NameCheap is hurting the internet!

May 11, 2021
NameCheap Hurting the internet
Pet Scam Websites 8/1/18

Namecheap, you are hurting the internet!

The above chart is live and updated daily. As of today around 38% of the domains reported to us since we began recording on 8/23/17 are sponsored by NameCheap INC. These domains are allowed to continue to scam consumers long after they are reported. An example of this is “” which has been reported repeatedly by both and victims who have lost money. When victims of this scam filed an abuse report NameCheap did not “take reasonable and prompt steps to investigate”. Instead they forwarded the abuse report with the victims information to the criminal.
5 months later, was still online scamming new victims.

A little bit of background?

Firstly we need to know what a website is. At its simplest, a website comprises of a domain name,, and the files that make up the content of the website. These files are kept on a server or “hosting”. The domain name, in this case, is linked to the hosting. When you go to you will arrive at the correct hosting.


You can think of it as your SIM card and your cell phone. The SIM card contains the number which links to the cell phone so that you can receive a phone call to that number.


If you lose your cellphone you can always use your SIM card with another phone and to the caller there is no noticeable change.

How scammers use this


Domain names are registered with a Domain Name Registrar. Scammers register a scam domain with a Domain Name Registrar and use a separate company to host the scam website. By looking at the WHOIS (registration details) of a domain you can find the email which you need to send an abuse report to shut down a scam website. never attempts to shut down the website hosting as the scammer can recreate the website on another hosting in minutes and continue to scam.

By doing this, the scammer can continue to scam people even if the website hosting is shutdown repeatedly. is an online group of volunteers who protect the consumer by finding Scam Websites and shutting them down by filing abuse reports. They actively work with registrars to shut down criminal domains.

How do Domain Name Registrars facilitate scammers?

Many Domain Name Registrars do an excellent job. The Endurance Group, Tucows, GoDaddy and can be counted amongst companies that protect consumers by taking swift action to investigate domains registered by criminals with the intention of scamming consumers. For the purpose of this article we are going to focus on another Domain Name Registrar who actively supports online criminals by providing them with a safe haven. Over one third of the websites reported on PetScams are sponsored by Namecheap INC.

Namecheap INC

I think it is worth repeating. Over ONE THIRD of the websites reported as pet scam websites are sponsored by one company. has had over 4,000 scam websites reported since April 2017.

Namecheap is governed by ICANN Registrar Accreditation Agreement 2013 which states that Namecheap must:

take reasonable and prompt steps to investigate and respond appropriately to any reports of abuse.

However, Namecheap sometimes takes months to respond to abuse reports with:

….Namecheap acts as the registrar only. It means that our ability to investigate the matter is limited since the content transmitted via the website is not located on our server. Please also note that we do not own the reported domain names, we are simply the company the domain name was registered with. Considering the aforementioned points, we recommend that you contact the hosting provider, who would be in a better position to validate your claims and take the appropriate action.

Additionally, if you believe you are a victim of an Internet crime, or if you are aware of an attempted crime, you can file a complaint through Internet Crime Complaint Center at , who are in the best position to fully investigate any such issue across any/all service providers.

This can be surmised as “We sponsor the domain but we refuse to look at the website. We are only concerned with the domain name. Tell someone else”

This is neither “prompt” or “appropriate” and if was true would negate the need for the obligatory abuse contact email as per ICANN.

Multiple accounts

As scammers have found a safe haven with Namecheap INC they will register multiple domains without fear of being shut down. Some domains can eventually be suspended after a prolonged campaign but the scammer will simply buy a new domain using the same account and continue scamming. Namecheap does not recognise that an account with 300 domains, 100 of which have been suspended, belongs to a scammer. Each domain required a concerted effort and multiple abuse reports in order to shut them down.

An example of one such scammer is which has registered 92 domains to use in Pet Scams in less than a year. Some have been suspended while others have been allowed to continue including  which was reported on April 20th 2017 here  and is still allowed to scam consumers. Namecheap scammer

Namecheap’s Poor Excuses – “Please Send Abuse Reports to the Host”

To demonstrate how Namecheap is blatantly disregarding the ICANN Registrar Accreditation Agreement (2013) by not actively investigating reports of abuse, the following registrant that owned 182 fake pet and shipping websites was reported to the company by a concerned citizen in 2019. Note the completely false information used to register the domains:

Registrant Name: Morgan Lorga
Registrant Organization: Anonymouse Host
Registrant Street: Down street Rus
Registrant City: welmshi
Registrant State/Province: North West
Registrant Postal Code: 101000
Registrant Country: RU
Registrant Phone: +7.675552377
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email:

Registrant Application Purpose: P1
Registrant Nexus Category: C11

A first question can be deduced from this data: “why does Namecheap not check whether the person registering the domains exists, or for that matter whether the registrant city exists?”

