Website scams are actually quite common.  We were in our weekly meeting this morning and realized that more than one of us had clients who were dealing with fraudulent claims last week so we thought now would be as good of time as any to educate our listeners about common spam schemes and how to steer clear of them.

View the Episode Goodie Bag >>
Hosted By
Monica Maye Pitts
Monica Maye Pitts Chief Creative Officer

3 Common Website Scams & How to Spot Them

We were in our weekly meeting this morning and realized that more than one of us had clients who were dealing with fraudulent claims last week so we thought now would be as good of time as any to educate our listeners about common spam schemes and how to steer clear of them. 

Website scams are actually quite common.  

Many people know very little about how the web really works making them easy targets for scammers. Website owners are a lot like car owners. You know how to drive them but do you know why they drive or how to fix them if they stop driving? When it comes to my car I certainly don’t. So if I go to a shady auto repair spot and the mechanic tells me, “fix these 10,000 things or your car won’t run” I have no idea if it’s legit. I either have to call for backup (cue the trusty husband or dad) or just go with my gut. 

The first rule to avoid any scam is to go with your gut. If your gut says no, then things are probably not right. 

My grandma, will, God bless her, send in that dollar to the Publishers Clearing House every time she gets a letter because she’s like, “Monica, I could win! And it’s only $1.” 

And being a pragmatist I’m like, “Grandma, don’t send it in. Go buy yourself a candy bar. You’re not going to win. It’s not real.” I have no idea if it’s real or not, I’m just going with my gut. Ok so back to website scams…

We see three types of scams on repeat:

SCAM #1: People Pretending to be Google.

Scam #2: Stolen Images Notifications

Scam #3: False Domain & DNS Expiration Letters

Lets dig into each, what they are and how to spot them.

SCAM #1: People Pretending to be Google.

The scam tactic we defuse most often is “Google calls”. Many of our clients often call and say, well, Google called me and said, ___________________.

First off, this is a mega red flag. Google doesn’t call people. Let me tell you, we work with Google on a regular basis and actually getting them on the phone is like pulling teeth.

The most common Google scam call sounds something like this:

 “I work with Google and you need to do X, Y, and Z for your business listing on Google or you’re going to lose it, or it’s going to cost you this much money.”

First off they’re being sneaky, notice how they’ll say with, not for.

Second, Google business listings are free. You do not pay for your Google business listing, you can go verify it or create it on business.google.com. But you don’t have to pay for it. 

The bottom line is the person on the phone is not Google, and you should hang up and not talk to them because they’re trying to scam you out of your hard earned money. 

Scam #2: Stolen Images Notifications

This is a new scam, I learned about it just this morning from my account service crew. Scammers send out a letter or email claiming you owe them money for using improperly licensed images on your website.

It’s a great scam because many people do unknowingly (or knowingly) “steal” images for their website. And if you were to use images without proper licensing you’d get a very similar letter claiming the same thing. 

Most people understand copyright laws when it comes to words, but they don’t understand when it comes to images. People often think if an image is out on the internet it’s free game and they can use it for anything they want. And that’s just not the case. 

So how do you know if it’s real or scam?

Do a self assessment:

  1. Did you or your web developer purchase the images on your website?
    Are you sure? You are the owner of the site after all so you are legally responsible for what’s on it.
  2. Did you get images from Google and put them on your own website?
    Did you just google search for an image, right click on it and save it then use it on your website? If so there’s a far higher chance the claim is legitimate.

SIDE NOTE…if you are one of those people who’s stealing images from Google, there are lots of free stock photo websites you can use. Many of the photos are super original and just what you might need, so stop syphoning images from Google and just use properly licensed free photos.

