How to Avoid Domain Sale Scams
The common domain-sale scams — fake escrow, fake buyers, overpayment chargebacks, transfer-before-payment — and the habits that keep your sales safe.
- domains
- security
- domain-flipping
- guide
The money in domain flipping is made when a name finally sells. That is also exactly when scammers show up. A live for-sale listing is an open invitation to anyone willing to impersonate a buyer, a broker, or an escrow company. The single most expensive mistake a flipper can make is not buying the wrong name. It's handing a good name to the wrong person.
Almost every domain-sale scam is a variation on one move: getting you to give up either the domain or the money before the other side has actually delivered. Once you can see that move, the defenses are simple and they barely slow down a legitimate deal. This guide walks the scams you'll actually meet, then the habits that defeat all of them. It's part of the domain flipping skills series, and it pairs closely with the legal side covered in domain flipping and the law.
The one trick behind every scam: who moves first
Every sale between strangers has the same standoff. The buyer doesn't want to pay before they get the domain, and the seller doesn't want to transfer the domain before they get paid. Somebody has to go first, and going first means trusting the other side. That's the whole problem escrow was invented to solve, and we cover the mechanics in domain escrow explained.
Scams are just attacks on that standoff. A scammer's entire goal is to manufacture a reason for you to move first — to transfer the name, send a refund, or pay a "fee" — before any real value has changed hands. Keep that lens on every message you get and the specific tricks below stop being surprising. They're all the same trick wearing different costumes.
Fake escrow sites
This is the classic, and it's effective because it weaponizes the exact tool you're supposed to trust. A buyer enthusiastically agrees to your price, then insists on using "their" escrow service and sends you a link. The site looks professional. It shows your transaction, your name, the agreed amount, a reassuring "funds received" status. None of it is real.
Wikipedia describes the scheme plainly: the bogus escrow scam is a straightforward confidence trick in which a scammer operates a bogus escrow service. The fake site exists to lie to you at the one moment you're listening hardest. As Wikipedia puts it, this bogus escrow service assures the victim that the scammer has sent its item and that the victim should send its item to the escrow service. You see "buyer has funded escrow," you transfer the domain to settle the deal, and the money was never there. The site goes dark and so does the buyer.
The tell is always the same: the buyer chose the escrow service, and you've never heard of it. Real escrow only protects you if you picked it. An escrow company recommended, linked, and conveniently set up by your counterparty isn't a neutral referee — it's the other team's player wearing a referee's shirt.
Fake buyers and fake brokers
Not every scam needs a fake website. Some just need a convincing person. A "buyer" emails with serious interest in a name, name-drops a company, maybe attaches a logo, and moves fast toward a number that's a little too good. The pressure is the product. The goal is to get you emotionally committed to a five-figure sale so that when the "one small step" arrives — pay a transfer fee, cover an escrow deposit, send a refund — you do it without thinking.
A common variant is the fake broker or marketplace agent. You get a message claiming a high-value buyer is ready, but the deal has to run through a specific appraisal service, certification, or "release" fee you pay up front. Legitimate brokers and marketplaces take a commission out of a completed sale. They do not ask the seller to pay money in advance to unlock a buyer who supposedly already exists. Any deal that requires you to pay first to get paid later is the scam, full stop.
These attacks lean on a name looking more legitimate than it is, which is one reason it pays to read ownership records. A quick WHOIS lookup and a search for the company the "buyer" claims to represent will often collapse the story in under a minute. Real buyers survive a Google search. Invented ones don't.
Overpayment and chargeback scams
The overpayment scam is older than domains and it adapts perfectly to them. The "buyer" sends a payment for more than the agreed price — a mistake, they say, or an accountant's error — and asks you to refund the difference. You're now staring at money that appears to have landed in your account, so wiring back a few thousand dollars of "their" money feels harmless. Then the original payment is reversed and you're out the refund you sent from your own funds.
The engine here is the chargeback. Wikipedia defines it as a return of money to a payer of a transaction, especially a credit card transaction. Crucially, the chargeback reverses a money transfer from the consumer's bank account, line of credit, or credit card. That reversal can land days or weeks after the payment looked complete, and it's a standard buyer protection that scammers exploit by paying with a stolen or disputable instrument. By the time the chargeback hits, you've already transferred the domain and refunded the "overpayment." You lose both.
The defense is to never act on money that can still be clawed back. A "received" notification is not the same as cleared, irreversible funds, and a refund request on top of a fresh payment is a screaming red flag rather than a courtesy.
Transfer-before-payment
Sometimes the scam skips the theatrics and just appeals to your decency. The "buyer" explains that their company can only pay an invoice after receiving the asset — procurement rules, accounting policy, a boss who needs to see the domain in the account first. Could you transfer it now and they'll release payment immediately? They sound reasonable. They sound almost annoyed that you'd doubt them.