This is how Namecheap responded to these blatant pet scam domains with innacurate registrant data:

….Namecheap acts as the registrar only. It means that our ability to investigate the matter is limited since the content transmitted via the website is not located on our server. Please also note that we do not own the reported domain names, we are simply the company the domain name was registered with. Considering the aforementioned points, we recommend that you contact the hosting provider, who would be in a better position to validate your claims and take the appropriate action.”


Additionally, please respond to this email with evidence of the specific contact information you have found to be invalid on the Whois record for the reported domain names. Examples would be a bounced email or postal mail returned due to an invalid address. If you have a bounced email, please copy and paste it to your reply. In the case of returned postal mail, please scan it converting into a PDF file and send to us via email.”

Namecheap decided to not take any reasonable method of investigation and decided that whatever content was available on the website was not their responsibility, despite the fact that it is their obligation to investigate abuse reports. It would also have taken a 2 minute check to see whether the city of “Welshmi” exists, however, they instead decide that the reporting party has to send a postal mail demonstrating the invalid city.

This leads to a second question: “why don’t you just report it to the host as Namecheap recommended?” There are currently no regulations guiding who can host a website which means that the fraudsters themselves, or close acquaintances that are more tech-savvy, often host the fraudulent websites. An example of one rogue web host can be found here.

Namecheap is happy to take victims reinvested cash used by fraudsters to register more fake websites with, no questions asked.

What to do next?

As well as reporting this to the Registrar it is very important to report this crime to your local Law Enforcment. We have compiled a list of Law Enforcement agencies worldwide.You can find a link (here) as well as reporting wire fraud using money transfer agencies (here).

If you live in the US it is important to report this scam to the BBB. Click here to see why. As well as the Better Business Bureau you should report this crime to the Federal Trade Commission. See Here

14 Responses

  1. I myself have seen a lot of scam domains using namecheap.

    The only thing I can think of is to report malicious websites to cybersecurity companies.

    Netcrafts takedowns seem to work pretty well imo.

    And also report the websites to anti viruses and all kinds of anti scam stuff, report them as much as possible and they will be taken down.

    • Namecheap has closed all tickets and rejects responsibility as the criminal websites’ data is with another hosting provider and they recommend clicking the ‘unsubscribe’ link on spam emails, which of course only leads to email addresses being verified to be bombarded with more spam. Hundreds of spam emails lead to dozens of websites, all belonging to the same non-existent ‘company’ in Iceland, all registered via Namecheap. I am at my wits’ end and have noticed over the past 5 months that Namecheap thus seems to be deliberately supporting this spam terror and simply generating revenue through the dozens of domains registered there.

    NetRange: –
    Organization: Namecheap, Inc. (NAMEC-4)
    APPLE PAY NUMBER: 2072390934
    APPLE customer support has been inundated with apple pay pet pay scams Contact Apple Support · U.S. technical support: (800) APL–CARE (800–275–2273)
    APPLE will give you a fraud scam alert notice pay heed to it.
    Examine the website and notice there are no names on it. Go to the about us, no names, no telephone numbers. They seem to be very professional with documentation and advice to include food advisory, crate information etc. They push for a deposit to hold the puppy/ies even if it’s 2/3 days so push for hard core evidence. In my case I have ran across 4/4 scams so i’m sticking to states that I can drive to locally.
    For me I cant say %100 whether this website is or is not a scam I chose to stop pursuing this after getting a fraud warning from APPLE, Website being associated with NameCheap, No Identifying names, Telephone numbers, addresses, Specific Address coming up on Google Earth (Dead end street with Pools and Ponds no kennels or fenced in yards) I would have been happy if I had been given a specific address such as 123 blah street versus pet kennels duh street. lastly them pushing me to give them a holding fee when they have at least 8 puppies on the website as available. Perhaps I can call the post office and see if they can resolve the address and if so then I can find other ways to validate this place.

