advice New domain scam via GoDaddy/ PayPal???

[ivey]

Scammers are getting more and more creative these days.

I got an email today saying I received an invoice from baneno.com for $53
the email seems to be referring to renewal. So i checked out the name and realized that i still owned it.

It is due to be renewed today..but Godaddy doesn't send me invoices to pay stuff and i do not have it on auto renew and i also never pay $53 for any renewal.

Here's some screenshots of email:

If you look in the note are at the bottom..... You'll see that they mistakenly have another name listed called thincthanc.com

I canceled this invoice.....

but at a lower price..... average internet users would pay this fee like it's nothing.


I remember a friend of mine said they paid $60+ to renew a name and i was confused because it wasn't for a number of years and it was a basic renewal at godaddy.

Now i'm wondering if they got scammed.

All my names are on manual renewal....

Here's the paypal bill intro...

 

[Peak.Domains]

These scammers are getting more and more sophisticated.

They know if they sent out a fake .com renewal from GD priced at $10 or $12, everyone would be super suspicious...

But a $53 renewal barely turns heads

 

[Sandern]

As the internet expands and more people use it, unfortunately this has opened more opportunities for scammers.

Before clicking a link, hover your mouse cursor over it and view what URL link comes at the bottom of your browser (you can view the URL of a link before you actually click it)

If the URL looks scammy, don't click it!

 

[myfavorite]

Equally check the details of the email address that sent the email.

 

[Sandern]

We can use google to our advantage here.

Equally check the details of the email address that sent the email.

Yes look at their email too.

You can even type the email into google, and see if anybody has written 'scam' articles about it/ or if that email has complaints from other people.

as I said, we can use google to our advantage

myfavorite nice carrot pic

 

[BRANDERX]

It's obnoxious. I almost fell for something similar the other day, the email was "almost" perfect.

Good advice up there, about hovering over the link.

Those links are the devil in disguise.

 

[briguy]

As the internet expands and more people use it, unfortunately this has opened more opportunities for scammers.

Before clicking a link, hover your mouse cursor over it and view what URL link comes at the bottom of your browser (you can view the URL of a link before you actually click it)

If the URL looks scammy, don't click it!

Since I read most of my emails on mobile..can't really hover over URL.

Any suggestions for mobile?

 

[DotKing]

Since I read most of my emails on mobile..can't really hover over URL.

Any suggestions for mobile?

Long tap on the link and it opens menu with few options. Copy URL and paste it somewhere to see it

 

[ivey]

The scammer actually got around the fraud links by legitimately sending a payment request through paypal to my email. So the email came from paypal and using godaddy logo in it.

If i didn't have experience in domaining and was an average internet user, this would easily get me.

They do it close to when the domains expire too.

The average user would pay someone in another country thinking they are paying Godaddy for a domain renewal. They would not even think it was a scam and keep living their life. Except Godaddy would soon start sending their own renewal emails and then that person would soon become confused....

 

[topdom]

Move the mouse over the button they want you to click and look at the link. If it is a strange url, then it is spam/scam. Even if not I wouldn't click on it directly. I would copy the link, and paste it somewhere but not visit the site at first. If it requires login, at site.com then I would login at site.com first, and then maybe visit the url separately. I even do this at trustable sites. If there is a Paypal payment, I login at Paypal first, and then click Paypal payment link of external site.

 

[ivey]

What's sad is people who are not avid domainers will most likely get caught by this scam easily.

 

[winst]

I received the same invoice several months ago. I was not happy.

I means someone was able to correlate email address from GoDaddy AND PayPal to engineer this scam. Not only the invoice link was legitimate and has a valid PayPal page and invoice URL, the scammer knows the date when the domain was expiring.

PayPal allowed someone to use GoDaddy logo with a personal PayPal account with a Russian name, mailing address and email. I'm sure many unsophisticated users fell for this scam.

I've called both GoDaddy and PayPal and GoDaddy said that there was nothing they could do because the invoice is not coming from their system. PayPal told me just reject the payment. I felt PayPal could have done more.

I have since started to use unique email addresses (aliases) for new online accounts. Unique passwords for different accounts just doesn't seem safe anymore.

 

[Name Trader]

I received the same invoice several months ago. I was not happy.

I means someone was able to correlate email address from GoDaddy AND PayPal to engineer this scam. Not only the invoice link was legitimate and has a valid PayPal page and invoice URL, the scammer knows the date when the domain was expiring.

PayPal allowed someone to use GoDaddy logo with a personal PayPal account with a Russian name, mailing address and email. I'm sure many unsophisticated users fell for this scam.

I've called both GoDaddy and PayPal and GoDaddy said that there was nothing they could do because the invoice is not coming from their system. PayPal told me just reject the payment. I felt PayPal could have done more.

I have since started to use unique email addresses (aliases) for new online accounts. Unique passwords for different accounts just doesn't seem safe anymore.

I've have one of these sitting in my paypal account for about 2 weeks now. Whenever I go to try to cancel it in PayPal, I get to the last point to actually cancel, and although the cancel starts off as a paypal transaction, the very last entry in this process (are you sure? or something similar) doesn't look like a PayPal page, it looks more like the invoice page, and I'm terrified of actually press the button, in case this is NOT a paypal page, and then who knows what it might do? Pay? Send my info to the spammer? PayPal Support is really hopeless with stuff like this, when you actually want to try to ask them a question, and their whole menuing system doesn't apply to this (or any other support I've ever needed) case.

 

[winst]

I
PayPal Support is really hopeless with stuff like this

Instead asking for help, I just called PayPal and start the process of reporting a fraud, a problem with their system. PayPal is very helpful that way.

I think many people may be confused but GoDaddy accepts PayPal payments on its own website, not on PayPal's. Invoices on PayPal are for individuals and small businesses. PayPal should block users from creating accounts using trademarks of large corporations, at the minimum.

 

[xynames]

So it's an email with html coding, images hosted within it and a PayPal payment button embedded in it?

 

[Name Trader]

So it's an email with html coding, images hosted within it and a PayPal payment button embedded in it?

I'm not really technical with this stuff. It just appeared in my PayPal account as an invoice to be paid for renewal of 1 domain, which is nowhere near due for renewal. I don't really use GoDaddy that much and transfer everything out when the lock is removed. The invoice was for $63 for a one year renewal. I presume it wasn't worth doing this scam for $15 or whatever the renewal should be. The give-away is the payment request is not from GoDaddy it's from some Russian. So it's flawed. But it would probably catch a few people out. Because the rest of it looks fairly convincing.

 

[ultradog]

I got one too. I forwarded the email to spoof@paypal .com. Ignored the invoice

 

[BrandChimp]

Long tap on the link and it opens menu with few options. Copy URL and paste it somewhere to see it

This used to work on ios now it just opens the link in a new window