Freeola posted on Tuesday February 21st, 2017

If you recently purchased a domain, you may have noticed a significant increase in the amount of spam you receive (you may have even received some phone calls). You are probably wondering where on earth these spammers got your details from. Unfortunately this seems to have become really quite common. In this post we are going to take a look at why this is happening, as well as what you can do about it.

How did this happen?

Whenever you register a domain, it is a compulsory requirement that you provide your details (name, email, telephone, etc.) - then this information is entered into a database called "Whois". The database is a requirement of ICANN and has a number of legitimate purposes, such as determining the owner of a domain where there are multiple claims as well as tracing for trademark and legal infringements.

Due to the fact that the data is publicly available, some people have decided to take advantage of this and have scraped the Whois database, there's even software available that helps people to do this. Scraping is the term used for pulling huge amounts of data from the internet. There are also sites where lists of newly registered domains can be purchased and downloaded on a daily basis. Unfortunately because this is cheap and easy to do, some companies are taking the new registration details and spamming them with their services (often web design, web hosting deals, etc).

Some of the more alarming emails are outright scams, designed to fool the less internet savvy. A common one offers to submit your site to search engines, charging you a pretty hefty fee; despite what these emails say, you don't actually have to submit your site, but if you choose to it's completely free. There are also scams that are aimed at registrants with a domain nearing a renewal date, claiming that you need to renew with them; the fact that they have your details and a renewal date is all quite convincing. If you are at all unsure, you should check with your registrar, or you can even use Whois to look up who your domain is registered with.

So what can I do?

Unfortunately in an attempt to evade spammers, some people have tried to add false details; such as not adding a full address or adding an email address with an additional or missing letter. However adding incorrect details is not a suitable solution and can actually be grounds for termination. Adding an incorrect email address can also lead to difficulties later on, for example if you are asked to verify your details/ownership of the domain and you do not respond within 15 days, your domain will be suspended (this is a requirement put in place by ICANN). So you must always use a legitimate email address that you have access to.

Although you cannot remove your details from the Whois database, in some circumstances you can choose to hide certain details by purchasing additional privacy from your registrar (such as GetDotted's Enhanced Whois Privacy). In this case your personal details will be replaced with generic details. In order to ensure the best possible protection, we'd recommend adding the privacy when purchasing your domain. You can add enhanced privacy at a later date - but because your details have already been public for a period of time, you do run the risk that spammers have already got their hands on them. It is worth noting that not all domain types are eligible for domain privacy, you can check which domains are eligible on our Whois page. If your domain is not eligible for domain privacy, it can be a good idea to set up or use an email address other than your primary email address, this way you can still check and access the email when needed - without having to wade through a load of spam to pick up your regular email communications.

If you have found yourself a victim of these spammers, we'd recommend that you remain wary, and do not click on any links or open any attachments. If the email is regarding your domain and you have any doubts, always check with your registrar. Personally I would avoid doing any business with any organisation that had acquired my details in such an immoral manner.

So don't worry, your registrar is not in cahoots with the spammers and it's highly unlikely that they sold any of your details on. You can also rest assured that Freeola & GetDotted will never sell any of your details to any other companies. If you already have a domain hosted with us, and you would like to add domain privacy, you can do so via your MyFreeola account.


Thank you for your comment. Your comment has now been successfully added to this post.

chasfh commented on 22nd February, 2017
good post

Hmmm... commented on 22nd February, 2017
Useful info.
After realising my email address was available via WHOIS, I setup a new email account just for domain registrations which helps control things.

If you are wondering what information is available for your domain it's work visiting http://getdotted.com/ and after searching for your domain name click the 'i' to see the WHOIS data.