Brave Search

Registered a .us domain and now getting a ton of spam, apparently they don't allow whois proxy/privacy, anything I can do?

reddit.com › r › webhosting › comments › mv5kp9 › registered_a_us_domain_and_now_getting_a_ton_of

When everyone started charging for WHOIS privacy protections I decided to just do my own thing. I got a PO box number for the address. I set up a special email address just for domain name registrations. I set up a special phone number that goes direct to voicemail just for domain name registrations. Every time I register a new domain name (like 5 a month) we get a swarm of calls to my actual business number. Mostly web design companies from India wanting me to hire them to build my website. I own an agency. We registeres the domain for our client, we build our own websites. Stop calling me. Answer from xisonc on reddit.com

reddit.com › r/webhosting › registered a .us domain and now getting a ton of spam, apparently they don't allow whois proxy/privacy, anything i can do?

r/webhosting on Reddit: Registered a .us domain and now getting a ton of spam, apparently they don't allow whois proxy/privacy, anything I can do?

April 21, 2021 -

Edit: PSA, never use your actual phone number and primary email when registering a domain, some TLDs don't allow privacy/proxy registration.

---

So I was setting up a website for a friend's business, basic Wordpress thing on my existing hosting plan, no good .com domains were available, but we found their name for .us, which was actually good fit for their business as it's an imported international product.

I registered the 'theirbizname.us' domain as I usually do with my webhost. Normally I have proxy registration privacy turned on by default, so I didn't notice the option missing this time.

Now my friend is getting a fire-hose of spam calls, texts, and emails. Dozens per day. Their phone is basically useless, and even with gmail spam filtering their email is not great.

I learned the .us TLD is owned by a company called Neustar. I looked at https://www.about.us/faqs and they say:

"Proxy, or privatized registrations, are not permitted under current policy.The usTLD has an ongoing interest in ensuring that its top-level domain is administered in a secure manner and that the information contained within the authoritative database is reliable, accurate, and up-to date. One of the mechanisms to ensure the integrity of the .US namespace is the through the collection of true registrant information. The usTLD Registry employs an algorithm to detect the inadvertent or intentional registration of proxy, anonymous and/or private domain name registrations, and enforces a registrar’s obligation to not offer such services to .US domain name registrants."

I reached out to my webhost and they gave similar info, while adding that Nuestar also does verify registration information so it's unwise to switch it to anything invalid.

In retrospect guess I should have set up a google voice number and stand-alone email address for this. But I've never had to do that before so it didn't occur to me.

Any ideas on how to fix this now that it's happened? Or is this phone number and email address just ruined forever now?

Top answer

1 of 4

2

When everyone started charging for WHOIS privacy protections I decided to just do my own thing. I got a PO box number for the address. I set up a special email address just for domain name registrations. I set up a special phone number that goes direct to voicemail just for domain name registrations. Every time I register a new domain name (like 5 a month) we get a swarm of calls to my actual business number. Mostly web design companies from India wanting me to hire them to build my website. I own an agency. We registeres the domain for our client, we build our own websites. Stop calling me.

2 of 4

1

if you have Cloudflare check this link Responding to DDoS attacks – Cloudflare Help Center it will help you to put captcha and block annoying bots and also put ReCaptcha v3 on your website. This helped me

reddit.com › r/wordpress › just purchased a domain and now i’m getting all these spam calls and text?!?

r/Wordpress on Reddit: Just Purchased a domain and now I’m getting all these spam calls and text?!?

May 7, 2024 -

I purchased a domain before and this didn’t happen. How can I top this? How do these people have my number? They say they want to do graphic design for me and other stuff.

Edit: I host with hostarmada. People are saying I should contact them. I will do so.

Top answer

1 of 15

14

Sounds like you didnt buy domain privacy. Go back to your registrar and check if you have it, if not, then buy it. The calls wont stop immediately, but the will slow down and should drop off eventually.

2 of 15

4

When you buy a domain name you submit your name, address and phone number. This information is freely available. Speak with your registrar who will offer a privacy solution for a small cost. You can see what information is available by doing a WHOIS lookup for your domain.

