7 domain name scams to watch out for
Domain name scams are on the rise worldwide. This is because cybercriminals realise just how central a domain name is to any SME’s brand strategy and want to exploit it.
A BlueVoyant report, released earlier this year, indicated that lookalike domain registrations have gone up from around 150 per month in 2024 to roughly 450 per month in 2025.
A domain name scam is a type of cybercrime aimed at tricking domain owners into paying for fake services, sharing sensitive information, or even transferring ownership of their domain without consent.
It’s a way for cybercriminals to impersonate legitimate companies, create fake domain services, or set up lookalike websites to steal customer data.
A domain name scam can affect any business, and it is important to know what they are and how an SME can protect itself.
The 7 Most Common Domain Name Scams
1. Lookalike Domains (Domain Spoofing)
Cybercriminals are registering domain names that are almost identical to established companies to trick customers into visiting fake websites or sharing personal information.
For example, a criminal could register NikeSA.co.za and send promo emails directing people to a fraudulent online store.
Even a small spelling change can make these sites appear legitimate. Watch out!
2. Fake Domain Renewal
Did you know that bad actors can access the public WHOIS database to gather domain owner information?
This is called Domain Scraping.
They use contact information obtained here to send emails claiming a domain is about to expire, payment failed, or a domain will be suspended unless payment is made immediately.
The aim is to steal login credentials, credit card information, or receive payment for fake renewals.
3. Authorised Domain Transfer (Domain Slamming)
Without proper security measures in place, it isn’t that hard for a bad actor to transfer a domain away from your current registrar or host to someone else, making you lose control of your domain.
All they need is to trick you into clicking on a couple of links.
It’s often in the form of an official-looking email claiming to be from your registrar or hosting provider, warning you that your domain is due for renewal and prompting you to click a link.
What you don’t notice is the fine print stating that, by clicking, you’re actually approving a domain transfer to another provider.
A scam like this can cost your business money, interrupt daily operations, and damage your reputation with customers.
4. Domain Hijacking
Domain hijacking is the result of a successful phishing scam or weak password creation that led to a cybercriminal gaining access to your domain account.
Once they have access, they can transfer ownership without permission.
They can also redirect your website, lock you out of emails, replace content with malicious pages, or sell your domain.
5. Search Engine or Directory Scams
Some cybercriminals promise to submit your domain to search engines and directories to improve rankings, scamming you into paying a lot of money for a service that they won’t render.
Don’t fall victim to this, as search engines will index your new website automatically.
6. Alternative Domain Scams
Cybercriminals often send emails to domain name owners claiming that someone else is trying to register a domain similar to theirs and offer to “secure” it at inflated prices.
These scare tactics exploit fear of brand damage, but the threat is usually non-existent.
7. Domain Purchase and Appraisal Scams
This is a scam that targets anyone who owns a domain name that appears valuable or brand-worthy.
It’s normally someone representing an interested party that’s willing to pay a high price to obtain the domain.
But in order to proceed, a certified appraisal is required. The appraisal fee is costly, and once you pay it, the so-called “buyer” vanishes.
There is no real investor, no genuine offer, and no legitimate appraisal.
How to protect your domain:
- Register with a trusted provider like Domains.co.za to ensure secure processes and support.
- Activate Domain Transfer Lock to prevent unauthorised moves.
- Use Two-Factor Authentication on your domain account for added account security.
- Set up Auto Renewal to avoid falling for fake renewal emails.
- Verify all emails and links before acting. Double check URLs for misspellings, letters replaced with numbers etc.
- Enable WHOIS Privacy to protect your personal information.
- Educate yourself and your team on spotting scams.
At Domains.co.za, your domain’s safety is important to us.
We therefore offer security features like Domain Transfer Lock, WHOIS Privacy, Two-Factor Authentication, auto-renewal and multi-year registrations, to help keep your domain safe.
Click here to register a domain name safely with Domains.co.za.
Loading ...