Facebook sues Namecheap to protect people from domain name fraud

Facebook has filed a lawsuit against domain registrar Namecheap and its Whoisguard privacy protection service over fraudulent domains

Facebook announced this week that it has filed a lawsuit against domain registrar Namecheap and its Whoisguard privacy protection service because it has refused to provide information on a series of fraudulent domains. Fraudulent domains are often used for malicious activities, such as phishing and scams.

“This week we filed a lawsuit in Arizona against Namecheap, a domain name registrar, as well as its proxy service, Whoisguard, for registering domain names that aim to deceive people by pretending to be affiliated with Facebook apps.” reads the advisory published by Facebook. “These domain names can trick people into believing they are legitimate and are often used for phishing, fraud and scams.”

The social network giant found 45 domains (i.e. instagrambusinesshelp.com, facebo0k-login.com, and whatsappdownload.site) that were designed to impersonate Facebook and its services infringing its trademarks.

The domains leveraged Whoisguard to disguise the registrant’s information.

“We found that Namecheap’s proxy service, Whoisguard, registered or used 45 domain names that impersonated Facebook and our services, such as instagrambusinesshelp.com, facebo0k-login.com and whatsappdownload.site.” continues Facebook. “We sent notices to Whoisguard between October 2018 and February 2020, and despite their obligation to provide information about these infringing domain names, they declined to cooperate.”

Namecheap refuses any accusation and explained that it operates to protect the privacy of its customers.

“Today we find ourselves in another battle as Facebook is attempting to bypass legal protections and our own stringent customer protections. 

Facebook claims that certain websites have violated Facebook’s trademarks and may be perpetuating fraud due to misleading domains.” reads a post published by

“Because Namecheap does not voluntarily divulge domain registrants’ private details (as protected by our WHOIS proxy Whoisguard) without a court-ordered subpoena, Facebook has filed a lawsuit against us.”

“We actively remove any evidence-based abuse of our services on a daily basis. Where there is no clear evidence of abuse, or when it is purely a trademark claim, Namecheap will direct complainants, such as Facebook, to follow industry-standard protocol. Outside of said protocol, a legal court order is always required to provide private user information,” said Namecheap CEO Richard Kirkendall.

“Facebook may be willing to tread all over their customers’ privacy on their own platform, and in this case, it appears they want other companies to do it for them, with their own customers. This is just another attack on privacy and due process in order to strong-arm companies that have services like WhoisGuard, intended to protect millions of Internet users’ personal private data.”

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – scam, Namecheap)

[adrotate banner=”5″]

[adrotate banner=”13″]