This is what a bogus “Domain Expiration Notice” looks like

Too many domain owners have fallen for letters like this

Every so often, we get a call from a perplexed customer about a suspicious-looking “Domain Expiration Notice” letter they got in the mail. If you can believe it, one of these letters turned up in our office’s mailbox the other day. There it is above.

Before we dropped this letter through the paper shredder with the rest of the junk mail, we wanted to take this opportunity to warn domain owners everywhere about these so-called “domain name renewal notices”, and show what they actually look like.

Customers are right to be wary of letters like this. The long-winded, official-looking letter claims to be a notification about the customer’s domain name, and warns that the owner “must renew” the domain to avoid losing it. It also encloses a payment form (complete with a space to enter your credit card number) and return envelope.

However, the letter is not a genuine notice of domain renewal. Nor is it an invoice or bill. It isn’t even sent from your domain’s registrar. In truth, it’s a tactfully-worded ploy to get you to transfer your domain name registration away from your current domain registrar over to their domain registration services, where they’ll proceed to charge you 3 to 5 times more for the name than what a typical registrar would charge.

A .COM cost a whopping $45 for one year — nearly five times UD’s price. Ouch.

Who sent this letter?

Our letter came from a company called iDNS (short for Internet Domain Name Services), but we’ve encountered similar “notices” from some other companies over the years. For whatever it’s worth, many of the companies we’ve seen pulling this stunt at least appear to provide real domain registration services, though at a much higher rate than the industry standard. We should also stress that we haven’t tested any of them ourselves and do not recommend you try them, either.

But whether these companies are legit or not, the more important takeaway is that they are NOT your domain’s registrar, nor are they involved with your domain’s current registration in any capacity.

So I don’t have to pay them?

Absolutely not. You never have to transfer your domain name away from your provider in order to renew it, for one thing. And for another, your registrar will never request that you send payment through the mail like this letter asks.

But since many domain owners are not knowledgeable about the domain registration process, the questionable delivery and formatting of these letters can mislead a domain owner into thinking they must accept the offer to avoid losing their domain.

Why this letter is so effective

The scare tactics start in the header. Printed in bold is the scary-looking Domain Expiration Notice, along with the generic yet official-looking company name in bright red. Combined, these two attention-grabbers make the letter resemble an official notice.

A notice about my domain from a company I’ve never heard of? Must be legit.

Most letters we’ve seen use a vaguely official sounding company title like this one does. Probably because a generic title is less noticeable, and therefore not as likely to raise red flags compared to a more memorable or unique title.

Continuing the illusion is the conspicuous printing of the domain name and its expiration date, both in bold print and above the fold. The sender’s apparent knowledge of the domain’s registration details further suggests their involvement with the current domain name registration.

Note that they request a reply nearly three months before the expiration date, well before your real domain registrar is likely to email you about renewing your registration.

But what many domain owners don’t know is that every domain name’s registration details (called “Whois details”) are already public. Unless a domain name’s details are blocked with a Whois Privacy service, anyone can look up that domain’s Whois to find the registration term and related contact info. Many domain scams depend on the recipient’s ignorance of their domain’s public Whois, so that the scammer’s use of this data will make them appear more credible to the owner.

But perhaps most harmful is the letter’s timing. Your domain’s registrar will typically email you of your domain’s impending expiration about a month before the renewal deadline (and no, they will not ask you to send your credit card number through the mail). But in our letter, the domain name wasn’t due to expire for another five months! With the fake domain renewal notice arriving months before a domain’s real registrar would send their notices, the domain owner may be less likely to spot the fake.

The Fine Print

While the letter comes off as official at first, closer examination reveals the letter clarifying that the owner is “under no obligation to pay” and that the notice is “not a bill” but rather “an easy means of payment” should the owner decide to “switch over”.

But look at the letter again. What info gets your attention first, those clarifying statements or the massive, bolded “Domain Expiration Notice” in the header? Would such clarifications be necessary if the letter did not resemble a bill in the first place?

This kind of dubious formatting isn’t new. In fact, at the top of the Better Business Bureau’s Reviews and Complaints page for iDNS, the BBB even notes that “past variations of this letter have used similar formatting and phrasing,” and that “this exact text of the letter can be found online as early as 2005 or before, for iDNS and other businesses.” The page’s customer complaints also reveal many domain owners reporting feeling mislead by the letter, and demanding refunds.

How to protect yourself from fake domain renewal letters

Know where you registered your domain name

If you forget who your domain’s registrar is, check by querying your domain’s Whois details DomainTools or similar Whois lookup sites. Just type in your domain and check the field labeled “Registrar” in the results. Your registrar is listed there.

Never pay any domain-related invoice you receive in the mail

Domains are a strictly digital product. Paying for one does not involve a trip to the post office. Payment is made through your account on your registrar’s website. If you’re confused about payment or renewing, find your registrar (again, check the domain’s Whois details if you’re not sure who your registrar is) and drop them a line.

Consider getting Domain Privacy

Many domain registrars offer Domain Privacy services for a wide range of domain extensions. This service prevents your domain’s associated contact details from appearing in the Whois, shielding you from shady folks hoping to mine your contact details from the Whois database.

Learn more about Domain Privacy at UD.

Make sure your domain name is locked for transfer

Locking your domain name adds an extra layer of protection from domain name transfers. You would typically only want your domain name to be unlocked right before you transfer it to another registrar (and you’ll most likely never need to transfer it anyway). If you aren’t sure how to lock your domain name from being transferred, contact your domain registrar and ask them.


Ever gotten a fishy-looking letter from someone who wasn’t your domain registrar? How did you deal with it?

One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.