How to recognize a spoof/phishing email

It’s essential to watch out for spoof (fake) emails requesting certain account/access/personal details from you. To confirm that an email comes from Namecheap, please make sure that the email is sent from a legitimate @namecheap.com email address.

If you suspect that the email was not from Namecheap, here’s how to recognize spoof/phishing emails:

  • Fake email address: fraudsters typically send emails using a phony email address. Please be aware that the 'From' field in emails can be altered easily, and that it is not a reliable indicator of the true origin of an email. Thus, make sure it is sent from @namecheap.com or hover your mouse over the name of the sender to check the hidden email address.
  • Non-Personal or generic greetings: most fraud emails start with a generic greeting such as 'Dear Namecheap Member' or 'Dear Namecheap User'. Please note that emails from Namecheap.com begin with your first name, i.e. 'Dear/Hi John,' and that some emails from our Legal & Abuse Team have a specific format and will be sent using the email address abuse@namecheap.com.
  • Stress urgency/account status threat: fraudulent emails typically claim that your account has been suspended and that you need to supply your personal information, such as username, Support PIN, password, or credit card number (usually without any explanation). While Namecheap may also request similar data, we will never request your account password or full credit card details via email and send a login form to you.
  • Phony website addresses (URLs): fake emails usually contain website addresses (URLs) that link to phony websites that ask for your personal information. Thus, please review the links carefully for any extra letters or signs. If Namecheap.com requests information from you, we will always direct you back to the Namecheap.com website to provide the information.

    PLEASE NOTE: In some cases, we may request to submit the details via our partners, Validation.com - a secure service that we use for documents submission.

  • Fake feedback forms: many fraud emails will ask you to click a link or complete a form similar to those provided by Namecheap.com. In fact, Namecheap never requests to fill in any feedback forms. Fraudsters hope to trick you into sharing your details through this ploy, such as your Member ID, password, or credit card information.
If you are unsure of the legitimacy of the email you received or are concerned that you may have been a victim of phishing emails/websites, please contact our Legal & Abuse Team or send an email to abuse@namecheap.com. Finally, please sign in to your account, change your password and enable Two-Factor Authentication immediately.
Updated
Viewed
1103 times

Need help? We're always here for you.