I feel the same way you do. I have not clicked on the big red confirm button, but I manage a couple of websites and I'm afraid that they will eventually shut me down. I was actually more afraid that it was a virus of some type that may damage my computer or worse, steal all my contact information and send them spam mail from me! I have 13,000 email addresses in my database! This is ridiculous!
If it looks like a phish, swims like a phish, and sounds like a phish, then it probably is a phish
I got two of these 26 hours apart. The whole email smells of phish. The header shows that the email originates from rcom.com, and not networksolutions.com, and the wording in the email set off my BS-o-meter. The generic "Dear Customer", ominous "New Regulations" (with no link for verification), threat of imminent domain shutdown with no timeline, and vague instructions beyond clicking the glaring red button are all warning flags to a cautious internet user in charge of maintaining the security of any domain.
This email was sent to the email address that is publicly listed on the WHOIS for my domain; anyone could have sent this email. NS could have included the last portion of my account number, or described the recent activity that triggered the email. Some sort of information that only I would know to verify its origin.
If this is a legitimate email, shame on Network Solutions for such a poor implementation. I would expect an email asking me to sign in to my Network Solutions account and verify any information there. That way I can separately navigate to networksolutions.com and sign in without clicking any link in an email.
Interesting, I posted some comments suggesting the rethink their approach on this page:
My comments remained online for a few days, then I received a comment reply from NetSol saying:
"Thank you for your feedback, Tyler. Your input is important to us. You've made some valuable points and we’ll consider for future updates to the process."
Then they promptly deleted my comments from their site and removed the feature allowing people to comment.
I recall seeing your comment on the Network Solutions post, I believe on February 7 when I updated this post. I did not screen cap it, though. Any chance you got one?
I am also receiving these requests from NS – it is always after renewing a product OR logging into my account. I refuse to give Network Solutions any additional information – in fact, I'm sure embedded somewhere in the link they have hidden language allowing them to spam your e-mail and once again begin the barrage of telemarketing calls.
I have also noticed that they have changed ALL of their menus (on user accounts when changing configuration / or adding mailboxes etc) to default to OPTING IN on upgraded services that will be billed automatically if you do not actively OPT OUT by contacting them via Telephone.
I am cannot wait until the end of my agreement when I can move everything to another host.
No, I wish I had done that! I can give you a screen cap of my Disqus thread though…it's all in there. I'll send you a separate message via your contact form.
Thanks Adrian for the info. I just received one of these emails today after adding some new domains last week. This email just screams "phishing!" – cannot believe what I am seeing. After reading your blog, looks like I have no choice but to click and hope. Terrible.
I received one of these notices during the overnight and Google in its wisdom, decided it was Spam and gently placed it in my Spam folder along with 70 other messages.
I don't know why, but I happened to notice it when I cleared my Spam folder this AM.
I called Network Solutions and used my outside voice on a Representative, followed by a person who said she was a Supervisor. They said that it is my problem and I will need to take up the Spam folder problem with Google.
I will be moving whatever I have to Go Daddy, as soon as possible.
Mike, FWIW, I am not a fan of GoDaddy so I can't help my suggest you look at some other registrars as well and weigh your options. I have been looking at Hover, for example, but I haven't made a final decision on where to move my domains.
Thanks, I'll ask my Server Admin. He has more experience and may know of a better choice.
In the meantime, I am in the process of filling out an online form with the NYS Attorney General. I can't say that it will accomplish anything other than lower my blood pressure, but if the get about 50 of these, I bet they will at least give NS a phone call. Link is here:
Thanks for the heads up on this Adrian. The email from NetSol certainly smelt of phish to me.
@ Mike Ellsworth
I had a domain registered with GoDaddy years ago that expired with no notice from them. It was immediately purchased by a squatter who wanted several thousand dollars to transfer the domain back to me. I refused to pay.
