NameCheap sells your data

[Inva]

Just a heads up, this company sells your data to 3rd parties even though you pay them. With "CHEAP" in the brand name what did i expect?

We use an email forwarding scheme where each email is used for a single service only. We receive every few months a spam email at the address we gave to NameCheap.

 

[arnydnxluk]

Did you use the email address as one of your domain registration contacts?

If so this may have been available in the public WHOIS database until recently.

 

[Inva]

I believe that is true, but NameCheap is the only registrar from where we get these emails, we have other registrars as well. I'm pretty certain it's not a coincidence. How come no other address gets anything? Furthermore the amount of time between spam emails is such that it seems pretty subtle. We are not bombarded, just once every 3-4 months.

 

[WESH.UK]

Its not unheard of for people registering domain names to get spam the very same day due to WHOIS harvesting.

Are the emails coming from:
A. Name cheap themselves?
B. Third party but on behalf of namecheap?
C. From a totally separate source?

Are the emails from the same source each time?
Have you contacted the sender to find out where they got your details from?

 

[Seb de Lemos]

Namecheap are too big, too professional, and not stupid enough, to sell your data on. It'll be from the whois data that's published. Just because you don't get spam when you register domains with other registrars, doesn't mean that it doesn't happen.

 

[Inva]

I can't answer those questions as i just delete them. But now i remember we used to have that privacy thing, if only because they gave it for free for the first year . We created this email account only slightly over a year ago, and i remember we did get emails during the 1 year protection period too.

Namecheap are too big, too professional, and not stupid enough, to sell your data on. It'll be from the whois data that's published. Just because you don't get spam when you register domains with other registrars, doesn't mean that it doesn't happen.

If FB and big G can, then why not Namecheap?

"How We Share This Information" says an entire section in their privacy policy. Granted, this is supposedly "site usage information" but it mentions even info they get from 3rd parties. So why can't some obscure scheme exist under which your info becomes available?

Btw we continue using them, it's not a big deal +4 spam emails per year.

 

[arnydnxluk]

Have you asked Namecheap about this? I also find it unlikely that they would sell your data. I have seen their CEO and CIO active on WebHostingTalk, Twitter and I think Hacker News in the past, they seem quite open to investigating and addressing any issues raised.

In regards to the WHOIS stuff - some registrars such as GoDaddy have had gated WHOIS in place for years which required someone to visit GoDaddy's website and complete a captcha to access personal information, so this can explain why some registrar's WHOIS records are harvested more easily than other's.

 

[tamarw]

Hey guys, Namecheap here. We do not sell your data, and as others said, we are too big and that would be an incredible invasion of our customers' privacy and our customers' trust. In all likelihood, if your data has ever been available on public WHOIS, bots/tools pull that data and use that to build a database for all new website registrations. Additionally, there is always that possibility that an address that is "guessed," or a catch-all redirects an email to an inbox. There are email addresses that I use for personal use only that I have NEVER given *anyone* that get email. It's the nature of the internet.

In any event, if you are have any doubts, you may wish to email us and we will conduct an investigation. But to be 100% clear, we would never ever sell customer data -- ever. That just violates everything we stand for.

Please feel free to reach out to us at any time should you have questions. We're a 24/7/365 operation.

Thanks

 

[Karimbo]

We are not bombarded, just once every 3-4 months.

lol, that is not spam. you don't know what spam is until you got yourelf onto groupon or wowcher.

 

[webhostuk]

Is it from the same @domain.com or different with same content, have you tried to use a spam filter.

 

[HostXNow]

Most likely done using some type of scraping tool.