvest registrant email addresses to sell to marketers.

GoDaddy isn’t the only company fighting spammers using its forms and proxy email address.

I built a test site on Wix that contains a contact form. The contact forms send emails to me from an @crm.wix.com email address. I received this message earlier this week:

My name is Oliver and I represent a company that employs 48 experts in design and optimization of websites for wix.

There are several errors in your site source code that cause most of the website content to not even be indexed by Google which results in low traffic.

Your site was created in the wix editor so it’s easy to fix all the errors.

If you want to know which parts of your website need to be changed to achieve much higher position in Google , please fill out the form below: [Link to webhelper/.us removed]

The spammer is leveraging Wix’s name and sending through Wix contact forms, yet Wix’s filter isn’t catching it.

As a domain owner, I generally want people to be able to contact me. I certainly don’t want my registrar or host to screen an email from someone who wants to buy my domain, for example.

But these companies also need to protect their customers, especially unsophisticated ones. This will be a continual game of cat and mouse.

I advise carefully examining an email you receive through a proxy forward, site contact form, or Whois contact form. Be extra careful before responding to a Whois contact email, and ignore any that have multiple dots in a Gmail address.

Post link: Registrars battle spammers as Whois data goes away

© DomainNameWire.com 2021. This is copyrighted content. Domain Name Wire full-text RSS feeds are made available for personal use only, and may not be published on any site without permission. If you see this message on a website, contact editor (at) domainnamewire.com. Latest domain news at DNW.com: Domain Name Wire.

Original article: Registrars battle spammers as Whois data goes away

©2022 Domain Observer. All Rights Reserved.

Leave a Reply

Your email address will not be published.