I woke up to an email from a concerned Reclaim Hosting faithful that got my attention immediately:
Thank you for your email! I actually have a concern regarding security issues. I received a call today from someone called John, claiming that he is representing Reclaim Hosting and is calling because I recently purchased a domain at reclaim hosting. He asked me to provide him with my visa card info so he can activate my domain and put it on the server, he claimed. I told him that I did activate my domain, but he asked for me to pay $ 20.99 more to put it on the sever so I can keep it forever! I refused to provide any further information because I want to know what this is about. Is this supposed to happen? I already paid for my domain, and I am already using it. What is this all about? Thank you for your help!
I want to thank this concerned web citizen for letting us know and allowing me to share the details here. I think it is important to note Reclaim Hosting will never call you asking for your credit card information. EVER. In fact, we never see—nor want to see—the entirety of your credit card information. That is a major flag, and John is indeed a scammer that must have access to new domain registrations via the whois information. What’s more, he seems to be part of a sleazy operation that is cold-calling random registrants phone numbers trying to get their credit card information. It is a bad scam, and I can see how folks might fall for it. Luckily, this Reclaimer just said NO!
What’s even cooler is thanks to some heads up detective work, we have the phone number of this scam shop. It’s 855-554-5570, and we encourage you to give them a call and let them know they’re bottom feeding scum! Although when I tried they weren’t taking calls. Their website is here: http://quicken-support-phone-number.weebly.com/ Not too shady, right?
Now, all of this highlights a big issue with domain registrations at Reclaim Hosting, namely that when you register a domain and don’t select ID Protect these cockroaches can feed off your data. We have had the occasional domain spam email where folks were trying to do this very thing via email, but this is the first time we’ve heard of anyone getting a call the day they signed up for our service.
This event has us thinking seriously about turning ID Protect on by default for all new domain registrations, and upping the price for domains from $12 to $15 to cover the cost. We haven’t done this sooner because we have been very conscious about keeping costs low given how many students we serve. But this event suggests it may be time to bite the bullet.
Making this a reality would mean we would have to separate the bundling of a free domain with the various packages. As an example, student web hosting plans might be $15/year and $15/year for the domain, which would include ID Protect by default. This change would also allow us to offer a wider variety of top level domains, which heretofore we couldn’t given their varying costs. Additionally, folks who don’t buy a domain from us get a year’s worth of hosting for $15 with the student plan. None of this is set, to be clear, but this event has got us talking about giving everyone that registers a new domain ID Protect by default. The down side is packages would rise in price by about $5 a year, so it’s something we need to consider. What’s more, if you host with us currently we would love to hear your thoughts on this matter.
Update: Just received a very satisfying epilogue from the Reclaimer who shared this story:
I actually wanted to let you know that this John called again yesterday, and luckily enough I was with my professor who asked us to get the domain for his class, so I handed the phone to my professor who I told about the whole story, and he gave him a good lesson and told him that he will report him.
So awesome, a little bit justice served—if only via a good tongue lashing 🙂 What I would do to have a recording of that call!
If you don’t make it the default, may I suggest making it more clear what ID Protect and WhoIs? privacy are? I set up my first domain with Reclaim and I failed to read the fine print, so you can imagine the horror when I stumbled upon my phone number and street address published on the web. Of course, it was my fault, and I hope that I have patched up the leaks to the best of my ability, but it seems to me that users should not be able to proceed with the no-ID Protect option without being told what exactly happens to their information in a domain registry.
My students choose Reclaim one at a time (no institutional buy-in yet, so I let them choose how they build– some use WordPress.com) so they are paying $25 a year with Reclaim (though we generously had a discount code to bring us to $20 a year). I will say that that even that amazing $20 deal is a tough sell with them, since they are struggling so very hard to pay for books (not for my class) and tuition. I just put this out there to weigh in with the fact that I see so many of my students choose WordPress.com because of the free thing, even though they really would like to have a domain of their own, etc. But wow, every dollar counts for them. THAT BEING SAID, I STILL THINK you should build the ID Protect into the deal. It’s harder to sell them on an add-on fee, so only one of my students paid the extra for it, even though I’d really like them all to have it– and they expressed they would like to have it once I explained it to them. But they still didn’t buy it. All of this is the long-winded way of saying: 1) add the fee into the cost, and 2) keep those costs as low as you can because it’s grim out here, and some of my students can’t even buy food– living penny to penny. Thanks for being an affordable choice, and for taking such good care of all of us! And also, to echo Trent– I didn’t buy it myself I don’t think, because when I was starting up I didn’t understand it. So better explanation would help, and also let us know if it’s something we can rectify in some way, at least a bit, once we messed up and failed to purchase it. Thanks, Jim!