Preventing Domain Theft
Domain theft is all over the news at the moment, with a string of high value domains alleged to have been stolen from domain investors and other businesses. What does it really involve and more importantly what can be done to prevent it?
Domain theft occurs when hackers obtain access to your domains, update the owner information and transfer these domains to themselves or other parties. They are sometimes then advertised for sale on forums and marketplaces, often for less than they’re generally considered to be worth.
Hackers will target domain investors and small businesses as they are seen as softer targets compared to major corporations who can employ digital security experts or use the services of firms to guard against threats posed by hackers.
How to prevent domain theft?
No one likes the thought of having their domains stolen, but as high-value domains will sell for thousands on the open market, the lucrative nature of this type of theft makes it a permanent reality. As there are no straightforward mechanisms available to a Registrar for returning a stolen domain to its rightful owner, and often domains are stolen using legitimate passwords, prevention is the key. Follow these simple steps to help protect your domains from theft.
- The most common method used by thieves to steal domains is by hacking in to your email. If possible, it is highly advised that you combat this by setting your whois information to private. This will make it more difficult for domain thieves to find the email address used for the account a domain is managed under, as it won’t be publicly listed on the WHOIS.
- Keep an offline list of all domains, separate from the ones saved by your registrars. This will make it easier for you to reconcile the domains you own against those listed in an account with your Registrar(s) so that you can spot possible errors.
- Use two-factor authentication! User names and passwords simply aren’t enough these days. Thousands of sophisticated daily phishing and malware attacks expose the vulnerability of a simple password protection system. Two-factor authentication is quick and easy to setup and works by adding the entry of a short pin number into the login process. This pin number can be emailed, sent as an SMS to your phone, or displayed via an authenticator app on your phone (as used by Internet.bs).
- Hold on to the “handover” period. All gTLD transfers go through a five day “handover” period where the transfer of a domain is held for five days to give the Registrant the ability to opt out of the transfer. There is an override mechanism available to Registrars where they can “force” the transfer to happen immediately via the automated EPP system. Registrars have the choice to make this mechanism available to their customers through their control panel. When choosing a Registrar consider whether a domain thief will have the ability to quickly transfer your domain away if they gain access to your account.
- Look for additional security features. Some Registrars offer additional security features such as IP logging and notification services; make use of these features if they are available.
- Use a registry lock for high value domains. Most Registries offer an even higher level of domain security in the form of a Registry Lock. This Registry Lock only allows a domain to be transferred, or in some cases updated, if an authorised representative of the Registrar contacts the Registry and approves using a verified passphrase. This is a very effective method of security and most Registrars will only take this action after fully verifying a customer and their request. Note: Most Registrars will charge a fee for this service.
Registrars will always try to make the domain management process as simple as possible for their customers by automating systems as much as possible. This means that Domain thieves can move quickly if they gain access to your account. Make sure you are taking charge of your domain security by putting the appropriate measures in place to ward off the would be thieves.