Registration Scam

[b]I just got a scam email and have already confirmed it with support and submitted a ticket so they can investigate it, but i though i would post it here as well just to give everybody a heads up on it.

This is the address of where it cam from:[/b]

And this is what the rest of the email looks like:

Attention: Important Notice , DOMAIN SERVICE NOTICE


Response Requested By
12 - February - 2016


As a courtesy to domain name holders, we are sending you this notification for your business Domain name search engine registration. This letter is to inform you that it’s time to send in your registration.

Failure to complete your Domain name search engine registration by the expiration date may result in cancellation of this offer making it difficult for your customers to locate you on the web.

Privatization allows the consumer a choice when registering. Search engine registration includes domain name search engine submission. Do not discard, this notice is not an invoice it is a courtesy reminder to register your domain name search engine listing so your customers can locate you on the web.

This Notice for: EMERZION.NET will expire at 11:59PM EST, 12 - February - 2016 Act now!

Select Term and Package Here

Payment by Credit/Debit Card
Select the term using the link above by 12 - February - 2016


The information in this letter contains confidential and/or legally privileged information from the notification processing department of the DomSearchReg Unit 8193, PO Box 6945, London, W1A 6U U.K. This information is intended only for the use of the individual(s) named above. If you do not wish to receive further updates from DomSearchReg Unsubscribe here. If you are not the intended recipient, you are hereby notified that disclosure, copying, distribution or the taking of any action in reliance on the contents for this letter is strictly prohibited.

Just be careful with giving out info, and check with support. (Even if it looks like a obvious scam people still get fooled.)

Yeah, I get those all the time. They go in the bin.

Anything that you ever see talking about “search engine registration” and claiming that it will “expire” or needs to be “renewed” is guaranteed to be a scam, 100%.

For the most part, there is no such thing as “search engine registration”. All of the major search engines, including Google and Bing, will typically discover new web sites on their own. If they do not, there is typically an interface where you can inform them of your site yourself for free. (For instance, you can do this for Google in the Google Search Console.)

Needless to say, your site’s listing in a search engine does not “expire”, and does not need to be “renewed”. So long as your site is still available online, search engines will continue to index it.

5 days ago (2 days after registering a new domain on Dreamhost) I received almost the exact same eMail as the OP except that the from address is:

The text of the eMail is almost identical to the text posted by the OP.

I figured it is SPAM.

I am confused about how I was able to receive this message because it was addressed to the PROXY PROTECTION (<>@PROXY.DREAMHOST.COM) address, not my actual eMail address. I assume they (the SPAMMERS) got that eMail address by looking up the WHOIS info from my new domain? But I don’t know how that message made it to my inbox. Is there some automatic mail system where anything sent to <>@PROXY.DREAMHOST.COM gets sent to my real eMail?

BTW, at first I was confused and thought it might be legit because right after registering my domain I had to respond to the “IMMEDIATE VERIFICATION” messages sent to my eMail from where I had to click a link to verify my eMail address with

I was aware that I was going to be receiving the message(s) from because they sent me an eMail right after registering saying I would. But they really should do something to make those legit messages less “spammy” looking.

yes, that is what happens with someone emails the whois ______@PROXY.DREAMHOST.COM. The email is forwarded to the account holder’s actual email address.

Looks like spam, smells like spam, (tastes like it too)…

THAT is a valid procedure. But one must carefully validate the validity of the “official” email tho. I’ve seen an email that had an (or some domain name close to that) that of course was NOT the valid procedure.

[quote=“LakeRat, post:5, topic:63255”]

yes, that is what happens with someone emails the whois ______@PROXY.DREAMHOST.COM. The email is forwarded to the account holder’s actual email address.[/quote]

Thanks for explaining. That seems like a handy feature!