EuroDNS

eurodns.com › blog › this-redditor-bought-a-us-domain-he-wasnt-ready-for-what-happened

He Bought A .US Domain: Here's What Happened Next

September 4, 2025 - WHOIS is a public directory; third parties can harvest it and contact new domain owners. The original post that started the thread. You can read the whole conversation here. ... A user who chose .US after .com, .net, and .org were taken reported a surge of spam within ~48 hours:

About

about.us › policies › usTLD-Statement-to-Combat-Domain-Name-Abuse

Register Your .US Web Address Today | .US Domains - About.US

MALICIOUS HACKING: the attempt ... database, or security system. SPAM (AS A MECHANISM FOR DNS ABUSE): using unsolicited bulk email as a delivery mechanism for malware, botnets, phishing and/or pharming....

Registered a .us domain and now getting a ton of spam, apparently they don't allow whois proxy/privacy, anything I can do?

reddit.com › r › webhosting › comments › mv5kp9 › registered_a_us_domain_and_now_getting_a_ton_of

When everyone started charging for WHOIS privacy protections I decided to just do my own thing. I got a PO box number for the address. I set up a special email address just for domain name registrations. I set up a special phone number that goes direct to voicemail just for domain name registrations. Every time I register a new domain name (like 5 a month) we get a swarm of calls to my actual business number. Mostly web design companies from India wanting me to hire them to build my website. I own an agency. We registeres the domain for our client, we build our own websites. Stop calling me. Answer from xisonc on reddit.com

Krebs on Security

krebsonsecurity.com › 2023 › 09 › why-is-us-being-used-to-phish-so-many-of-us

Why is .US Being Used to Phish So Many of Us? – Krebs on Security

Domain names ending in “.US” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. This is noteworthy because .US is overseen by the U.S. government, which is frequently the target of phishing domains ending in .US.

Wikipedia

en.wikipedia.org › wiki › Domain_name_scams

Domain name scams - Wikipedia

November 2, 2025 - In March 2002, the FTC shut down "TLD Network Ltd", "Quantum Management (GB) Ltd.", "TBS Industries Ltd." of London, England, for selling bogus domain names ".USA", ".BRIT", which they deceptively marketed as usable suffixes.

Domain slamming

Aftermarket scams

Fake trademark protection

Timeline

reddit.com › r/selfhosted › messed up: got a .us domain on cloudflare, and now i am on whois. i am willing to ditch the domain. what can i do to protect myself from spam?

r/selfhosted on Reddit: Messed Up: Got a .US domain on Cloudflare, and now I am on WHOIS. I am willing to ditch the domain. What can I do to protect myself from spam?

June 25, 2024 -

What it says in the title. I got a domain name, and now I am receiving a lot of spam. I would like to stop that if I can. If I delete my domain, will people still hound me?

Top answer

1 of 25

267

When u get spam / scam calls I always use my attempt at time waste ratio investment. I simply say something like "let me get " for whatever they want and just mute my phone mic and put it away letting them hold for however long they care to before hanging up. Best ratio for my wasted time to theirs.

2 of 25

58

I am still occasionally receiving spam about a domain name I let expire at least 5 years ago. Add your own domain name to your spam filter to trash every email talking about it once it has expired, in the meantime try to put another email address in the WHOIS information, no idea if Cloudflare lets you do that though.

DATAQUEST

dqindia.com › news › worst domain for spam in the world is .us: study

Worst Domain for Spam in the World is .US: Study

January 8, 2019 - Further, .US is one of the worst country code top-level domain (ccTLDs). The study concluded, “The US zone is persistently used by spammers and has been for many years.

Find elsewhere

Google Bing Mojeek

Cloudflare Community

community.cloudflare.com › general

Getting phone calls after domain is registered - General - Cloudflare Community

Top answer

1 of 1

4

[image] jsaade: Upon registering a new .us domain The .us TLD does not permit Whois Privacy. https://developers.cloudflare.com/registrar/top-level-domains-supported/#us-whois-requirements

ZNetLive

znetlive.com › home › why am i getting spam calls and messages after i registered a domain name? how can i stop them?

