GoDaddy clients a target for scammers

GoDaddy clients a target for scammers

BBB has been notified about a phone scam targeting GoDaddy clients.

GoDaddy is an Internet domain registrar and web hosting company with over 60 million domains under their management.

However, BBB has been notified about a phone scam targeting GoDaddy clients. There have been phishing emails in the past claiming to be from GoDaddy support, however these phone calls appear to be after ID and PIN information, not just credit card.

“Once they have your login information they could potentially make changes to your site, steal sensitive financial information or even hijack it completely. Then you’re potentially into corporate identity theft,” says Evan Kelly, Senior Communications Advisor for BBB serving Mainland BC.

Jonathan Yaniv, owner of JY Knows It Business Consulting says the scammers are calling him once a week.

“I simply called Go Daddy to confirm and naturally it wasn’t them making the calls. The scammers copied GoDaddy’s phone systems to duplicate their phone prompts but altered them slightly. Same voice and all, very convincing,” says Yaniv.

“We just want local GoDaddy clients to know that GoDaddy would not make these calls asking for logins and passwords,” adds Kelly.

There are plenty of fake domain name invoices around that ask for credit card information and apply a sense of urgency to the business or risk losing your domain.

BBB has a few tips on managing this aspect of your business:

Don’t provide password or verification codes to any caller. You should never provide sensitive information about your account to an unsolicited call.

Select a single business to register all of your domain names. A single provider with one account keeps it simple.

Understand who in the company has access to the verification codes.

Spot strange domain names. You may have registered your domain as a .com, but an urgent email asking for credit card information for an out of country suffix may be at play; such as

Watch for poor grammar and spelling in phishing emails.

Contact your service provider directly if you have any concerns.