Updated December 26, 2017.
Updated December 26, 2017.
How can you recognize scams that target you as a website owner?
Learn to recognize scams so you can avoid them. Here are some examples of scams that you might come into contact with.
Google Search Results Scam
You might get a phone call or email from someone saying that Google has upgraded their technology, and it will cost you a certain amount of money in order to guarantee that your website will still appear in the list. Furthermore, they may guarantee that your site will always appear in the top 6.
This is a scam! Google does not call you any more than Microsoft does (yes, that one is a scam, too!). Search engine optimization does not work this way. No one can “guarantee” you any specific results in Google – top 6 of what? What is the user searching for? Rather than paying someone your hard-earned money for nebulous “results,” work with a proven, trusted web developer or search engine optimization specialist to help your website rank high for search terms that are relevant to your organization.
Domain Name Registration Scam
You might receive an email that looks something like this:
“As a courtesy to domain name holders, we are sending you this notification for your business Domain name search engine registration. This letter is to inform you that it’s time to send in your registration.
“Failure to complete your Domain name search engine registration by the expiration date may result in cancellation of this offer making it difficult for your customers to locate you on the web.
“Privatization allows the consumer a choice when registering. Search engine registration includes domain name search engine submission. Do not discard, this notice is not an invoice it is a courtesy reminder to register your domain name search engine listing so your customers can locate you on the web.”
This email sounds official, and a bit menacing, but what is it really saying? What on earth is a “domain name search engine listing”? You don’t pay Google or any other search engine to be listed – so this is a scam. Don’t fall prey to the “do not discard” warning – delete it!
Gmail “Session Timeout”
If you receive a message from a known sender, but Google has flagged it as a possible scam or hacked account, you might click to indicate that you trust the sender. When you do that, you might get a message that says click “here” to see the email. If you do that, and it opens another Gmail session in a new window and wants you to log on again, saying your session has expired – beware. This could be a phishing attempt to get your login credentials. Log out and don’t attempt to view the questionable email.
Instead, contact the sender via another method and let them know that their account may have been compromised.
How can you recognize scams and avoid them?
There are a few ways you can recognize a scam.
- If it seems too good to be true, it probably is.
Wouldn’t it be nice to make a one-time, covering-you-for-five-years payment to ensure you’ll always be at the top of Google search rankings? Sure it would! But Google’s algorithms change a lot, and no one can guarantee you anything like this. Work with web professionals you know and trust, rather than believing a random email or phone call from someone you don’t know.
- Don’t click on links in unsolicited emails.
We should all know this one by now, but sometimes we forget, especially if the email looks authentic. If you get an unsolicited email, don’t click on a link in it. This even goes for emails that may otherwise seem to be legitimate – that is, from a company you know, with no noticeable spelling errors, and the link appears to go to the correct website. Still, to be safe, type the company’s URL in your browser, navigate to the website and log in, and only then look for the communication or information they have supposedly sent you.
- Check the URL in your browser’s address bar.
If you think you’re on PayPal’s website, but the address is something like pay-pal.org instead of paypal.com, you are NOT on PayPal’s website. If you realize this after having entered your username and password, go immediately to the REAL website in question and change your password. You can notify the company’s fraud department as well, by forwarding the email you clicked on. Keep in mind that some phishing scam emails are particularly sneaky – read about domain name masking tactics here.
- Check the grammar and spelling.
Scammers are notorious for using improper grammar and misspellings. This is tip-off number one that the email is a scam. However, even if you don’t see misspellings or grammatical errors, keep tip #2 in mind and don’t click on the links.
- If you can’t tell for sure, forward the email or your question to your trusted web developer.
He or she will be able to help you determine whether or not the email is a scam, show you the signs so you can recognize it more easily next time, and give you tips like these to help stay safe online.
How did they find me?
Some hosts don’t make WhoIs information private. That is information that shows who the registered owner of a domain name is. You can check whether yours is private by looking up your domain name on a WhoIs look-up site. For example, a website on Dreamhost would show up like this, hiding the actual owner’s name and email:
Other hosts may show your email address and name, and even your mailing address, leaving your information easily accessible to scammers. Ask your host to hide your registration information.
Now you know how to recognize scams that may target you as a website owner. Have you run into others? Let us know in the comments!