Tell tale signs of authenticity:

  1. Most big companies truly will send you a physical letter if they can get a hold of your actual address. If what you have is a mailed piece of paper it’s more likely to be legit.
  2. Look for a photo reference number. Does it have something that truly indicates what the exact picture is or where it’s located on your site? Big companies tend to be pretty specific. They are making a legal claim which has to include details about the supposedly stolen goods.
  3. Most legit letters tell you how to remedy the problem. The letter will tell you who to contact if you do have a license to use the image. They also often tell you how to remedy the situation if you don’t have permission to use the image.
    If the notification is a fake, they’re not going to tell you what you did exactly, they’re going to make you go fish for it, which is not what you want to do.
    Scams will often say “click this link to see which images are under scrutiny”. And well, just in general, I advise against clicking links in suspicious emails. That’s an amazing way to contract a computer virus or get your credit cards stolen.

So double check any emails or letters for the correct information. A real claim will explain exactly what you did wrong and how you can make it right.

Scam #3: False Domain & DNS Expiration Letters

Ok so the third scam we see a lot, that we used to see come across as paper faxes, facsimiles (remember those!?!?). I probably shouldn’t joke. I’m sure some people still use them but we had them converted to digital at least 8 years ago.  But I digress, this scam is not new but it’s still really confusing.  

People will send you a letter saying that either you need to pay for DNS, or you need to pay them for your domain name. But they don’t own your domain name, and your domain name is not registered with them.

These people are not just scammers, they’re pirates. They’re trying to get you to sign your domain over to them so they can sell it or use it for another site. And most of the time the site they’re going to use it for is NOT one you want associated with your business. That’s very craptastic. It’s very sad. And it’s very time consuming to fix. Signing your domain name over to these pirates creates a huge pain in your butt. It’s confusing to your site visitors and customers and also anything else associated with your domain name will no longer work. The one people usually notice first is their email…it won’t work anymore if your domain is hijacked. 

So let’s take a little step back – What the heck is DNS?

Your domain name, some people refer to this as your web address, is set up to be used in different ways.  It can be used for email ([email protected]) or your website (mayecreate.com) and a few other things as well. DNS is like the roadmap that tells those pieces of your domain name what to do and where to go.

How to debunk this scam.

  1. If you got the notification by fax or letter that’s a red flag.

First and foremost comfort yourself with the fact that the company you registered your domain with, your registrar, is almost never going to send you a piece of mail or fax. They’re just not. They email you. And when your domain is about to expire or if you have it set for auto pay and your credit card has expired, they will email you a bajillion times. Over and over. And they even give you a grace period to reclaim your domain after it expires that they will also email you about repeatedly. So check your email. Not sure what email it would send to? You can figure that out by running the Whois report I explain in #3 below.

  1. Look for “this is a solicitation not a bill” on the document.

The scam letter, fax or email you receive will likely look like an invoice. Think utility bill. It will have a stub for you to tear off, pay and send it. So most people think that they need to pay it. By law, the sender is required to say, “this is a solicitation not a bill”, somewhere the items they sent you. Oftentimes, it’s in small print in the middle somewhere. So if the letter you have says “this is a solicitation not a bill” it’s a scam.

  1. Check where your domain name is actually registered. 

If you’re still not sure, check where your domain name is actually registered. Common registrars include: GoDaddy, Network Solutions, Domain.com, Bluehost, HostGator, Namecheap, DreamHost and Shopify. If your domain information is public, and many are, you can find it’s registrar by doing a “Whois” search. You search for free at https://lookup.icann.org/lookup. Type your domain in the search box and it will spit out a long report of information about your domain. All this stuff that may or may not make sense to you. But most importantly, just look for the word “registrar”. If that does not match what is on the letter that you received, it’s likely a scam. 

So now you know.

#1 If someone “with” Google calls you – hang up. They’re a liar.

#2 Don’t believe the people claiming you stole the images on your website. Do your homework, everything might be totally okay. (And if you are stealing images stop.)

#3 If you get something that looks like an invoice about your domain or DNS in the mail, look for the statement “this is a solicitation not a bill” on the mailer. Don’t sign anything. And do a WhoIs search to figure out your domain registrar.

If you’re not sure someone is trying to scam you, check with your web designer.  They can help.


Referenced Assets

© MayeCreate Design 2021 | 573-447-1836 | [email protected] |108 E. Green Meadows Rd., Ste. 9 | Columbia, MO 65203