Fake Domain Renewal Emails Trick Website Owners into Paying Scammers
Beware of Fake Domain Renewal Emails! 🚨
You may receive an email warning that your website’s domain name is about to expire. Renew now, it says, or your website and email could stop working. The link opens a professional-looking page that already knows your domain name, displays your registrar and expiry date, and starts a countdown timer. The site, branded Renovarix, doesn’t renew domains. Instead, it pushes visitors through a series of pages that collect personal information and eventually payment details. This scam takes advantage of that fear with a convincing fake renewal process. The email and website are fake. Clicking Renew Now doesn’t renew your domain; instead, it sends you through a chain of websites that first collect your name, address, phone number, and email, then eventually ask for payment details.
How the Scam Works
The scam begins with an email, with some versions using the Renovarix brand and a London business address. A major red flag: the “official” Renovarix renewal notice was sent from an ordinary Gmail address. The linked page performs a “lookup,” displaying your domain name, registrar, and expiry date. While some information may come from genuine public records, much of what makes the page appear authoritative is invented. For example, the displayed “Registry ID” isn’t retrieved from any registry; it’s generated locally in your browser from your domain name and exists purely to look official. The page becomes a funnel built to rush you. A red banner claims your domain expires in 03 days, regardless of its real expiry date, and a countdown promotes a special price. Legitimate registrars don’t rely on countdown timers or guilt-inducing pop-ups; the pressure is the scam.
Protect Yourself
The scam works because it exploits a genuine concern. Scammers collect information in bulk from public WHOIS/RDAP records, which include the domain name, registrar, and important dates, then generate links that display your own domain details back to you. The low price isn’t the objective. Your personal information and payment details are.
If you receive an email like this, simply delete it. The safest way to handle any domain renewal is simple: Don’t click on the email’s link. Go to your registrar through your own bookmark or by typing the address yourself and check your real expiry date there. Know who your registrar is. Treat urgency as a warning sign, not a reason to hurry. If you entered payment card details: Turn on transaction alerts so you’re notified as soon as your card is used. Contact your bank or card issuer immediately. Tell them you entered your card details on a fraudulent website and ask whether they recommend blocking and replacing the card, even if you don’t see any unauthorized charges yet. Monitor your account closely.
Key Indicators of Compromise
Stay vigilant and protect your information! đź”’