As the internet continues to grow, so do the scams that attempt to exploit it. One of the more cunning scams targets website owners and a valuable asset they possess: their domain name. What makes this scam so dangerous is how it mimics a legitimate process used by companies like Google and Bing to verify site ownership.
Recently, I was targeted by a scammer who attempted this very thing. After what seemed like a normal conversation about advertising on URTech.ca, they revealed their true intentions, and I want to share the details so you can avoid a similar fate.
Here is the key email exchange that contained the scam:
From: Auden Atlas [email protected]
Sent: Monday, September 22, 2025 7:12 AM
To: Ian Matthews
Subject: Re: Advertising on https://www.urtech.ca/Thank you for your response. upload this file in your meta tags
<meta name=”publication-media-verification” content=”bf32c952fcdc48bc830c48a2a6a2b961″>
After this we will give you max 100+ orders in month
This request, and the conversation that followed, set off three major red flags:
Red Flag #1: The Email Address
The first and most immediate red flag was the sending email address: [email protected]. A legitimate business, especially one that claims to be a professional platform like “publication.media,” would use an email address with its own domain (e.g., [email protected]
Red Flag #2: The Too Enticing Offer
The promise of “100+ orders in month” is a classic too-good-to-be-true offer. The scammer knows that the idea of a huge income stream can make a website owner overlook the other warning signs. This tactic is designed to make you act quickly, without thinking through the risks.
Red Flag #3: The Meta Tag Request
Why does this supposed advertiser:
- care who owns the site? If their ad appears on the site, that is all the proof they should need and they should be happy
- need something that no other advertiser needs? We have few companies ask us to add tags over the years, but we have never done it.
How the Meta Tag Scam Works
The request to “upload this file in your meta tags” is the core of the scam. This method is often used for legitimate site ownership verification. When you want to prove to a service like Google Search Console that you own a website, they give you a unique meta tag to place on your homepage. Once it’s there, their system can see it and confirm you have control of the site.
The scammer is using this exact same method to fool you. They are not interested in advertising; they are interested in using that meta tag as proof of ownership, so they can steal your site.
After you place the tag on your site, they will go to your domain registrar or hosting company and claim they have lost access to your account. They will then use the meta tag as “proof” that they are the rightful owner.
What Can The Scammer Do With Your Domain
If they find a support agent or site owner who isn’t paying close attention, they could get your domain transferred to their control. Once they have your domain, they can shut down your website, redirect your traffic, and seize your email accounts.
If they get access to your email accounts, they could have companies you deal with send password reset approvals to your email so they can get into other accounts… that is bad… very bad!
They are likely to try to extort you into buying your own site back or perhaps they will sell your domain and site contents to the highest bidder.
What to Do With A Scammer?
You could just delete their mail and go about your merry day, but I like the fight! I notified my staff about the problem so they are aware of the scam and then I sent a simple and direct response to the scammer:
We will not add tags and we do not accept bulk orders. If you have an article, we can add an entry into our ads.txt file but we do NOT accept promotional content.
This is where the scammer made a critical mistake that exposed their ignorance. They replied:
Yes sure but firstly add tag on your site after this easily work with you. Kindly do that after ownership verification you can remove this tag Thank you
Their insistence on the meta tag and their dismissal of my offer to use ads.txt showed they didn’t know the difference. The ads.txt file is a public, standardized file designed to prevent ad fraud. Anyone can view it by going to yoursite.com/ads.txt (i.e. you can see ours at URTech.ca/ads.txt ). It is not used to verify ownership in a way that gives someone control of your site. It simply lists the authorized ad vendors for your domain.
The scammer wasn’t interested in a legitimate advertising partnership. They just wanted a meta tag to complete their scam.
In the end, I called them out directly.
Auden (if that is your name) you are a scammer.
We will not add tags and while I can do little to stop you from hitting others, I have reported you to the real Publication.Media (see the CC [email protected] and the attached threads) who have more resources to annoy you with.
The Wrap
The takeaway here is simple: never add a meta tag to your website for verification unless it is for a known, legitimate service like Google, Bing, or another trusted platform. Be VERY suspicious of any offer that seems too good to be true and always check the email address of the sender. Scammers are out there, and staying vigilant is the best way to protect your business.
0 Comments