We need to be crystal clear: spammers have restarted to use an old trick, and it’s aimed directly at you, our clients. They are scraping WHOIS data to find business domain owners, then sending fraudulent renewal emails that pretend to come from our brands — Gransy, Subreg, Regtons, G‑Hosting… They expect that you will just pay, without checking.
The scam is simple but dangerous. The attackers use our brand names in the mailbox display name to make the message look familiar. But the actual email address is not ours, and this is easily visible. You as our customers, you know from where our legitimate renewal notices are coming and you know the right address. Usually, it is from info@subreg.cz, info@regtons.cz, info@g-hosting.rs… If the sender address is anything else, it is a fake.
The emails themselves are another giveaway. We do not send in HTML format, and they don’t look like our official communication. The formatting is sloppy, the wording is off, and the links lead to suspicious sites. Worst of all, they may ask you to provide credit card details or other sensitive information. That is not us. That is fraud.
How to Protect Yourself
Always check the real sender address, not just the display name. If the email doesn’t come from our official addresses, delete it. Compare the format with the renewal notices you’ve seen from us before — if it looks different, it’s fake. And never, ever share payment information in response to an email unless you are absolutely sure it’s legitimate.
The Bottom Line
This scam is designed to exploit trust in our brands. By mimicking our names, spammers hope to trick you into handing over sensitive data. Don’t fall for it. Look at the address, not just the name. Trust the format you know. And never give away your payment details to impostors.
We are fighting this abuse, but the best defense is vigilance.
If you’re ever in doubt, contact us directly through our website or official support channels.
