Scammers Are Calling About SSL Renewal

One of our clients received a phone call pretending to be their website’s SSL certificate provider. The caller went on to explain that our client’s website would experience issues if they didn’t renew.

It’s a scam.

The caller is using scare tactics to intimidate our clients and others.

5 of our clients, so far, have received a voicemail from the same number.

Hang up and block the number if you receive a similar call.

How The Caller Knows About Your SSL

Anybody can view a website’s SSL certificate.

If you’re using Chrome, go to your website, click the padlock to the left of your domain, and click “certificate.” It looks like:
In Firefox, click the padlock, and then the arrow next to “Connection Secure,” and then “More information” to view the certificate. It looks like:
An SSL certificate is public because it’s a sign of public trust. In other words, an SSL certificate tells the world that your website is safe to browse.

That makes them easy targets for scammers selling their own SSL service. They can see when a website’s certificate is expiring and intimidate the owner into buying the scammer’s SSL certification.

The scammer may not even be checking the SSL certificate on a particular website. They may be scraping phone numbers and trying their luck by calling every number they collect.

Don’t give them your information.

You Will (Likely) not be Notified About SSL Renewal by Phone

Here’s the script the spammer used for one of our client’s websites:

Hi ____, my name is _____ I’m calling in regards to an expiring SSL certificate for URL — the current one in your Go Daddy certificate on the site to set to expire tomorrow around 4 o’clock Pacific standard time. Once it does, the site will start loading with the privacy error message. If you’d like to get that certificate renewed beforehand you can give me a call back on my direct line at 626-508-1560. Thanks and have a nice day.

The person calling may even be running a real business. Their marketing tactic is what’s unethical. Their vague language suggests that they’re the website’s SSL provider.

In reality, they’re independent and they’re calling people who aren’t familiar with SSL to sell them their company’s services.

Determining if an SSL Renewal Notification is Real

If your website’s SSL certification is going to expire you will likely receive an email from your provider.

Many people implement SSL through their hosting company, such as GoDaddy, Namecheap, Siteground, or Bluehost. If that’s the case all you have to do is log in to your hosting account on the provider’s website to renew the certificate.

Free certificates issued through Let’s Encrypt automatically renew.

If you’ve implemented through another company then you will likely receive an email from them if it’s time to renew.

However, be aware that some scammers do try phishing by email.

Do not click links within an email if you’re unsure.

Always go to your provider and log in to the website directly to be safe.

Our Clients Don’t Need to Worry About Renewing Their SSL

At Counseling Wise, we keep you and your website safe without worrying about the hassle of renewing SSL.

If you work with us and receive a phone call or email, ignore it or let us know.

We implement free SSL from Let’s Encrypt which automatically renews every 3 months, or we implement SSL through GoDaddy and Sucuri which also automatically renews.

If you receive a phone call or email and feel hesitant feel free to contact us.

More Posts

Yes, Google is a Monopoly and Therapists Have To Work With the Monarch

Have no doubt, Google is a monopoly. No matter how hard they try therapists and counselors and private practices can’t escape Google if they want to attract potential clients online. But this reality has disheartened many therapists. Google’s original motto was “Don’t be evil,” but since the pandemic many private practices have come to believe

Dec 2020 Google Algorithm Change: How Did Therapists Fare?

Between December 3rd and the 18th Google rolled out its 2020 Core Algorithm Update. It’s part of the regular tuning Google does to their algorithm to improve search. This last one was a big one. It shook a number of industry players from their coveted spots on the rankings. Amazon and Psychology Today slipped off

Scraper Site FindHealthClinics May Have Stolen All Your Content

Nobody wants to see their work stolen but on the internet it’s easy to be a thief. Some of our clients have discovered that a website called FindHealthClinics is taking their content to make a quick buck. Our clients are understandably upset. They’ve worked hard to implement a digital presence that helps them connect with

Simple Practice Releases a Website Offering That Is…A Bit Too Simple

The Announcement of the “Professional Website” by Simple Practice When I heard that Simple Practice came out with a website offering, I was curious. I like what they’ve done with their EHR; they seem put-together as a tech company, and they know a lot about the therapy industry. I was excited to see what they

Scroll to Top