Do NOT Donate on the Page! It is Insecure!

On my last post I explained why I thought that the page is a fake. held by a domain speculator. After posting I returned to Twitter where a friend who probably doesn’t want her name used pointed out that the donation page on is insecure.

Pages on the Internet where you buy stuff, or make political donations, usually use encryption so that it’s harder to steal your personal information, including your credit card number. If you go to, the official campaign web site, the donation page is properly secured. The URL starts with https:// which means to use security, and somewhere on the page you will see a little lock icon. (The location varies from browser to browser.)

By contrast, the site uses iframes to pull in the real Mitt Romney site. The use of frames breaks the security. This means that the donation page is INSECURE. It uses http:// not https:// and there is no lock icon. Your personal information, including credit card information, is at risk of being intercepted.

This tends to confirm my theory that the site is in the hands of a domain speculator.

Do not donate at the site at this time. Go to the real site,

UPDATE: Some time between Sunday afternoon and Monday morning the domain was parked. The name servers have changed to name servers provided by a domain parking company. The domain no longer displays framed content from, but instead displays a page with ads, a search box, and a notice that the domain is for sale. (Usually in such domain parking arrangements the owner of the domain splits any ad revenue with the parking service. Details of such arrangements vary by service.)


4 Responses to “Do NOT Donate on the Page! It is Insecure!”

  1. [...] UPDATE: The site is insecure at this time. If you donate there your personal information, including credit card information, may be intercepted. For details see my next post. [...]

  2. [...] Tom Reynolds warns: The site currently displays content from But the way it is done is by creating an [...]

Leave a Reply

Your server is running PHP version 4.4.9 but WordPress 4.0 requires at least 5.2.4.