Do not transfer first. Once a domain leaves your control, your leverage is gone, and clawing it back means a slow, uncertain dispute rather than a refund. This matters even more because of how transfers actually work. Moving a domain to another registrar requires you to hand over the authorization code — Wikipedia notes the buyer obtains the authentication code (EPP transfer code) from the old registrar — and once that code is out and the transfer completes, the name is theirs. The same source notes the process may take about five days, and after it lands there's a lock period before it can move again, which used to be 60 days and, per Wikipedia, that 60-day transfer lock policy was eliminated, replaced with a 30-day lock period. None of that helps you if you've already given the name to a thief.
A close cousin of this scam targets the name you're buying, not selling: the seller takes payment and never releases the auth code, or releases one that doesn't work. The principle is identical from either side. Whoever moves first without a neutral party holding the other half of the deal is the one exposed.
The habits that beat all of them
The scams above are diverse. The defenses are not. A short, boring checklist neutralizes nearly every domain-sale attack, and a legitimate counterparty will happily go along with all of it.
Always use real, escrow-backed settlement, and pick it yourself. Insist on a reputable escrow service or marketplace that you propose. The neutrality only works when you chose the referee. If a buyer refuses your escrow and demands theirs, the deal is over — that refusal is the diagnosis. Our full walkthrough of how this should look is in domain escrow explained and the seller's checklist in how to sell a domain name you own.
Verify the other side before you trust the deal. Run a WHOIS lookup, check the company the buyer claims to be, confirm email domains match, and be suspicious of free webmail addresses pretending to be corporate procurement. A two-minute identity check defuses the fake-buyer and fake-broker scams almost entirely.
Never transfer first, and never act on uncleared money. Don't release the domain or the auth code until escrow confirms real, irreversible payment. Don't refund an "overpayment." Don't treat a "funds received" screen as proof of anything. Time is always on the honest party's side, so let the clock run.
Never pay an up-front fee to unlock a sale. Legitimate brokers and marketplaces are paid out of a completed transaction. A demand for advance fees, "appraisals," or "release" payments to access a buyer is the scam itself.
Slow down when urgency spikes. Pressure, flattery, and a deal that's slightly too good are the scammer's core tools, because they all push you to skip the steps above. The more a buyer rushes you, the more carefully you should move.
If a name is valuable enough to attract a scammer, it's valuable enough to sell properly. The point of these habits isn't paranoia. It's that you get to keep the upside you worked for instead of donating it to someone with a convincing email.
The Namefi angle
Most of this guide is about defending the moment of handover — proving payment is real before the name moves, and proving the name is real before the money moves. That whole standoff exists because, in the traditional system, ownership and payment live in two separate places that have to be reconciled by a trusted middleman.
Namefi narrows that gap by tokenizing ownership of real ICANN domains, so control of the name and settlement of the deal can be verified and exchanged together, with DNS continuity so the name keeps resolving through the handover. When the asset is auditable and the transfer is atomic, the "who moves first" problem — the thing every scam in this guide attacks — has a lot less room to hide. We dig into that shift in how tokenized marketplaces replace escrow.
Friendly Disclaimer (Read Me!)
We're not lawyers, accountants, financial advisors, or doctors, and nothing in this article is legal, financial, tax, accounting, medical, or any other flavor of professional advice. We write these posts to educate ourselves and as a convenience for our customers. Info here may be out of date, geography-specific, or just plain wrong. We make mistakes too.
For any important decision, please consult a real professional (seriously!). Or if that's not your vibe, ask a friend, ask Twitter, ask Reddit, ask an AI, or ask a psychic. In short: DOYR - Do Your Own Research. Let's learn and have fun.
Sources and further reading
- Wikipedia — Bogus escrow (definition and mechanics of the fake-escrow scam)
- Wikipedia — Chargeback (definition and how a chargeback reverses a payment)
- Wikipedia — Domain name transfer (EPP auth code, ~5-day transfer, 30-day lock)
- Namefi resources — Domain escrow explained · How to sell a domain name you own · How domain hijacking actually happens
About the author(s)
Related guides
- Cybersquatting vs Legitimate Domaining: UDRP and ACPA ExplainedWhere legitimate domaining ends and cybersquatting begins: the UDRP three-part test, the ACPA, reverse domain hijacking, and how to stay safe.
- Domain Flipping and the Law: Trademarks, UDRP, and ScamsThe legal landscape every domain flipper needs: trademark basics, UDRP and ACPA, escrow at closing, hijacking defense, and how to dodge sale scams.
- For-Sale Landing Pages That ConvertHow to build a domain for-sale landing page that converts: a clear price or offer path, real trust signals, and a frictionless way to buy or make an offer.
- Running a Domain Portfolio Like a BusinessRun your domains like inventory: track cost basis, watch sell-through rate, control renewal drag, prune losers, and keep the books clean.