Domain Name Hijacking is becoming a common buzzword on the internet. Many organizations and businesses pay a large amount of money every year to ensure that their domain names remain secure and protected and are not stolen or lost. This article explains how Domain Names get stolen and how you can prevent your domain name from theft.
The most vulnerable link in the security chain of your domain name, is the Registrant Email Address.The Registrant Email Address indicates who the owner of the domain name is and which email address should have control of the domain name. All important communication for the domain name is done with the Registrant’s email address only. Renewal Reminders, Expiry Details and even WHOIS record changes are sent to the Domain Name Registrant’s Email Address. If you enter a wrong WHOIS email address at the time of Registration or if a wrong email id is on record, then that wrong email id will have control of that domain name. It is extremely important to have a correct WHOIS record and also to ensure from time to time that the details are accurate and uptodate.
A common way of stealing domain names is by sending a phishing mail to the registered email address asking the owner to verify his / her details or to login to their domain control panel through a link in the email. That link actually goes to the hijackers website, which requests the owner to put in his control panel login credentials into a form. When the user submits the details, the hijacker has received the gift-wrapped password. This allows him to simply login and change the details or transfer the domain to his own account.
If your email account was compromised, you should change the passwords of all your control panels and sensitive login credentials. A lot of damage can be done when the attacker compromises your email account. In one instance, the attacker had access to the gmail address of the Domain Owner. He didn’t change the password or fool around in the account, to prevent any suspicion from being raised. He simply set a filter, to grab all password reset emails or domain verification emails, hide them from the Inbox and send them to his own external email address. This way, even when the Transfer Approval Verification mail was sent to the gmail address of the domain owner, it was simply forwarded to him where he clicked the approval link and confirmed the transfer. This could have been prevented if the user had been a bit more alert and monitored their gmail account activity regularly.
Having an unscrupulous Registrar or a vulnerable Registrar is also a big threat to your domain name’s safety. By Registrar I also mean the Registrar’s Resellers and Affiliated vendors. If you have a problem with your Domain Reseller, you can always escalate the complaint to the Domain Registrar who is bound to take the corrective action. However, sometimes the registrars are also not very cooperative and can give you a tough time. This has been seen in many Domain Theft Cases, where due to the negligence (if not connivance) of the domain registrar, the domain name was stolen or lost to a hijacker. The only remedy which then remains available is opening up a dispute with ICANN, to compel the Registrar to give back your domain name.
The best way of keeping your domain name safe is to ensure that it is “locked”. All Registrar’s provide a Registrar Lock feature which allows you to prevent your domain name from being transferred out when the lock is enabled. This means that you can lock your domain name till the time you want to actually transfer it out. If you have registered your domain name for a long period, it will be a good idea to keep the domain name locked. The lock can be toggled on/off through the Domain Control Panel provided by the Registrar or Reseller. Hence it is very important to have the Domain Control Panel in your hands as well.