I’ve purchased a few domains in my life, but it was always through Google Domains in the past. This weekend I bought a new one through Cloudflare so that I could make a nice subdomain structure for all of my self-hosted apps. That went great - I’m using Traefik and Pihole for the local DNS.
But in the past two days, I’ve gotten 28 spam calls and a handful of text messages from companies who want to design my website, or logo, or something else. I only listened to the first few voicemails but they did mention the name of the domain I purchased.
This didn’t happen when I used Google Domains. Is there something I missed? I knew this information was public, but I feel like I must have screwed up somehow and it put me on a lot of spam lists.
You haven’t necessarily “screwed up,” but there are some factors to consider when it comes to privacy and spam calls or messages after registering a domain. Here’s a complete guide to address your concerns:
1. Public WHOIS Information:
When you register a domain, you are required to provide WHOIS information, including your name, address, email, and phone number. This information is often public and can be accessed by anyone through a WHOIS lookup. Different domain registrars have varying policies regarding WHOIS privacy.
2. Privacy Protection Services:
Some domain registrars, like Google Domains, offer WHOIS privacy protection services. These services replace your personal information in the WHOIS database with the contact details of a privacy service, safeguarding your privacy.
3. .US Domain Specifics:
As you mentioned, .US domains typically require more extensive public WHOIS information than generic top-level domains (TLDs). This is due to regulations set forth by the United States Department of Commerce.
4. Spam Calls and Messages:
Registering a domain, especially a .US domain, can make your contact information accessible to marketing agencies and spammers who scrape WHOIS databases for leads. The information you provided during registration, including the mention of your new domain, can attract these unsolicited calls and messages.
5. What You Can Do:
Opt for Privacy Protection: Consider domain registrars or services that offer WHOIS privacy protection. While .US domains may still require some public information, this service can mask your details.
Use a Dedicated Phone/Email: If you anticipate spam, consider using a dedicated phone number and email address for domain registrations. This way, your personal contact information remains separate.
Be Cautious with .US Domains: Understand the implications of registering a .US domain and the privacy trade-offs involved. If you value privacy, you may want to reconsider the choice of TLD.
Set Up Spam Filters: Use spam filters on your email and phone to minimize the impact of spam messages and calls. Most email providers and smartphones offer built-in spam filtering.
Report Spam Calls: If you receive spam calls, you can report them to your phone carrier, and they may offer options to block or filter such calls.
6. Learn from the Experience:
This situation serves as a learning experience regarding domain registration and privacy. Moving forward, consider the privacy implications of your domain choices and take steps to protect your personal information online.
Remember that the specific impact can vary depending on the domain registrar, the domain extension, and how you’ve configured your WHOIS information. You can also reach out to your domain registrar’s support for guidance on managing your WHOIS information and privacy options.
thanks chatgpt.
I knew this information was public
…I don’t understand the question then.
The question is “Why did it happen this time and never happened before with other domains I purchased?” and the answer is “Because it was a .US domain and you didn’t read the fine print.”
I’ve had a .us domain for years and I’ve never gotten any calls like this. No privacy protection or anything.
Same here. I do get a few emails about renewing my domain whenever it gets close to expiring. Maybe a text message, but no phone calls.
You might be able to put a google voice number in there. You won’t have to worry about it being taken away for lack of use.
Did you enable whois masking? I think there’s a box you need to check in GDomains.
I remember doing this in Google Domains but don’t recall seeing the option in Cloudflare
Iirc cloudflare does this by default
Yeah it is part of their service by default.
Yes. I accidentally signed up for a .us domain without knowing they can’t use whois protection and have been getting spam calls ever since. It was like 5 years ago.
I contacted Cloudflare’s support and had them remove the registration. I picked up a different domain and replaced it pretty easily. I’m sure I’m already on a lot of lists but I’m hoping that the WHOIS information will clear and it will slow down the spam.
Oh yeah, got rid of the damn thing within 30 minutes of registering but it was too late. I assume bots grab that info as soon as it’s posted.
Oh yeah, got rid of the damn thing within 30 minutes of registering but it was too late. I assume bots grab that info as soon as it’s posted.
Probably got pushed to the larger system.
There’s more than one entity that controls WHOIS information. Typically as soon as WHOIS information gets published it gets copied into a bunch of different registries so you have to contact them all and have them remove the information
I really wish that when I registered my .us domain Google had warned me that I’d probs be getting tons of spam.
Same bro… I did the same… and i’ve regretted it but the .com was taken.
Idk if cloudflare provided you with an option for privacy protection on your domain but looks like you didn’t get that. Most good domain registrar provides that option for free. At this point you can’t do much about it since your phone number is already out. But you can ask cloudflare support if it’s possible to add it now, so that people in the future can’t get your personal information from whois.
Also, next time look into porkbun or namecheap. They are pretty good, cheap and provides whois protection for free.
Hmm, they have an article on WHOIS redaction but I’m not seeing how to get them to redact my info. I’ll ask support.
https://developers.cloudflare.com/registrar/account-options/whois-redaction/
You can look at porkbun or namecheap, they usually give out a good domain for about a dollar for a year. Good for self-hosting stuff.
I got some .xyz .site etc tlds for a dollad.
Just get a .top domain from Porkbun. It is a gTLD and less than $5 per year.
That dollar is only an introductory price. xyz renews at like $12ish
That’s why I said they are good for self-hosting. Mostly for you and your family, you can change the tld every year without much effort.
That seems pretty unnecessary to save one dollar a month
Doesn’t take more than 2 minutes to configure. You can definitely look at the tld list or something similar to find domains with cheap renewals but be careful about some of the registrars listed there.
Closer to $.92/mo saved.
By domain its actually the people who control the domain .us domain information not cloudflare. Cloudflare has been my goto for a number of years they do a good job masking the information and once you set those settings they do not change them (I am looking at you GoDaddy). I will second Porkbuna nd Namecheap as good options.
It is for Cloudflare domains too and enabled by default.
For a meaningless domain with the least expensive renewal, get a numeric dot xyz. Be sure to verify the registrar has the correct renewal price, they should be around US $1 per year and pick a registrar that offers free whois privacy. Price applies to 6 7 8 9 digit numbers, they are showing current cost $1.22 at porkbun and 85 cents at namecheap
They look totally spammy yet are great for this type of use https://www.youtube.com/watch?v=0dV37t13CSw
Isn’t .xyz only $1 for the first year?
These are a specific set of numeric only XYZ with discount fixed pricing including renewals
working examples 314159 dot xyz 8675309 dot xyz
I had the same issue so I ended up changing all of my info for my domain to fake info and used a Google voice number
I just pay for the anonymous service from my domain provider.
I got a number from numberbarn.com just for domain reg, because otherwise you get flooded with calls the moment you reg a domain.
I’ll pay the $6/month to not deal with it.
google voice is free
you don’t own the number, and when will it be just another killed or shuttered google service?
Then… spammers who get your google voice number from your domain registration won’t be able to call you? Oh no!! /s.
I see what you did there.
As someone that gets probably 50+ spam calls per week…. Bests advice is to use the RoboKiller app, honestly it works 99.999% of the time. Outside of that, change your phone number or simply do your best to ignore the spam as it “should” settle down after awhile as your lead becomes more stale however it will be sold and resold 100x times so it will probably never “stop” either.
OMG you did! I made the same mistake and am still getting harassed all the time, 3 or 4 years later, even though I no longer have the domain.
Wasn’t .us, mine was .com I believe… Anyway I learned my lesson, won’t do that again.
Namecheap offers free domain security masking for life when registered through them.
It becomes a total non-issue.