An old scam in the domain names industry is back, this merits a throwback post about Domain Slamming. Read on to know more about how to protect yourself from these practices.
Below is a letter received on good old snail mail (some details are redacted in the interest of privacy).
What is Domain Slamming?
Domain Slamming is when a company which has no connection to the domain owner (registrant) sends unsolicited and misleading communication that encourages the registrant to transfer the domain to its own brand, under the pretext of being a ‘Domain Expiration Notice’. The communication usually pretends to be an official authority (sometimes labels itself a ‘registry’) and tries to scare registrants that their websites or email will stop working if the domains are not renewed, and conveniently underplay the fact that this involves a domain transfer.
The owner of a domain name is sent an email or direct mail (in this instance, it was physical mail with an official looking envelope, letter head and more) that lists the domain name, its date of expiry, suggested renewal terms, payment form with fields for credit card details and a reply envelope. The letter in this instance was allegedly sent by ‘Doman Registry’ with a maple leaf logo. What’s more, the letter even contained a few upsells for .NET and .ORG domains with the same string (the audacity!).
Who is ‘Domain Registry’, why is this a scam?
In domain name parlance, a registry is the organization that operates a top-level domain extension, such as .CA or .COM. The official registry for .CA domains is CIRA and that for .COM is Verisign, .CA is the designated country code domain extension of Canada. We cannot be sure who ‘Domain Registry of Canada’ as claimed in the letter is, but we know that they are not the team that operates the .CA domain registry. ICANNWiki have cataloged a list of issues and related incidents that makes for interesting reading.
As to why is this a scam, the (deliberately?) misleading name is a dead giveaway. The fact that they scraped your data (more on how they might have done that, below) and contacted you in an unsolicited fashion is potentially illegal (on spam and fraud counts according to US courts) and certainly unethical.
If you have your domain names with ABNWorks and would like to change providers, you always have the option to transfer out, but it is our moral imperative to ensure that a transfer is your deliberate intention. A domain transfer requires an authorization code which is a step that is glossed over in the above notice, while your payment details are collected up front. This puts your payment details at risk in the hands of a company that doesn’t appear very trustworthy.
An organization that went by the name ‘Domain Registry of Canada’ had its accreditation to register .CA domain names revoked by CIRA following similar domain slamming incidents in 2013. Below is a screenshot that shows this website state that they do not support .CA domains.
How do I protect myself?
Well, if you received anything similar to the document pictured above, we suggest the following:
Stay safe!