Domains connect to email which connect to…all sorts of things.
Domain name investors know that domain names get all sorts of misdirected email. Your .com email address might get email intended for the matching .org domain. The expired domain you acquire might receive email intended for the previous owner.
Those email accounts might be connected to financial services, too.
The Register wrote this week about someone who acquired an expired domain that was attached to a PayPal account. For months, the domain owner received PayPal statements, password reset notices, and other alerts from the PayPal account. He was also able to get into the account by doing a password reset.
PayPal didn’t seem to care or know what to do about it until The Register wrote about the issue.
Even people who don’t own a domain name can face the plight of email intended for someone else. It happens to my Gmail address all of the time.
One particularly frustrating example is when someone signed up for the SAT using my email address. I received score alerts for the person and couldn’t figure out a way to let them know. More frustratingly, I have now received about 100 emails from various colleges inviting this person to apply or visit an open house.
I was able to notify the student’s mother by doing a password reset on the account and finding a parent email address listed in the account that I used to contact her. Still, my email address is registered with many of the universities.
I could tell a LOT of stories of misdirected emails, but I won’t, other than to say EVERYONE and ANYONE no matter how “high up” in this World makes “mistakes” . I just wish I could be specific but I dare not.
One other point specific to the Paypal story. Imagine the situation that could arise IF the email address was being used for a Fraudulent or Scammers Paypal account (you know they steal Credit Card, register it with Paypal and then buy as much as they can before discarding. The Police may eventually chase down the “owners” of the email address and you will then find that you are under investigation because of the email address/
Alan Built says
And don’t make the mistake of using your domains email to register your domain, that’s a future catch 22 in the making.
One thing I had to laugh at was the failure of the original story to mention that by registering an expired domain you do not instantly start receiving the previous owners email magically. The story has holes, glaring holes in it. So much so Id almost suspect it was a ruse. No one else clued in on this and the story is all over the web. Ya so I magically get expired domains email and never even had to set up an account lol
James Kite says
Just set up a “collect all” email address to collect all incoming email.
Not hard to do.
Andrew Allemann says
Whois history seems to jive with what he says happened with the domain. And since it’s connected to a hosting company, it makes sense that he’s see all of the email through a catch all.
And the purpose of a catch all being set up in this situation where you buy an expired domain would be what Andrew?
Andrew Allemann says
He’s running a hosting biz on the domain. You’d probably see All email. Especially an info or support email. And many people that read this site have catchalls so this guy could too
Not just expired domain names. I get some confidential invoices and pricing email because one of my domain name is one letter off from a obscure supplier to Walmart.