Minimizing the Probability of Having Your Domain Name Stolen
Recently, there’s been an uptick in the Amount of domain names I am not sure if it’s because of the globalpandemic and people are getting more desperate for cash, or in case domain thieves are using the changing digital and techenvironment. COVID-19 is inducing more people to become online and conduct business online. But this also means that many do not fully comprehend how to properly protect their digital assets, such as domain names.
When I think of digital assets, I think of many different types. Our digital assets may consist of access to your bank account on line, access to reports such as cryptocurrency accounts, and payment transaction sites such as PayPal, Masterbucks, and Venmo. Then there is online shopping websites’ logins, such as Amazon, Walmart, Target, and eBay, in which most likely you have an account where your payment data is stored. Apple Purchase and Google Pay are other people, as well as your web site hosting account that manages your email (if you don’t use Gmail.com or Outlook.com), and, finally, your domain . If your domain goes missing, then you eliminate a lot: accessibility to email, as well as your website most likely will return, where you’ll eliminate visibility, online sales, and customers. Online thieves are hacking websites and anywhere there’s a login, since they’re attempting to access your digital assets.
Many Of us are now utilized to protecting our online accounts using a unique, secure password for each login that we have online. An significant part protecting digital assets, and domain names, is to ensure thatyou get a safe password and two-factor authentication setup for your login in your domain registrar. Oftentimes, if a burglar gains access to an account in a domain registrar, the results can be catastrophic if you do not have extra protections in place to protect your domain .
Hackers who access a domain registrar’s account may do a few things that would interrupt your business:
The thief or hacker can make modifications to the DNS records for your domain . They can point the domain name to another web server, possiblytheir”copy” of your website.
The thief or hacker can push the domain name into their account. They might even keep your contact information about the WHOIS record so thatit seems like you still own itbut the domain may be moved into their account. If it’s from your accounts and you no longer command the domain , then they have stolen the domain and mayresell it. As soon as they begin the transfer then they have tried to steal the domain , and when it’s moved then it’s regarded as stolen. They may keep the same name servers so that it points to your website, and therefore you don’t detect that it’s stolen.
Digital thieves know that domain Names are valuable, since they are digital assets that may be sold for tens of thousands, tens ofthousands, hundreds of tens of thousands as well as millions of dollars. Regrettably, domain crimes generally go un-prosecuted. Oftentimes, the domain thieves are not located in thesame state as the victim. All of them have the same thing in common: they wish to gain monetarily from stealing the domain name. Here’s a coupledomain crimes that I’ve seen lately:
A organization’saccount in a domain registrar was hacked (using social engineering). The business was involved in cryptocurrency, therefore gaining access to the domain name allowed for the hackers to access the company’s crypto exchange.
The domain burglar posed as a domain buyer, telling the domain owner they wanted to buy their domain for a few thousand dollars. The buyer and seller agreed to a price, the burglar told them that they could pay them via cryptocurrency. The seller moved the domain name once they had been given details of the cryptocurrency transaction. After the seller tried to access the cryptocurrency and”cash in”, it was invalid. They had been scammed, and lost the domain .
A domain name owner that has a portfolio of domain names gets their accounts hacked in a domain registrar. The owner does not comprehend this, and the domain names are transferred to another registrar in a different nation. The gaining registrar is stubborn (or in about the theft), and will not return the domain names.
A domain name owner has her or his accounts hacked in the domain registrar and domain names are moved out to a different registrar. They then sell the domain names to somebody else, and the domain names are moved again to a different registrar. This happens several times, with various registrars. People who purchased the domain names do not know they are stolen, and they shed any investment that they made in the domain names. At times it’s hard to unravel cases similar to this, as there are several owners and registrars involved.
All Of these occurred in the previous two to three weeks. And so are onlyexamples of where the domain name owner might have done something to block the domain name theft. In the case of the domain name purchase scam, the vendor should have employed a domain escrow assistance, there are several reputable escrow services, such as Epik.com’s Domain Escrow Services, as well as Escrow.com that manages domain name sales.
Just how can you minimize the danger of your domain getting stolen?
Transfer your domain name to a secure registrar.
Log into your registrar account on a regular basis.
Setup registry lock(transfer lock) on your domain name.
Check WHOIS information regularly.
Renew the domain name for many years or”forever”.
Take advantage of additional security attributes at your registrar.
Shield your domain with a domain name warranty.
Consider Moving your domain to a secure domain name registrar. There areregistrars that haven’t kept up with common security practices, like allowing you to set up 2-Factor Authentication on your accounts, Registrar Lock (that halts domain transfers), as well as preparing a PIN number on your accounts for customer support interactions.
Log Into your domain registrar’s accounts on a regular basis. I can’treally say how often you need to do this, but you should get it done on a normal schedule. Log in, be sure you have the domain name(s) on your accounts, be sure they are on auto-renew, and nothing looks out of the normal.
Establish Registrar Lock or”transport lock” on your domain . Some It’s a setting that makes sure thatthe domain cannot be moved into another account without having it turned off. Some go as far as maintaining it”on” unless they get verbal confirmation that it should be transferred.
Check The WHOIS information on the domain . Check it openly on a public WHOIS, such as in ICANN’s WHOIS, WhoQ, or even in your registrar.
I recommend at least 5 Decades For valuable domain names (or ones thatyou don’t wish to lose). It’s possible to find a “forever” domain registration in Epik.com.
Request the registrar if the accounts access can be restricted based on The IP address of the person logging into the accounts. Request the registrar if the accounts may be restricted from logging in by a USB Device, such as a bodily Titan Security Crucial, or even a Yubikey. If you have Google Advanced Protection enabled on your Google Account, you will have two physical keys to access this Google Account (and a few innovative protection in the Google backend). You would then have those Advanced Protection keys fromGoogle to protect the domain names on Google Domains.
Consider protecting your domain (s) with a domain name warranty or support that protects these digital assets, such as DNProtect.com.
It’s harder for the fraudsters and thieves to steal domain names at those registrars. Some domain name registrars do nothave 24/7 technical assistance, they may outsource their customer servicerepresentatives, and their domain name software is outdated.
As I write this today, I have been informed of 20 very valuable domain names that were stolen by their owners in the previous 60 days. As an example, of 2 cases I personally confirmed, the domain names were stolen out of one particular domain registrar, based in the USA. The domain names were moved to another domain registrar in China. Both ofthese companies who own the domain names are, in fact, based on the USA. So, it’s not logical that they’d move their domain names to a Chinese domain name registrar.
In the case of
Both domain names, this same domain name thief kept the domain name ownership records intact, and they both reveal the former owners. But in one case, part of the domain contact record was altered, andthe prior owner’s address is present, but the last portion of the speechis listed as a Province in China, and not Florida, in which the businesswhose domain name has been stolen is located.
What tipped us off to these stolen domain is the factthat both Domains were listed for sale on a popular domain name marketplace. However, these are domain names in which the overall consensus of the value could be over $100,000 per year, and were listed for 1/10th of the value. Remember the 1 year old $150,000 Porsche listed for sale on Craigslist for $15,000? It’s too good to be true, and most likely it isstolen. The same goes for all these domain names that are allegedly stolen. The price provides them away, and, in this case, the possession records (the WHOIS records) also reveal evidence of the theft.
It has never Been more important to take responsibility for your digital assets, and Ensure thatthey are with a domain registrar that has accommodated And evolved with the times. A few moments spent sensibly, securing your Digital resources, is critical in times such as these. It can be the Difference between your precious digital assets and internet properties being Safeguarded, or possibly subjected to theft and threat.