Over the years, we’ve gotten many emails from our customers asking us about iDNS domain expiration notice letters they receive. They look legitimate, because information is somewhat personal. Here’s an example of one of these letters we received for one of our domains from iDNS.
What Should You Do?
The letter looks legitimate because it does have customer’s personal information, and it uses urgency and scare tactics to get you to pay them to "retain exclusive rights to it on the Web."
If you’re got this letter, you already own exclusive rights to your domain.
If you have any questions about your domain registration, contact your current domain registrar. It’s the company where you bought your domain, the one you pay every year or so domain renewal fees. They are the legitimate domain registrar. In most cases, you will not receive a letter in the mail from them. Usually, they email you when your domain is coming up for renewal.
Many users might not know the difference between their original registrar and iDNS. This lack of knowledge is what iDNS prays on and uses aggressive language in their letters to scare people into paying them.
On top of that, you’ll be overpaying. Most .COM, .NET and .ORG domains are inexpensive. On average annual price is around $12. Not $45 as the letter indicates. Or whatever the price might be.
Where Do They Get Personal Information?
iDNS harvests your domain information and your address from publicly available database called WHOIS. This information is required to be publicly available. You can look it up using who.is service.
You can’t turn it off, but you can mask it using a privacy protection service that most registrars offer as an addon (either free or usually $10-20/year). This privacy protection service simply offers a third-party proxy address and contact information, and hides your personal information from public WHOIS database.
You should contact your domain registrar to see if they offer it and enable it if they do. Note, only your registrar can enable privacy protection. You can’t buy privacy protection from a third-party for a domain registered somewhere else.
If you’re covered by GDPR, your contact information should already be redacted from WHOIS database. If it’s not, contact your registrar.
Also, there is a difference between privacy protection and GDPR protection for domains. You can learn more about both here to see which one is right for you.
We will never mail you any letters regarding your domain registrations with us. Always think safety first, don’t assume anything. Simply email our team and ask. We’re more than happy to help and answer any questions you may have.