Whois Privacy: Make Your Public Data Less Vulnerable
Do you get a lot of robocalls on your cell phone? How about unsolicited text messages offering you a logo for your new website? Is your spam folder overflowing with offers for SEO services? Do you wonder how in the world they got your contact information?
Whenever you register any domain name, you’re required by ICANN to create a record of who owns it. Because this information is public in the Whois Search Directory, it means that scammers and spammers have free access to the phone numbers and addresses of anyone who registers a domain name.
Namecheap offers free WhoisGuard for the first year to everyone who registers a domain with us. This ensures no one can find this information associated with your domain.
As part of Internet Privacy Week, we’ll discuss why adding Whois privacy to your domains is so important.
How Big is the Problem?
When registering a new domain name, you must include the owner’s name, physical address, phone number, and email address. This all becomes part of the ‘Whois record’ for the domain, and is publicly available and searchable.
The privacy risk this poses is bad enough for businesses registering a domain, but it becomes even more of a problem for registrations that ask for your home address and telephone number.
Spam from Unprotected Whois Records
To give you an idea of the scope of the problem, let’s look at a handful of the emails I received based on my information in Whois.
Many of them may look familiar to you:
- Fake domain name registration notices that try to get you to pay an inflated renewal fee or transfer a domain to another registrar
- Phishing emails that entice you to give up your registrar username and password so thieves can steal your domains
- Solicitations to buy domain names based on other domains you own
- Web hosting offers for your newly-registered domain names
- Pitches for SEO services
- Warnings that someone is trying to register domain names similar to yours and asking for your permission. This is another way to try to fraudulently obtain your private account information.
Not only are these emails an inconvenience, but they often dupe people into buying unneeded services, further perpetuating spam and data misuse. Worse, people are frequently tricked into surrendering passwords and thereby having their domain names stolen.
What’s the Solution?
Fortunately, there is a simple way to keep your personal information out of the Whois database: Whois privacy.
There are two similar services that hide your personal contact information: Whois privacy and Whois proxy.
Most services you will encounter are Whois proxy services. The proxy is the domain registrar (such as Namecheap.com) which registers the domain on your behalf. When Whois privacy is selected, the proxy company substitutes their own contact information for the customer’s.
However, using Whois privacy still allows for the transmission of legitimate contact requests. When someone needs to reach the actual owner of a domain, the registrar provides a unique email address that filters out most spam and lets through legitimate emails while still protecting the domain owner.
You also don’t have to worry about text messages and robocalls since the proxy’s phone number is substituted for yours.
How Can You Get Whois Privacy?
While many registrars charge a lot of Whois privacy, Namecheap offers free WhoisGuard for the first year on eligible domains. And it’s only $2.88 a year after that.
It’s a small price to pay for protecting your privacy.
Protect your Privacy
With Internet Privacy Week (Oct. 18-24), we’re providing you with more information about ways your information can be tracked. We also encourage you to take a stand for Internet privacy for all by signing our Internet Privacy Bill of Rights.
Andrew Allemann is editor of Domain Name Wire, the longest-running blog covering the business of domain names. Domain Name Wire has covered the business of domain name investing for over ten years.