Scammers are robbing unsuspecting businesses by duping them into believing they are paying for their website domain name – the catch is they create an official looking ‘invoice’ and list a very similar looking domain name to the officially registered domain.
Neville Greenwood from Web Wizards speaking on 6PR radio with Simon Beaumont
Potentially small business owners could be paying hundreds of thousands of dollars nationwide for these domain names.
Scammers prey on people’s fear that they will lose their domain name if they don’t pay the ‘fake’ invoice on time. This can result in them losing their real domain name and potentially their website. This can happen when a business receives their legitimate domain renewal but ignores it believing it to be in error or a duplicate. So when the correct domain isn’t renewed the ramifications are devastating for the business owner. The effects are –
- The website disappears from the internet as now the domain is in limbo
- Email addresses connected to their domain will not be working
- They are at risk of losing their domain name to a competitor. There is a grace period where the domain name is in quarantine but outside of that period the domain is on the open market and can be purchased by any legitimate entity.
A website owner can inadvertently pay for similar domain names they don’t even own because the scammers send a renewal notice for what they believe is their existing website name. A closer inspection of the domain listed normally reveals an almost exact match name with a slight difference in the extension. So instead of ‘.com.au’ it will be ‘.net.au’ or just ‘.com’. Or another ploy is to use an extra letter in the name but still be a ‘.com.au’. On a busy day, it is easy to mistake the scam invoices for the real thing, which is what the fraudster’s bank on and pass the ‘invoice’ on for payment to the accounts department.
However the scam invoices are even trickier – it doesn’t use the word invoice anywhere on the document but disguises itself as one. In fact, it probably isn’t illegal to send it, a case of buyer beware. If you inadvertently pay it you will end up owning a domain you didn’t want or need at a highly inflated price and possibly no recourse. However even more concerning is that unwittingly businesses could be giving their credit card details to criminals worldwide.
What can you do?
As the domain owner, you need to carefully cross reference the domain on the invoice with your own domain – check the genuine website domain by typing it in the browser bar and see what comes up. Compare that by typing in the one on the invoice – are they the same? Is there a message like “This site can’t be reached.”
Other things to look out for –
- Be suspicious if an invoice is received by normal post as this the most common way the scam is perpetuated. It is usual for domain renewals to be sent via email. These companies have names like Domain Register Pty Ltd or Domain Name Group.
- Look for your previous domain renewal invoice. Check the domain provider’s business name – is it the same as the new invoice? If it isn’t it’s probably a fake.
- You can check the details of your Australian domain by going to https://www.ausregistry.com.au/whois This will tell you who the owner is and who the registration company is. If you are not the registered owner then you need to investigate further. Keep the registration details up to date – make sure the correct name and email address are listed, if not contact the domain provider to update it.
- Speak to your webmaster or web developer who created your website. They will confirm or refute the validity of the domain name in question.
Scammers are constantly changing tactics so it is wise to check the Scamwatch website run by the Australian Competition & Consumer Commission if there are any doubts. Click to visit the Scamwatch Website
Beware of other domain scams such as Pseudo Companies sending an email claiming they have received applications from another company trying to register a Chinese domain with the same name as yours eg mybusinessname.cn. These claim to be from the Chinese Domain Register and encourage you to protect your brand name by purchasing the Chinese domain.
It is frustrating to think of the time wasted on these fraudulent schemes and of course the concern of any money handed over to these crooks. All you can be is vigilant and aware that these scams will cross your desk from time to time.