How to Protect Your Website from Domain Slamming

Last Updated November 9, 2020

How to Protect Your Website from Domain Slamming

Running a website requires the use of a domain name. You can’t build or manage your own website until you register a domain for it. For reference, a domain, like linksoftwarellc.com, is a unique identifier that conveys where our website is located. It allows visitors and search engines to find your website on the internet. A registrar, like GoDaddy or Hover, is a business that sells and registers domain names.

Because the domain holds most of your website’s intrinsic value, though, you should be cautious of domain-related scams. Domain slamming is one such scam that targets webmasters who have registered a domain. If you fall victim to it, you could end up paying exorbitant fees, or you could lose ownership of your domain. Fortunately, there are ways to protect your website and your wallet from domain slamming.


What Is Domain Slamming?

Domain slamming is a scam in which a scam registrar attempts to trick a webmaster into transferring his or her domain. It typically involves the use of email, with a small percentage of domain slamming scams using direct mail. After identifying a webmaster’s personal information, as well as their domain, an evil registrar may send the webmaster a fake registration renewal email.

These fake registration renewal emails are typically disguised to look like they were sent from the webmaster’s current registrar. They may feature the same brand name, logo and sender address as the webmaster’s current registrar. Therefore, the webmaster may follow the email’s instructions, believing it will renew their domain.

If you complete all the steps in a domain slamming email, however, you’ll inadvertently transfer your domain to the scammer’s registrar behind the scam. There are over 900 registrars that handle domains. While most of them are trustworthy, others are not. Nefarious registrars such as these may charge you sky-high fees for otherwise basic renewal services, or they may even attempt to hijack and steal your domain.


Six Ways to Avoid Domain Slamming

#1. Don’t Display Your Personal Information

Avoid displaying any personal information on your website. To deceive webmasters, bad registrars personalize their fake registration renewal emails. They may mention the webmaster’s name and phone number. Upon seeing their personal information in it, webmasters may assume the email is legitimate.

You can make yourself harder for registrars to target you by concealing your personal information. If a registrar can’t find your name or other personal information on your website, it will probably look elsewhere for a victim.

#2. Renew on Your Registrar’s Website

When it comes time to renew your domain, visit your registrar’s website directly. Registrars often send renew notice emails in the months and weeks leading up to a domain’s expiration date. Of course, scammers recognize this common activity among registrars, which is why they send fake registration renewal emails.

By renewing your domain directly on your registrar’s website, there’s little or no risk of domain slamming. You can verify the address in your web browser. Assuming it matches that of the registrar’s official website, it’s safe to use. Following a link in a registration renewal email, on the other hand, may lead you to a hijacking registrar’s website that compromises your domain.

#3. Configure for Auto-Renewal

Setting up your domain to renew automatically will lower your risk of becoming a domain slamming victim. All legitimate registrars offer auto-renewal. Enabling this feature ensures that your domain never expires. With auto-renewal, your registrar will automatically renew your domain once a year, typically within 15 to 30 days of its expiration date.

You won’t have to worry about manually renewing your domain if you use auto-renewal. As long as the billing information in your registrar account is correct, it will renew automatically. Therefore, you can ignore any emails asking you to renew your domain.

#4. Lock Your Domain

Another way to protect against domain slamming is to lock your domain. In 2004, the Internet Corporation for Assigned Names and Numbers (ICANN) introduced domain locking to combat the rising cases of domain transfer scams, including domain slamming. ICANN realized that more and more webmasters were losing ownership of their domains due to scams, so they offered a solution in the form of domain locking.

Locked domains can’t be transferred from the registrar to which they are locked. If you decide to sell your domain, you’ll have to unlock it in your registrar account. Domain locking will prevent you from accidentally transferring your domain to a different registrar.

Most registrars lock their customers’ domains by default. If you unlocked your domain, consider relocking it for additional protection against domain slamming.

#5. Leverage Privacy Protection

Privacy protection can mitigate the risk of domain slamming by concealing your personal information as well as your email address. Registering a domain will create a public record that anyone can view. Known as a WHOIS record, it typically contains information such as your name, address, phone number, email address. Privacy protection redacts this personal information so that only your registrar knows your identity.

You can obtain privacy protection from your registrar. Both Namecheap and GoDaddy offer free privacy protection. Other registrars offer privacy protection as well, but you may have to pay extra for it. Privacy protection usually costs around $10 per year.

#6. Contact Your Registrar Before Taking Action

If you receive any emails from your registrar asking you to log in to your account, contact the registrar directly before taking action. Following links in emails is risky. Ill-intended registrars can spoof their emails so that they look like they were sent from your registrar.

Registrars do, in fact, contact their customers by email for legitimate purposes. If your credit card didn’t go through correctly during auto-renewal, for instance, your registrar may send you an email. Before taking the requested action, contact your registrar directly on their website to verify the email. If they didn’t send the email, disregard it without following the instructions.


Do You have Questions about Domain Slamming?

Your website’s value is in its domain name. If it’s compromised, you’ll have to transfer your website to a new domain, which is akin to starting over again. To retain your website’s value, you must avoid falling victim to domain slamming scams.

Contact us if you have any questions about a suspicious email you have received about your domain registration. The process of registering and maintaining ownership of a domain name can be very confusing and complicated for novices. Our clients have sent plenty of these types of scams our way and we are always happy to help clear up any confusion.