[3/7/2026 Update: So after all this, and me saying such a mail is a scam, it is not. The new hosting provider chosen by Mauvehed, for attrition.org, uses this entity as a “partner registrar”. This new provider demonstrates they are amateur hour at security. First, the mail doesn’t identify the hosting provider, and doesn’t identify the name of their own company (KeySystems) which we learned via support. So while the email is not from ICANN, it is from an affiliated registrar to this hosting provider. I hate technology.]
TL;DR: If you get an email from noreply@emailverification.info saying you must click a link and input a code to finalize a domain transfer, ignore it. It claims to be an ICANN accredited registrar, but per ICANN themselves, the mail is not legitimate. Any mails about transferring a domain should come from the registrar you are moving from, or the one you are moving to.
It feels weird to write this blog, because, on the surface, the obvious answer should be obvious. Right up until you search via Google to confirm your hunch and find conflicting information. So this will be relatively short so when others do their Googling, they hopefully find a definitive answer instead of confusion. Let’s start with the sequence of events.
- You decide to transfer your domain from one registrar to another.
- This transfer becomes public at some point in the process.
- You receive an email that looks pretty legitimate, requiring you to confirm the transfer.
- You click, but it isn’t legitimate…
What does this email look like?
From: noreply@emailverification.info
Dear registrant or prospective registrant,
Due to the requirements under the ICANN Registrar Accreditation Agreement we are required to confirm the validity of the email address provided for the domain name registration application or contact creation.
The domain(s) listed below were registered/updated with your e-mail address in the domain owner contact. It is now mandatory that you confirm the accessibility of your email address.
Verification required until / Domain Name
2026-03-10 23:42:55 attrition.org
You will only have to do this once for each email address used.
Please click on the following link to confirm that you have received this email and to validate your email address:
If the above shown link should be broken please proceed to
And enter your personal validation token into the form field:
trigger = [long-string-of-characters]
Please note that in case you do not validate your email address, we are required to suspend your domain name registration(s) using these contact details no later than:
Tuesday March 10. 2026 23:42:55 UTC
After the suspension date you can always re-activate your domain name(s) by confirming the address as described above.
IMPORTANT NOTE:
If you do not carry out this confirmation, the domain registration guidelines prescribe that the status of your domain(s) mentioned above is changed to “on hold”; consequently your domain(s) can not be reached anymore.
Thank you very much for your cooperation!
Best regards,
Your ICANN Accredited Registrar
So the mail claims to be from an ICANN accredited registrar, the email comes in while the transfer is occurring, and you are supposed to click to confirm and finalize it. However, note that it didn’t come from ICANN based on the ‘From’ header and it comes from a ‘no-reply’ address. I haven’t transferred a domain in a long time so I wasn’t entirely sure if this was legitimate. Before I clicked, I Googled and that is where the confusion came in.
In this Reddit thread someone asks the same thing. First and second reply say it is a scam, but the fourth says it is a legitimate from ICANN while pointing out the problems. In a thread on Namepros, you get conflicting “it was not a scam” and “it is a scam” answers, and it ends with another person questioning if the mail above is legitimate.
Searching ICANN for the domain name the mail originates from does not yield any direct matches. Fortunately, one Knowledge Base (KB) article instructs you to email their support if you have any questions or concerns. So I did just that! Shortly after my email I received an auto-confirmation and their system assigned case #01558662. Within 30 minutes I received a reply, which is impressive, confirming that mails should be sent by a registrar that is part of the transfer, and if you have doubts about the authenticity of such mails, to contact them. Here’s the relevant part of the email directly from ICANN:
We understand that you would like to verify the authenticity of the email verification that you had received. We hope that the below information will be helpful to you.
While ICANN is responsible for making sure registrars (entities that manage domain names) verify the contact information provided by registrants (domain holders), ICANN itself does not send verification email to registrants.
The verification email will be sent by your registrar or domain service provider. If you suspect that the email you have received is a phishing or fraudulent email, please contact your registrar to verify if they have sent the email.
Please reach out to the registrar directly to verify the authenticity of the email.
I know that emails like this will originate from other domains and use different wording. But that doesn’t matter because the point stands. ICANN themselves will not reach out to you about a domain transfer. Only mails directly from the registrar you are moving from, or to, should be taken as legitimate. Ignore anything else.
