GoDaddy is the biggest domain registrar in the world, with millions of domains under management.
Statistically, it is the number one target of domain thieves, domain hijackers and other vagabonds. Simply put, there are more attempts to steal domains from GoDaddy accounts, than all other domain registrars combined.
Beginning in January 2014, ICANN requires that domain registrants verify their email address – or phone number – with the registrars where their domains are managed.
That requirement has created lots of headaches for GoDaddy, as it increased the number of incidents involving phishing emails.
GoDaddy is now urging its customers to “not click that link“; explaining that most domain notifications are bogus and consist of malicious attempts to hijack one’s domain account, by entering the username and passwords on a rogue web site made to look like GoDaddy.com.
The rule of thumb appears to be that for any type of function, one should log into the proper web site directly, and never by clicking email links. However, many functions are dependent on confirmation emails sent out by registrars.
There is no 100% foolproof method to recognize rogue links.
You should, however, read the GoDaddy article on the subject, as it’s a good enough primer.
I don’t know how these guys are catching our email ids.
Just received such an email to verify a contact of my lll .com. Even if that was a real GD I just better deleted the email.
People complain about moniker . . . What about enom, Godaddy, with their huge phishing issues? Get your domain names out!
Google has no issues verifying their accounts with text messaging. Why don’t Registrars adopt that method?
Why? Why? Why? Why?