Scam Artistry 101
Today I opened my usual week's worth of accumulated mail. Between a birthday card from my grandma and some return address stickers with adorable kittens was wedged this "courtesy" notice about my website:
In case it isn't obvious from the title of this post, this "Domain Registration of America" is attempting to rip me off. A little background: the way the World Wide Web generally works is that the people who own the servers a website is hosted on (in my case, the company Host Gator) reserve the rights to a particular domain from a registrar, who maintains database records for DNS servers. When you type a URL like "tkmarnell.com" into your browser's address bar, your Internet service provider (Comcast, AT&T, etc.) uses these records to match the domain to the IP address of the host you want to reach, who sends the webpage back to you.
DROA is one of those registrars. But they are not my registrar. They are attempting to "renew" something they do not own, like the 21st century version of having a nice bridge in Florida they'd like to sell me. Now, I normally don't give props to scam artists, but I must acknowledge this group for doing their job extraordinarily well. Should I ever embark on a shady venture of my own, I will adopt many of their tactics for my template.
Pro Scammer Tip #1: Sprinkle Your Products with Heartwarming Icons
My father's first tip to recognizing cons, passed on to me circa 2000, was this: "Never trust a man wearing American flags." As a burgeoning scam artist, you should display your patriotism liberally on all of your materials. Example:
If you're pretending to work for a charity organization, a few Christian crosses, pouting puppies, or exotic-looking children with painful medical conditions might help, too.
Pro Scammer Tip #2: Hint at Impending Doom
If your target isn't already roped in by the official-looking red, white, and blue letterhead, she ought to run for her checkbook as soon as she reads of the dire consequences she will face for refusing to give you money. Your language should be as vague and frightening as the following:
"Failure to renew your domain name by the expiration date may result in a loss of your online identity making it difficult for your consumers and friends to locate you on the Web."
Take note of the hot keywords like "failure," "expiration date," "loss" and "identity." Never use an accurate word when a loaded one will do.
Pro Scammer Tip #3: Bury the Details in Long, Confusing Paragraphs
Technically, DROA is not breaking any laws. They have clearly stated at the end of the third paragraph that by paying them, a sap customer is actually switching her domain registration to an unfamiliar company. However, they put in enough scary-sounding Capitalized Legalese padding beforehand to make sure she doesn't get that far, and even if she does she probably won't understand it. They can even be conscientious and bold the words "This notice is not a bill," because the detachable area at the bottom with Visa and Mastercard logos will override them entirely.
Pro Scammer Tip #4: Tell Them They're Saving Money, Not Spending It
Wow, the "Recommended" two-year plan will "save" me $10! Never mind how much the my actual registrar charges ($15 a year, BTW, or $75 over five years), $55 is a lot to cut! Any intelligent and discerning consumer like me would sign up the bulk plan. It's like when you go into the gas station intending to buy a single 20oz pop for the road, but the cashier says you can get a second one for half off. You didn't originally want a second one, and you should probably not drink a second one, but if you don't take advantage of their generous offer and spend 50% more than you intended, you're clearly a fool.
Pro Scammer Tip #5: Include Fine Print on the Back
If there was any doubt remaining in your target's mind that this was a bona fide, official bill for renewal, a blanket of tiny text on the back ought to dispel it.
Even better, it's all italicized, in light gray ink, with a few paragraphs in ALL CAPS to make it impossible to decipher. It's nothing a customer needs to know, anyway, just some legal stuff about DROA not actually having any control over registry administration and they will not give refunds if you don't get the domain name you paid for, etc. etc. Oh, and if you change your mind after signing up and cancel the credit card payment, they assume the right to your domain until you pay them a "reinstatement fee, currently set at $200 (US Dollars)," and if you sue them over it, you agree to hold them "harmless from all liabilities, including attorney's fees and court fees" blah blah blah.
Fun and snarkiness aside, people like this can be dangerous if you don't know to look out for them. Domain Registry of America is even on the Wikipedia page for "Domain Name Scams" for having a couple of lawsuits and a run-in with the FTC in the early 2000s. In 2009, the Advertising Standards Authority of Great Britain issued an adjudication with many of the same conclusions on the letter that I've put here, and the warning that "The mailing must not appear again in its current form." Of course, they're perfectly free to continue to mislead people in the US as much as they please.
Comments
The funny thing is that even if you filled out that form and sent it to them, your domain would still expire. They'd need your transfer secret (and your domain to be unlocked) to be able to acquire the domain name, which only the user can get from their current registrar (or web host if your host manages your domain name which is often the case). So you'd need to provide it to them. Otherwise, the only way they could get the domain name is to wait for it to expire and for the holding period (typically a month) to be up before they could snatch it up.
Well timed for April 1st.