Lately, we’ve heard more and more about bogus emails giving the impression your hosting plan or domain name is up for renewal. These emails are clever and oh so believable. In fact, these scammers are going so far as to input your organization name, owner, and actual address to make the emails look all that more authentic. (they do say personalize emails with your organization name, a contact person, and URL, resulting in hiring engagement and click rates. {Sarcasm but true statement}
Let’s dive deeper into this issue so you and your team can avoid being “hooked.” You receive an email with the subject line saying something like “Your hosting plan has expired” Agh, you think to yourself because there’s no way you can have your website go down. You quickly click the link and pay the bill. Then in the pit of your stomach, you get this feeling… the feeling like wait, didn’t we renew a few months ago? Oy vey, you’ve had a moment and realize you’ve been scammed. Or worse, your unsuspecting bookkeeper gets a notice via snail mail or email and pays the bill without thinking about it. Now what? Your next steps depend on your scenario but here are a few preventative measures and actions.
Ways to prevent this from happening to you and your organization:
- First and foremost, know who your website/domain name host, email provider are. This is critical for many reasons but you can avoid being scammed by ignoring emails that aren’t from your provider.
- Make sure your bookkeeper is aware of this type of scam. In fact, we recommend setting up auto-renewal with your hosting providers so you aren’t tempted to reply to emails like this.
- NEVER click an email requesting you pay a bill, upgrade or provide detailed information. Always go directly to your provider’s website and login from there. In fact, there is a current scam email floating around for QuickBooks which I warned about on our Facebook page.
- Have your hosting provider name, phone and account number, and logins in one location. You may find this PDF helpful even if it only lists the provider name and number. You may have an organization password management system.
If this happens first of all take a deep breath, know it will be OK, and act fast!
- If you clicked a link and provided password info to the scammer, change it immediately.
- Know that reputable (if not all) domain hosts have a transfer lock on accounts to prevent this bogus and unauthorized transfer.
- Did you pay the scammers? Call your credit card company right away and dispute the charge.
- Refresh your team on scams like this and the importance of questioning emails for renewals, payments, or the like.
- Defer to your web developer. We encourage our clients to check with us first. Forward the email to us and we can see if it looks legit, check who your providers are, and help avoid the mess.
Now that you’ve been warned, you can better spot these bogus emails. Remember, if you are ever unsure, ask your connections or ask us!