Domain hijacking or domain theft is the practice of stealing a domain name from its legal owners. This means redirecting the domain to another web server or transferring it to another registrar. Domain thefts are financially damaging to businesses, especially to online shopping businesses as all their traffic is diverted, ie their revenue as well. Also, as brands, you may lose customer trust and your reputation may suffer as a result.
How are Domains Hijacked?
Domain hijacking happens through gaining an unauthorized access to the owner’s registrar account. The most commonly used ways are:
– Hacking the administrative contact email address. This can easily be obtained from the domain’s Whois record (unless there is a private domain registration. For more, go to <What are the Benefits of Using Whois Privacy for your Domains?>). After that, hackers have to reset the email password to access the domain account and steal the domain by redirecting it to their preferred web servers and/or transfer it to another registrar.
– Exploiting software vulnerabilities in the domain registrar’s system.
How can you Recover your Hijacked Domain?
Having your domain/s hijacked can be not only damaging to your business, but also distressing to your management. Domains are like real estate on the Internet, so losing valuable assets can be a blow. However, there are recovery actions that you can take to get your domains back:
– Notify your domain registrar immediately so they are aware of unauthorized access.
– Contact a lawyer if domains have already been transferred and you need to take legal steps. If your domains are a protected trademark as well, you may refer to the UDRP (Uniform Domain-name Dispute Resolution Policy) for resolution.
– Provide documentation. It is important that you’ve got some proof that there is an association between you and the hijacked domains that you can present before the registrar or the dispute resolution service provider (ICANN’s website provides a list of approved providers). The following documentation may serve this purpose:
- Copies of registration records
- Billing histories
- Proof of financial transactions such as credit cards or bank statements
- Correspondence from the registrar about the hijacked domains, etc.
Recovering your domain will usually take time, but it is possible, especially if you’ve got a registered trademark to your domain.
What can you Do to Protect Your Domain from being Hijacked?
It turns out there are a number of precautions you can take to reduce the risk to your Internet assets, ie your domain/s:
– Pick well-established corporate-focused registrars which can offer you better security protection. It is also important to check their transfer policies before registering with them. Usually registrars keep domains locked to ensure they cannot be transferred without authorization. Registrars provide extra security with authorization codes. The owner needs to pass the code to the gaining registrar to finalize the transfer. Also, username and password setting requirements should be strict.
For more information on choosing a domain registrar, go to <What you should Know before Registering your Domain> and <How to Choose the Right Domain Name Registrar for you>.
– Consider registering with Whois privacy. Since a major way to hack your domain account is through your email address, if you choose a private registration, your names and contact information will be replaced by the service provider’s.
– Regularly update your web servers’ security software so that hackers cannot easily exploit software vulnerabilities.
– Monitor your site traffic so that you can notice anything suspicious.
– Make sure that your registrant details are secure and recoverable – names, passwords, contact persons, etc. This means that you limit access to them only to the staff responsible for domain name management. When staff changes, change account information, especially passwords as well.
Prevention is Better than a Cure
While there isn’t a 100% security guarantee, there are a lot of simple prevention steps to take to decrease the risk of hijacking. Even changing your email password frequently can go a long way in protecting your email account and thus, your domains as well