An imposter pretended to be another domain broker. Here are some tips to avoid becoming a victim.
On Christmas Eve I published a podcast with Bill Sweetman of Name Ninja. Bill told the story of how someone pretending to be domain name broker Tracy Fogarty of eNaming tried to dupe him out of $10,000. Bill didn’t bite.
Since publishing that podcast, I have learned that this imposter reached out to at least three people total. The scammer pitched a handful of domain names with a lower case L replacing the upper case I at the beginning of the word. A reverse Whois report at DomainIQ shows that these pointed to the nameserver doneritehosting.net. The names include lncorporate.com, lnnovate.com, lnsurers.com, lnsuring.com and lnvested.com.
All three of the people I’m aware of being contacted are sophisticated domain experts and wouldn’t fall for a scam like this.
Here’s a summary of some of the suggestions Bill made on the podcast (with some of my additional tips) to avoid becoming a victim of a scam like this.
- Double check the domain name to make sure it’s not faked (or an internationalized domain name). Copy and paste the domain into a plain text word editor.
- Check the email address that sent the domain. Does it match what you’d expect? Try emailing the person at their normal email address rather than replying to the email. In the imposter case, the email address was @fakedomain.com, which is unusual. Sweetman noted, “The main brokers representing domains for sale rarely, rarely will use that domain name for their email address.”
- Think if the offer is it too good to be true.
- Check the signature file on the email. Does it have a phone number or other contact method? “Typically, brokers make themselves available to be reached, especially by phone,” Sweetman said.
- Is the seller in a real hurry to get the deal done? While there might be a legitimate reason, be cautious if someone makes you move fast.
- Use an escrow service and be wary if the other party doesn’t want to. “That’s why using an escrow service is so important because it protects all the parties,” Sweetman said. “It protects the buyer, it protects the seller. It to some degree protects the domain.”
- Check the domain owner listed in a purchase agreement and make sure it matches who you think owns the domain. Do a Whois lookup if possible.
- Check the domain history including Whois history for the ownership history.
Every clown is a so called domain broker, anyone with an email.
My greatest concern is spam farms operating out of India trying to mass sell geo based domains, they are not doing this industry, or anyone in it a favor right now.
Turning off end users, and more restrictive contact issues etc…
To be absolutely clear, Tracy and Bill are legit brokers. This was someone pretending to be Tracy to swindle another person.
Understood, I am just saying there are so many random spam emails from anyone calling themselves a broker these days.
There is little or no recourse for some districts, canspam has been ignored by registries, godaddy, namesilo abuse departments refuse to suspend spammers spamming domains.
Thanks, for the alert
This imposter contacted me too last December with this email: [email protected]
Francois, thanks for sharing this. That makes four people. That is the domain that acted as the “escrow agent” that contacted Bill.
Great advice. While the majority of spoofing / phishing mails can be easily detected, some look really authentic and are difficult to recognize. Especially end-users might fall for this kind of scam.
I really like the following advice which applies to so many other situations but still many people switch off their brain when trying to get an excellent bargain: “Think if the offer is it too good to be true.” In German we have the saying “Greed eats Brain” 😉