Scam PSA: "Domain Name Expiration/Renewal Notice"

02.04.2019 Nate Hoffelder 3 Comments

This post is the third in our ongoing series about computer scams.

Ugh, scammers. They are a persistent problem with no real solution (permanently discourage one and hide the body, and you won’t even daunt the others). The best we can really do is make sure everyone can identify the scams when they come along.

For example, Ruth Thaler-Carter recently sent me a scam bill she got in the mail. This scammer preys on the unwary by looking up the contact details for a website, and then sending a bill to the mailing address listed in the fine print.

In today’s example, the scammer is trying to convince us to pay them to renew our domain registration. Obviously the domain is not expiring, and was not registered through the scammer in the first place, but the scammer knows that at least a few people will fall for the fake bill.

Why do they do this, you ask?

Because it works. While individuals don’t usually fall for this scam, send this kind of fake bill to a business and they will pay it almost without thinking.  The mail room will forward it to accounts payable, where it will be added to the stack of bills and paid almost automatically.

This type of scam works so well in fact that one scammer bilked Facebook and Google out of $122 million over a three year period.

Rimasauskas’s grift was pretty bold. He merely sent Google and Facebook invoices for items they hadn’t purchased and that he hadn’t provided, which the companies paid anyway. The invoices were accompanied by "forged invoices, contracts, and letters that falsely appeared to have been executed and signed by executives and agents of the Victim Companies, and which bore false corporate stamps embossed with the Victim Companies’ names, to be submitted to banks in support of the large volume of funds that were fraudulently transmitted via wire transfer." He also spoofed emails that appeared to come from corporate execs.