Domain Renewal Scams

Posted on by Ian

While this scam isn’t as widespread as it once was, it still appears frequently enough to be a threat. Scammers may send fake renewal notices, warnings of impending expiration, or threats that you’ll lose your domain if you don’t act immediately.

Their goals can include:

  • Trick you into transferring your domain to an overpriced registrar
  • Phish for your login credentials or payment information
  • Charge you fake renewal fees
  • Steal your domain by obtaining its authorization code

These messages often appear official and use urgent language to pressure you into acting quickly, using phrases like “Immediate Action Required”, “Final Notice” or “Failure to Renew Will Result in Domain Loss”. Always check directly with your registrar or domain provider if you’re unsure. Legitimate renewal notices will come from your provider and offer clear, timely and accurate billing at expected rates.

Tips to Help Protect Your Domain

  • Domain Privacy Protection (WHOIS privacy)
    This service safeguards your information in domain name listings, making it more difficult for scammers to directly contact domain name owners. This service is so critical, we only work with domain registrars who offer this service at no additional charge, and always enable it by default.
  • Transfer Lock
    Most registrars offer a “transfer lock” which prevents domain transfers to other registrars without first being removed.
  • Know Your Renewal Date
    Being aware of your domain’s renewal date can help you quickly dismiss suspicious notices.
  • Check WHOIS
    If you have any doubts about a domain renewal date, you can perform a WHOIS lookup using a trusted website like whois.icann.org or your registrar’s own tools to check the details.

Be aware that scammers may also send physical letters posing as official renewal notices, particularly targeting small businesses or less tech-savvy owners. Often these will arrive on fake letterhead using names such as “Domain Registry of America” or “Internet Domain Name Services”. Legitimate domain registrars do not send such letters.

Always log in directly to your registrar’s website to verify renewal status; never visit links in unsolicited emails or letters. If something feels off, don’t rush — always verify directly through your domain provider.

A Look Back
In the early Internet days, domains were registered and renewed by fax. Registrant information was publicly accessible, and scammers would send fake faxes designed to look like real renewal requests. Many fell for these, transferring or losing their domains. Today, most domain registration is done securely online, and domain privacy helps protect contact info, but scams still persist in digital form.