A further thought. A few days ago, one of my users received an email demanding a changed password: "Dear Email User,
In 10 days, your Network Solutions email passwords will expire, resulting in an interruption of your email service."
I reported it to NetSol's helpdesk. I will be reporting the current phish to NetSol. Perhaps if they receive a sufficient number of helpdesk requests, they will desist.
Just a thought. And the helpdesk requests must surely be sufficient confirmation that the domain is active to comply with the ICANN regulation.
Just got this today. Not sure what to do. So did you click the button? What happened?
Joe, I did indeed click the button. I don't feel I had much choice. No viruses, no stolen identity, just a verification screen with a terse message that underwhelmed me given all the stress the email created.
Not only did I receive this today, I also got notice that my order of a .info domain was complete for a cost of $0. I ordered no such domain, but now I am subject to this email verification. Very shady.
Thanks so much for all the effort you put into this blog – and for all the comments. Also, thank Adrian for saying you clicked the button and nothing untoward happened. I guess that buys me some time before I figure out how to leave Network Solutions forever. Thanks! DHC
Well, I took the plunge and clicked the link after reading your post/comments and a few others. But I'd also recommend that everyone log into their NS account, hit the "contact us" link and take a few minutes to explain (politely but firmly) what you think of this behavior. Given how many alternative services there are for domain registration they really shouldn't feel like they can send this kind of crud out with impunity. If there IS a legitimate reason for something like this, the right way to do it is to ask people to go to NS and log into their accounts, not send them a link in an email that reeks of phishing.
I just received the same email and based on this blog and comments clicked that scary looking "confirm" button.
To the best of my knowledge, I have not recently renewed or changed anything with any domain names I have with Network Solutions. However, I am receiving emails to click to confirm my email address. There is no information to indicate what domain this regards, or any personal information to indicate it is truly from Network Solutions. Thank you all for your posts, it helped me at least decide that I am calling them before doing anything. I will also be logging on to see if things have changed, or someone has given me a "free" domain name or something! I agree, this is very poor business practice on their part, if it is truly from them, and it should be outlawed. This type of email goes against all security basics. If this is from them, in my opinion, they should be setting a good example, not causing un-due stress and confusion, let alone using our time to handle their lack of integrity and professionalism.
I got this too, and of course after it was identified as SPAM by every SPAM engine we use. But I found it, reviewed it, researched it (which brought me here) and then called NetSol to complain. They were then able to verify me over the phone, which they said is something they have had to start doing because they've received so many complaints about this email (don't know if that's true or not). So if you don't want to give in to clicking on this email out of sheer principal alone, call them and waste their time and money (call center calls aren't cheap) and have them do the work for you. On the downside it took 3 different agents 30 minutes to do this, but that's 30 minutes out of their days wasted on this. Hopefully they see that cost (multiplied by hundreds or thousands of other calls), and the fact that I'm inclined to move my accounts away from them due to this and all the other unsolicited marketing materials I get from them, as a good enough reason to try harder to make this more legit next time.
Handy to know (for those who don't mind blasting hold music on speakerphone for their office mates). Referenced this in a tweet today for yet someone else frustrated by the process: https://twitter.com/aardrian/status/459423118906634240
Apparently you can now complain to this address: firstname.lastname@example.org
Just opened a support ticket with NS telling them that this thing looks ridiculous and is not the way to go about doing it. Even Gmail thought it was spam.
the http://whoisaccuracy-portal.networksolutions.com hostname makes the email look LESS legitimate- it looks like any othe phishing scam trying to maks an illigetimate domain.tld with an official-sounding hostname.!
I created a ticket number with Network Solutions and they said:
With regard to your concern, please be advised that the valid e-mail address where ICANN Validation e-mails should come from is email@example.com. Please be informed that the e-mails that you have received are spoofed e-mails. Please refrain from clicking any buttons available on the e-mail.
So, being the case, it makes you wonder if this blog is fraud and representing it in some way.
