Fake domain name expiry or renewal invoice scam — fraudulent email impersonating a domain registrar or renewal service claiming the recipient's domain name is about to expire, registration is overdue, or a renewal invoice is outstanding — directing them to click a link and pay immediately to avoid losing their domain, having it transferred to a third party, or released to the public — a widespread spam and fraud targeting website owners and small businesses who fear losing their domain names

Spam and fraud emails impersonating domain registrars, renewal services, or domain management companies — claiming the recipient's domain name is about to expire, their registration is overdue, or an invoice is outstanding — then directing them to click a link and pay a renewal fee immediately to prevent losing their domain to the public or having it transferred to a third party. This is one of the most consistent high-volume spam categories targeting small business owners and webmasters. Key facts: (1) Domain expiry scams have operated continuously since the 1990s — the FTC took action against Network Solutions and similar operators; modern variants use lookalike company names (e.g., "Domain Registry of America," "Domain Services of Canada") sending paper invoices or emails that mimic legitimate registrar notices; ICANN issued formal consumer advisories warning about domain renewal scams; (2) The scam works on fear of loss — domain names represent years of SEO equity, brand identity, and customer recognition; losing a domain can mean losing a business; attackers exploit this by creating urgency and making renewal appear urgent even when the domain is actually registered for years ahead; (3) The payment harvested ($15–$45 "renewal fee") is the immediate fraud, but payment card details enable broader financial fraud; some sophisticated variants redirect the domain to attacker-controlled infrastructure after "renewal"; (4) Legitimate domain renewal emails come exclusively from the current registrar of record — verifiable by WHOIS lookup; no legitimate registrar requires urgent payment via emailed invoice link with non-official domains. Warning signs: non-registrar sender domain, domain expiry urgency language, invoice with third-party payment link, no mention of current registrar or account login.