How to stop receiving spam calls and messages after registering a domain name.

June 4, 2024 - But, there are some people or hackers ... gains. Thus, the data which is entered into WHOIS library at the time of registering a domain name is publicly available and can be misused by spammers and hackers....

Purpledogdesign

purpledogdesign.com › clients › knowledgebase › 126 › Why-do-I-receive-spam-after-registering-a-domain.html

Why do I receive spam after registering a domain? - Knowledgebase - Purple Dog

We would like to stress that these activities are all due to 3rd parties who are abusing the Whois database - these spammers are in no way affiliated or endorsed by Purple Dog - we have no control over these spammers - other than to blacklist them once we receive a user report of spam. You cannot remove your details directly from the database, but in some circumstances, you can choose to hide certain details by purchasing additional domain privacy (where available).

reddit.com › r/webhosting › experience with .us domains

r/webhosting on Reddit: Experience with .US domains

November 26, 2024 -

Hello all!

We're looking to register a domain for our business. We have a few options that end with .com, however, a .us domain would work well with our slogan.

The only downside is that we have seen a few articles online about spam from .us domains. We do not want to be associated with a domain extension that is privy to scammers.

From your experience, do you think .us domains are used by scammers as often as our Google searches would suggest? None of us have ever received any spam emails from a .us address.

Thank you!

Top answer

1 of 5

2

Main problem is that there's no whois redaction allowed. The postal address, e-mail address, and phone number you put in the whois are going to get hammered. But if you put in fake information your domain can be suspended. So you'd need to think carefully about how to handle this. At bare minimum, the e-mail address should be a dedicated spam-trap address that doesn't bounce but isn't actively monitored. For phone number, preferably something that goes to a dedicated voicemail box (which you can then proceed to never check); Google Voice can be good for this if you don't have your own business phone system with spare DIDs. And for mailing address, a PO box might be a worthy investment. Or just use any other TLD so you don't have to worry about any of this.

2 of 5

2

I use one for personal email never really had an issue, now gettign dns records, dkim, dmarc etc setup properly thats where you will have issues with any domain.

Spamhaus

spamhaus.org › blocklists › domain-blocklist

Domain Blocklist (DBL) | Domain DNSBL for email filtering

The Spamhaus DBL is a list of domain names with poor reputation which is published in a domain DNSBL format. Domain reputation is calculated from a wide range of observed domain behaviors, and is maintained in a database which, in turn, feeds the DBL zone itself. The DBL includes domains which are used in unsolicited bulk email including phishing, fraud, malware distribution, and those with poor reputation based on a broad range of heuristics...

reddit.com › r/domains › .us domain fail

r/Domains on Reddit: .US Domain Fail

April 7, 2024 -

I did the bad thing and added a .us domian for the business I work for but my personal cellphone and email were on the godaddy account at the time of purchase. I didn't realize I couldn't make that private, so I have been getting SPAMMED so hard since. I immediately cancelled the order and removed it from my account, but its been almost 90 days and my info is still showing up on this domain. GoDaddy promised me it would be removed within a certain timeframe and it's not, I've reported this to their "abuse" email and filed a complaint, but all have been completely unresponsive since. Is there anything I can do to get this rectified or am I eternally screwed?

Top answer

1 of 5

3

I put an email on my website and quickly removed it after a week. It has been getting continuous spam since then. Although GoDaddy should probably remove it, you will probably still have eternal spam either way

2 of 5

2

Spammers signup for whois alerts (like trademark alerts) and use that data to spam people. Once its out its out. That whois data is also may have been cached at many places unfortunately. For now just ignore the spam and send to junk folders.

Krebs on Security

krebsonsecurity.com › 2025 › 12 › most-parked-domains-now-serving-malicious-content

Most Parked Domains Now Serving Malicious Content – Krebs on Security

For example, Scotiabank.com customers who accidentally mistype the domain as scotaibank[.]com will see a normal parking page if they’re using a VPN, but will be redirected to a site that tries to foist scams, malware or other unwanted content if coming from a residential IP address.