This blog or one of the URLs referenced above?
Hi everyone I need your help. We've been with networksolutions since about 2005 and have been experiencing a lot of issues lately. Mostly that they have been forcing us or tricking us into purchasing upgrades for things we do not want. Also noticed that our email users are being prompted upgrades that would result in charging us though it doesnt state this.
How does someone move their entire account to another service? We still have over a year with them before everything expires. Has anyone had a smooth transition with their domains to another service or does network solutions hold them ransom on you?
Choose your Domain Name Service provider, unlock domain in NetSol, get auth key, start transfer process with new DNS provider.
Make sure to backup all website and email accounts.
Then get new host, point DNS to new host, restore/upload website and email.
Fairly straight forwards. I could blog about it, as I have one more domain to transfer.
To add to the furor, I got an email telling me my .info domain is about to expire today (my .com will expire next month, and I've been getting notices about that for weeks). I thought what the hell I never asked for a .info domain! So I typed in my domain.info. Voila it forwards to my .com domain. So I assume they are now trying to trick customers into registering a .info domain as well. Needless to say I didn't click on anything to download the pics. What a bunch of a$$holes. I just called my ISP to see what was up and they confirmed that NS wants me to add .info (and apparently other get a notice for .us as well) to add to the registration fees, and what they need to do to transfer me to transfer me to their registration service. The only reason I still used them is because they were the only option 20 years ago (yikes!). So long jerks!
Thank you so much for your post — the fulsome information you provided was really helpful, and I’m relieved to find out I’m not the only person who’s become suspicious of Network Solutions’ customer relations activity (especially since being acquired by Web.com)…
As per 10/26/2015, this is still very much a Network Solutions practice. Just got an email as everyone else, and they haven’t changed a comma from the original from 2014 (probably much older than that).
I checked on NS’s page for their number, called, asked to verify this as legit, instant ‘Yes’. Asked to do this verification by phone, and was told it couldn’t be done.
Last year, I also suddenly had a free .info domain I had never asked for. I made sure to remove the auto-renew function from the domain manager, and then I let it expire naturally. Hasn’t cost us anything and never did.
I see that NS settled a lawsuit with the FTC back in April 2015 concerning misleading consumers to think they could get a 100% refund on a cancelled purchase, when there really was a ton a fees added bfore you’d see any money back.
Read more here: https://www.ftc.gov/news-events/press-releases/2015/04/ftc-obtains-settlement-network-solutions-llc-misleading-consumers
I see this kind of crap everywhere else and in many different kind of industries too. Apparently it’s not a good business model to be nice to your customers any longer.
Overly aggressive marketing-assistants, under-trained/over-worked support personnel, borderline hostile customer representatives. Add to that a disconnect with senior management, and you have a great recipe for major income.. and perhaps lots of complaints as well, but I’ll let you guess which of the two they care the most about…
Thank you for this blog! I received the exact email from Network Solutions today (March 18, 2016). I didn’t click the link and logged in to NS and looked around. No notification of any ICANN requirements on my account. I promptly changed my password, thinking that my account had been compromised.
Gmail could not verify where the email originated from and I deleted it before I saw this blog.
I also magically was paying for a .info account I never asked for. It was checked for auto renew! I had no idea NS had become so shady. I don’t trust Godaddy either. I’m stuck with them for now.
Hopefully I’ll get another email – gmail promptly emptied the trash bucket and I can’t find the original email and can’t click the button.
I got the same thing today Oct 12. I called and verified on the phone.
Just got the same email this afternoon. Not falling for it.
My domain renewal is coming up in six months. NS just sent me this email today, after I went to their site yesterday and updated my contact details (necessary, as it was decades out of date). The originating address on this one was “firstname.lastname@example.org”, but the link if you click on the “Confirm Email Address” red button goes to whoisaccuracy-portal.networksolutions.com/…. which seeeeeems like it should be ok, but everything else about this email screams spam.
