Silicon.com is carrying this news story about two scam artists who duped people who had registered names with a certain domain registrar by getting their personal information from their Whois listings and telling them that they must pay a fee or risk losing their domain.

Two points to be noted here :

1. The registrar is NOT at fault here for making the contact information of people who had registered the domain name available to everyone via whois as it is a part of the contractual agreement they had to sign with the domain controlling body ICANN.

And, if you read the agreement you signed with your domain registrar while purchasing your domain name, you will realize that you also have a responsibility of keeping your contact information accurate or you risk losing your domain.

2. This kind of thing is nothing new. I myself have got a countless ‘friendly-warnings’ like these for my domain names (having a portfolio of hundreds of domains helps).

So, is there anything that you can do at all to protect youself from such scams? Yes, a lot actually.

Let’s take a look at what you can do to save yourself from ever falling for such scams »

1. Use whois protect / private registration wherever possible: Most of the domain name registrars offer a service called proxy domain registration, with different trade names like whois protect and private registration, for a small fee on most extensions. A few extensions like .us extension are not allowed to have a proxy registration.

What your registrar does is that when you register your domain name, they fill in proxy contact details for you. If someone sends you an eMail via address listed in your whois then it will be redirected to some other eMail address that you may specify and if you get any physical mail delivered on that address, it gets blocked.

If ICANN ever does a check on your whois address you will not be in trouble as you can recieve an eMail from the address listed in your whois, the proxy address physically exists and the phone gets attended by your registrar.

Also, only a court order can get your registrar to reveal your real address, so, no worries about scammers getting your contact details via your whois listing.

2. Register and renew domains online: It is actually a good idea to register and renew your domains online yourself with a credit card only. Reason being that nearly every regisrar has an expiry warning system where they will not only alert you about an upcoming expiry of your domain name by email but will also indicate it in your domain control panel.

No other warning to ‘renew your domain now or lose your website’ will be as realiable as this one as it gives you an opportunity to check if the eMail is actually from your domain registrar.

If you register your domain via a mail-in form or a through reseller then you may not have access to this information and it is easy to confuse a message from a scammer and a message from your domain registrar.

3. Confirm that the message is actually from your registrar: If you don’t have a whois protect subscription or for some other reason get a correspondence / warning by traditional means like telephone or snail mail, you should confirm that the correspondence is actually from your registrar / reseller.

The best way to do it is to eMail or phone your registrar / reseller and tell them that you got a correspondence / warning from them and ask them to explain it more vividly to you. If they did actually send any information to you they will be able to explain it in detail but if they didn’t then they will be able to tell that the message was not from them.

4. Stick with just one domain registrar: Most people would fall for a scam like this because they think that the warning is actually from their registrar. Just to avoid any kind of confusion and fact-check headaches, it is advisible to stick to just one registrar only. Also, it is easier to check facts with your registrar if you have already formed a friendly relationship with them.

If you purchased the domain from someone who had it registered on another registrar, it is worth it to transfer the domain to your registrar of choice where you manage your domains. It saves you from the risk of fall in for scams like this and lots of other hassles associated with managing multiple domains at multiple registrars. This tip is coming from someone who manages a portfolio of hundreds of domains, so trust it!

5. Register names for longer durations: It isn’t just search engines which love and trust sites whose domains have been registered for longer periods of time but it also saves a lot of headaches for the person who has registered the domain. Now, if you can’t remember your anniversary then how can you expect yourself to remember your domain’s expiry date?

Just register the domain for longer period of time like 5 years or 10 years, feed it in your PIM and forget it. Your registrar will remind you when you have to renew (don’t forget to keep your eMail address correct and check again that the correspondence is actually from your registrar ;)) and so will your PIM.

6. Syncronize your domain expiry time: Most registrars offer you the ability to extend the registration of your domains by a few days to syncronize their expiry dates. For example you register one domain on Jan 4, 2006 and you had registered another domain on Dec 5, 2005 for one year which means that they expire on Jan 4, 2007 and Dec 5, 2006 respectively. Most registrars will allow you to extend the registration duration of the domain you registered on Dec 5, 2005 by a few days and let it expire on Jan 4, 2007. This will save you the headache to remember multiple expirey dates.

These were a few simple tips to help you save yourself from ever falling in for scams like the one these two people were charged for. The golden rules to remember are that you must always ensure that the correspondence is actually from your registrar and stay aware of the facts about your domain names.