The latest scam email to do the rounds among Irish businesses involves attempts to lure them to buy similar domains from ‘DNS Ireland’.
If you have noticed a major increase in the number of spam emails sent to your business, you’re not alone. Domain registrar and hosting company Blacknight Solutions has warned in a blogpost of a recent flurry of activity from an individual or group claiming to be ‘DNS Ireland’.
Blacknight warned Irish business owners who have a registered domain online that the attempted scam begins with an email claiming to be from a domain registry company, referencing the domain owned by the targeted business.
The email then claims that the sender has received a request from a third party to register the same name in another domain, usually .com, .eu or .info. The idea is that the business may feel pressured to purchase one of these domains, fearing their online business could be hampered by another party.
This is emphasised by the email’s claims that this could have “far-reaching consequences for you in the future” and that the sender is “under the obligation to contact you, in order to offer you the first right of registration”. It also warns that the recipient must reply within 48 hours, putting additional pressure on someone who may not be aware of the scam.
How did they get businesses’ contact details?
Of course, as scams typically go, there is no domain registry company called DNS Ireland. If someone were to be fooled by the email’s claims, they could shell out as much as €200 for what purports to be a 10-year registration that doesn’t exist.
“It’s a con, pure and simple,” said Michele Neylon, Blacknight’s CEO. “Firstly, there is no such thing as an obligation for domain registrars to track down potential rights-holders with similar names in other top-level domains. It’s nonsense to suggest that, and a blatant attempt to frighten people into handing over money quickly without thinking things through.”
The biggest question remaining is how the scammers are getting contact information for the Irish domain owners, with the scam believed to be of origin outside of Ireland. Blacknight has pointed to suggestions that either the data came prior to GDPR entering law last year, or has been obtained by just copying contact details from target websites.