Scam message from Godaddy offering an appraisal of my domain name?

Joined
Apr 27, 2010
Messages
19,530
Location
Suburban Washington DC
I registered a domain name with Godaddy over ten years ago in case I ever want a website, and today I get an email from Godaddy offering an appraisal of the dormant domain name. When I click the link it sends me to a page asking for my log in information. Seems suspicious since if you have my email address you already know it's me. Hit the back button and then check the address from where the email came from. Says, e.godaddy.com. Scam?
 
Godaddy wants to know if you're interested so they can rip you off.

Apparently using Godaddys "whois" tells them someone's interested in a name, so they register it to themselves and offer to flip it for an unreasonable price.
 
It would be interesting to know the exact URL the email sends you to.

(Re-)selling domain names is no small part of their business; to the point where their practices have driven a lot of customers away. I suppose there is a line demarcating "too-aggressive business practice" from "scam"; maybe GoDaddy is straddling that line. Way more than once I have searched for a domain name for a client to ascertain availabilities of variations (i.e. yourawesomecompany.ca, yourawesomecompany.com) only to find them - the next day - "for sale" by someone who'd purchased it in the preceding hours; raising the price from the standard ~$20/yr to $500 + ~$20/yr.
 
I registered a domain name with Godaddy over ten years ago in case I ever want a website, and today I get an email from Godaddy offering an appraisal of the dormant domain name. When I click the link it sends me to a page asking for my log in information. Seems suspicious since if you have my email address you already know it's me. Hit the back button and then check the address from where the email came from. Says, e.godaddy.com. Scam?
Never click an unexpected link in an email. If curious go independently to the company website using your browser, not the link.
No way to know if it is a scam BUT domain sites do solicit domain names, even if you maintain ownership without turning it over they will broker it for you, much like real estate for a percentage or flat fee.
 
Now when I click on the link it goes directly to what seems to be a legit Godaddy page without having to log in (because I logged in directly earlier) and saying it's worth $1035.
 
Put your pointer directly over the top of it and it should show you where the link goes without clicking on it. Any scammer worth his salt would know how to make a link look like it's going one way, while it's really going the other. Hover on any link on this page and it should do the same.
 
I'm using Brave browser and when hovering over a link, it shows the address @ bottom left of the page. Google Chromes does the same. Microsoft Outlook does it directly over the link IIRC. Not sure why you're not seeing it. I get a lot of questions at work about whether emails are legit or not, and that's one method I use to determine validity.
 
I'm using Brave browser and when hovering over a link, it shows the address @ bottom left of the page. Google Chromes does the same. Microsoft Outlook does it directly over the link IIRC. Not sure why you're not seeing it. I get a lot of questions at work about whether emails are legit or not, and that's one method I use to determine validity.
That was one of the strategies that our annual cybersecurity training covers too.

BTW, my work got hit HARD 3 years ago with ransomware. They were honestly pretty loosey-goosey about a lot of security prior to that, and frankly were after as well.

The guy who was then director of IT when the attack happened(he caught it at 10:00 at night from home, and came to campus and started literally pulling plugs on stuff when he recognized what was going on-he probably saved the college millions of dollars and months of recovery by doing that) IS very security conscious, but didn't have a lot of sway to make changes then. He's since been promoted twice, now to a VP role, and he's made some big changes including regular password resets(there hadn't been a mandatory one in years prior to the attack), 2FA for everyone, and requiring annual cybersecurity training. He's also put official, proper mechanisms in place for reporting suspicious emails. I know none of this is earth-shattering-we were doing it at another school where I worked 5 years ago-but it's at least putting current common practice into place. BTW, I'm 5 for 5 this year on IDing their test emails, and have caught a handful of other spam or phishing attempts that were not tests.
 
That was one of the strategies that our annual cybersecurity training covers too.

BTW, my work got hit HARD 3 years ago with ransomware. They were honestly pretty loosey-goosey about a lot of security prior to that, and frankly were after as well.

The guy who was then director of IT when the attack happened(he caught it at 10:00 at night from home, and came to campus and started literally pulling plugs on stuff when he recognized what was going on-he probably saved the college millions of dollars and months of recovery by doing that) IS very security conscious, but didn't have a lot of sway to make changes then. He's since been promoted twice, now to a VP role, and he's made some big changes including regular password resets(there hadn't been a mandatory one in years prior to the attack), 2FA for everyone, and requiring annual cybersecurity training. He's also put official, proper mechanisms in place for reporting suspicious emails. I know none of this is earth-shattering-we were doing it at another school where I worked 5 years ago-but it's at least putting current common practice into place. BTW, I'm 5 for 5 this year on IDing their test emails, and have caught a handful of other spam or phishing attempts that were not tests.
Sounds a lot like what's going on in my workplace. In a meeting yesterday, the VP mentioned that 5 years ago we didn't worry much about security. Now we do testing of employees and staff with random phishing emails and the like. It's become a very big deal, and some of our competitors have gotten caught with their pants down in a very public way. All the focus seems to be working in our staffs. It's pretty easy to get burned if you're not paying attention.
 
Links in emails do nothing. Probably a security thing so you don't get a virus.

IMG_4256_1.webp
 
Back
Top Bottom