Server Fault

serverfault.com › questions › 1101415 › how-to-prevent-3rd-party-domains-using-our-server-domains-for-email-envelopes

spam - How to prevent 3rd party domains using our server/domains for email envelopes - Server Fault

Top answer

1 of 1

7

You can do nothing to prevent others from using your domain name in mails they send, including the envelope address. This is called sender address forgery and is generally considered abusive, but you as the legitimate owner of the domain have no direct means to prevent it.

You can also do nothing to prevent others receiving such mail from blindly believing that envelope address and sending non-delivery messages to it. This is called backscatter and is generally considered bad practice, but again, you as the recipient have no direct means to prevent it.

What you can do is set an SPF record in your domain to signal which servers are legitimated to send mails with envelope sender addresses from that domain. Well-configured mail servers will then reject mails falsely claiming to be from your domain during delivery instead of emitting notifications after the fact, thereby avoiding backscatter.

What you can also do is complain to the owners of the mail server producing the backscatter (ie. the sender of the notification mails) for running a misconfigured server.

As a last resort, you can use the ips.backscatterer.org RBL to block mailservers producing backscatter from delivering mail to your server.

Theseventhsense

theseventhsense.com › blog › email-domain-reputation-are-your-emails-going-directly-to-spam

Email Domain Reputation: Are your emails going to spam?

Keep in mind, these are welcome emails from well known companies, and their first email went straight to my spam folder. Not a great start. I knew from prior research that all these companies use the same well-respected marketing automation platform for email delivery and that none of them had a dedicated sending IP. This means the results I was seeing were likely due to domain, not IP reputation.

reddit.com › r/email › are certain top-level domains automatically sent to spam?

r/email on Reddit: Are certain top-level domains automatically sent to spam?

March 18, 2024 -

I am looking to migrate to Google Workspace and I have to pick an email/website extension. Since we are an engineering firm, I was thinking about choosing .engineering or .construction
instead of the ubiquitous .com.

Now, I am no expert on what goes to spam folders but I know for a fact that almost all our clients (to whom we will send emails) use Gmail as their primary email provider. So, does a special top-level domain increase the chances that my emails will land in the spam folder?

Top answer

1 of 6

1

I would stick with .com, .net, .co, .org for now and you can run a free spam test at MailGenius.com to make sure your domain is configured with email deliverability best practices.

2 of 6

1

TLDs can influence deliverability; happy to discuss SES monitoring!

reddit.com › r/seo › experience with .us domains

r/SEO on Reddit: Experience with .US domains

May 9, 2024 -

Hello all!

We're looking to register a domain for our business. We have a few options that end with .com, however, a .us domain would work well with our slogan.

The only downside is that we have seen a few articles online about spam from .us domains. We do not want to be associated with a domain extension that is privy to scammers.

From your experience, do you think .us domains are used by scammers as often as our Google searches would suggest? None of us have ever received any spam emails from a .us address.

Thank you!

Top answer

1 of 3

1

This is ccTLD zone, not something associated with the spam. Spammers can use any domain zones for spam. But be ready you will receive a lot of spam everywhere: in email, phone calls and messengers. I've recently registered .US domain and put my contacts in WHOIS, but I didn't notice that my registrant doesn't provide whois protection for ccTLD domains by default. This was my mistake - I received a lot of spam everywhere. In general, it's a country domain zone - there is no concerns from business or SEO perspective

2 of 3

1

Spam sites exist on every domain extension, don't worry about using a .us. What matters is what you do with your domain, there is no systematic distrust towards any domain extension.

Security Boulevard

securityboulevard.com › home › cybersecurity › preventing domain spam – how to get whitelisted quickly?

Preventing Domain Spam – How to Get Whitelisted Quickly? - Security Boulevard

January 12, 2024 - Under Threat policies, select Anti-spam. ... Scroll down and click Edit allowed and blocked senders and domains. Under Allow domains, click the + icon and enter the domain name. Click Save to apply the changes.