Why you can’t do this through your account manager on the website is beyond me.
Do you have any recommendations on where I could move my domain to? I don’t really care for these practices, and now is as good a time as any to take my business elsewhere.
I moved my domains to Name.com. They do what I need — allow me to manage my domains and not spam me.
Thanks for posting this. Hey, know what? It’s May 24, 2017 and I just got the same phishy message. Ugh!
The phishy message problem goes well beyond NetSol. It’s an ICANN problem, aggravated by the registrars “white labelling” correspondence so that clients of a reseller don’t see the actual registrar’s name on anything.
That move makes this look very questionable in terms of credibility, so no surprise these e-mails are being ignored or lost in all the spam.
I remember when ICANN introduced this particular bit of stupidity in 2014. I remember pulling a few high-traffic domains away from my existing registrar (at the time, hexonet.net) because these “notifications” didn’t make it past the spam filters and the registrar shut all traffic to the domains down. It’s just as broken with any other registrar.
Of course the spam from this pointless ICANN mandate merely ends up at the bottom of the pile under the rest of the garbage, including ICANN’s useless “reminders” to keep contact info updated, so that registrants may continue to receive their daily dose of frivolous legal threats from anyone who wants to make damning or embarrassing content magically disappear from the sites, to DMCA abuse from various middlemen who have figured the “under penalty of perjury” bit is meaningless – there is de-facto no penalty for lying to a mere webmaster, to solicitations in the guise of an invoice from that “Domain Services” or “Internet Services” or whatever they’re calling themselves this week (fine print: this is not an invoice, they don’t actually renew domain names, they just claim to submit sites to search engines for exorbitant fees – and no, no one actually ordered this) to requests to place unwanted ads on sites which don’t (or can’t accept ads) to unsolicited offers for “webmaster” services and all the rest.
I’m a wealthy Nigerian prince, I don’t have time to sort through all the garbage – that’s what spam filters are for. A system that fails-dangerously when an unsolicited e-mail from a registrar or registry is blocked as spam is broken, pure and simple, as e-mail does not guarantee delivery in an era when there’s more spam than ham hitting port :25. ICANN has therefore reduced the stability of the network with this irresponsible stunt. The only thing worse was cira.ca’s boneheaded decision to routinely e-mail people who’d already paid for .CA domains demanding that they agree to additional “terms and conditions” in indecipherable legalese. No response? They drop your domain completely so that some other random cybersquatter can take the name that you just paid for. Nice.
Certainly, NetSol is worse than other registrars in a few ways, possibly because of the “we don’t care, we don’t have to, we’re the phone company” – like monopoly they used to hold 15-20 years ago. It’s annoying to be hit for $35/year for a domain that’s $12/year anywhere else, it’s annoying to deal with all the hoops they make registrants jump through to transfer a domain out.
The comparison looks a bit like this:
Leaving Hexonet.net: click “unlock the domain” in the control panel; the authcode is right there in the control panel, so provide it and the domain name to your new registrar. Click on the e-mailed link to authorise the transfer. At this point, if you do nothing further, the transfer goes through in five days – but clicking on Transfers -> Outgoing -> approve this now on Hexonet’s control panel waives this delay and all done, the domain is now at your new registrar.
Leaving NetSol: click “unlock the domain” in the control panel; the system tries to argue with you and beg you to stay, before tearfully and begrudgingly complying. Ask for your authcode; maybe they’ll e-mail it to you tomorrow, but they say to allow “up to a few days”. When it shows up, provide it and the domain name to your new registrar. Click on the e-mailed link to authorise the transfer. At this point, NetSol takes the next five days to bombard you with additional, endless e-mails asking you to change your mind or cancel the transfer. After all, they feel entitled to your money in perpetuity, like royalties and the divine right of kings. Some time next week, fingers crossed, the domain is now at your new registrar.
Gotta love it.