  3. If anyone thinks namecheap gives a damn, I have a bridge to sell you for only $10M !!!!! This is a POS domain registering company with a POB in Panama. Good Luck trying to get any help from them because they are in business to run scams, scams, scams, scams. Complaining to them is waste of time because they host their own domains and once they get hold of your email, they will start bombarding you with POS spams for solar windows, keto diet, improve your love life, improve your sex life and anything else they can think of because they are POS scammers. Complaining to ICANN is also a waste of time because we tried that and were told they have a right to register as many domains as they can and want !!!! Every time we block one POS email, they spam us with another: info-lots of random #s@OHMYDEAL.INFO, info-lots of random, etc. etc. We sure would like to take all their POS domains and shove it up their @ss so they can blow up like a balloon and fly up high in the sky where they can burst into smithereens. But stupidity seems to have become the badge of honor when so many people think they are doing such a fine job !!!

  4. Report sent to ICANN.

    My report ID is
    The case number that has been assigned to your complaint is REDACTED. Please take note of this number as you may need to refer to it in future communications with ICANN. Upon clicking on “Finish”, you will receive an automated email with this case number and additional information about the process ICANN follows to address each complaint shortly.


    ICANN Contractual Compliance

  5. Namecheap scamming appears to be even more elaborate. They own WhoIsGuard and give it to their scamming customers for free. That precludes a victim from getting contact information of the scammer. Namecheap has successfully defended this action in court. So a victim needs to go to court to get the ball rolling, which is obviously very expensive. Never thought I would view Facebook as a hero, but I hope it crushes Namecheap and doesn’t settle.

  6. Nice work and props for doing so.
    Consider: the majority of folks online are not very savvy on the internet, how it works, and do not go much beyond clicking a Like button and perhaps writing one sentence on occasion. It is no wonder that these scams have always worked for many goods and services and will continue to work.
    Pointing to a registrar and their failure to comply does not help those who have been, are, and will continue to be scammed. Most will click a link, get a reply with a (often stolen) photo of cuteness, and send their funds.
    Go click around craiglist in any city and I'd wager it will take a few minutes to find a scam pet post (there are two in my city right now).
    Not sure what to suggest as a solution: education? A new law? Shutting down places like this one?

  7. Pingback: Namecheap and Phishers – Caerdydd Cybersecurity Blog

  8. I reported Namecheap to ICANN. I recommend everyone to do so. Perhaps that, and the Facebook lawsuit, will finally knock them out. Their business model is to enable scammers.

    • Thank you for your help! Yes, Namecheap are aware of the massive misuse of their services, but as long as the money keeps coming in they simply do not care. We do have several things in the works that will, hopefully, change the game a bit 🙂

  9. I contacted Namecheap because someone cloned my client’s site. They copied the ENTIRE Site including photos and contact info of the staff and Principal/owner of the company but replaced the logo and name of the company with a different fraudulent LLC. The infringing site was attempting to commit financial fraud in the tens of thousands. We sent the proof to NameCheap and contacted them several times and they just stated in an email “abuse confirmed, it’s under investigation” and never did anything about it. Because they have do not have customer support except for online chat which directs you to staff in Ukraine, you can only issue an abuse report that will just sit with zero action. Finally, we worked with one of the potential scam victims and we were able to track down the fraudster. Only after threatening them with immediate legal action did they take down the site. NAMECHEAP needs to be brought down their business practices breeds fraud.

  10. There has to be a way to bring down Namecheap. They are complicit by helping the criminals keep their websites active. Maybe they should be reported to the IC3 as well. These websites can not continue to exist. We have to do better.

  11. I have been getting many requests to send money for all different type breeds of puppies. I know it is a scam but the only way I can think of how they know to email me is thru craigslist, I guess. Each email is not from a company but from a private party. I did my homework and yes, the addresses given are innocent third parties. I would like to forward these saved emails and send them to a investigator but I have no idea who to send to.


Leave a Comment

Your email address will not be published.

Have we helped?

If we have helped to warn you of a scam and you would like to thank us please share this post on social media, like our FaceBook page or follow us on Twitter. .
Sharing this article will increase the chances that a possible victims will see it before paying money to a scammer!