Domain Name Hijacking is becoming a common buzzword on the internet. Many organizations and businesses pay a large amount of money every year to ensure that their domain names remain secure and protected and are not stolen or lost. This article explains how Domain Names get stolen and how you can prevent your domain name from theft.
Registrant Email Address
The most vulnerable link in the security chain of your domain name, is the Registrant Email Address.The Registrant Email Address indicates who the owner of the domain name is and which email address should have control of the domain name. All important communication for the domain name is done with the Registrant’s email address only. Renewal Reminders, Expiry Details and even WHOIS record changes are sent to the Domain Name Registrant’s Email Address. If you enter a wrong WHOIS email address at the time of Registration or if a wrong email id is on record, then that wrong email id will have control of that domain name. It is extremely important to have a correct WHOIS record and also to ensure from time to time that the details are accurate and up to date.
Phishing and Fraud
A common way of stealing domain names is by sending a phishing mail to the registered email address asking the owner to verify his / her details or to login to their domain control panel through a link in the email. That link actually goes to the hijackers website, which requests the owner to put in his control panel login credentials into a form. When the user submits the details, the hijacker has received the gift-wrapped password. This allows him to simply login and change the details or transfer the domain to his own account. DMARC policy
Hacked Email Account
If your email account was compromised, you should change the passwords of all your control panels and sensitive login credentials. A lot of damage can be done when the attacker compromises your email account. In one instance, the attacker had access to the gmail address of the Domain Owner. He didn’t change the password or fool around in the account, to prevent any suspicion from being raised. He simply set a filter, to grab all password reset emails or domain verification emails, hide them from the Inbox and send them to his own external email address. This way, even when the Transfer Approval Verification mail was sent to the gmail address of the domain owner, it was simply forwarded to him where he clicked the approval link and confirmed the transfer. This could have been prevented if the user had been a bit more alert and monitored their gmail account activity regularly.
Having an unscrupulous Registrar or a vulnerable Registrar is also a big threat to your domain name’s safety. By Registrar I also mean the Registrar’s Resellers and Affiliated vendors. If you have a problem with your Domain Reseller, you can always escalate the complaint to the Domain Registrar who is bound to take the corrective action. However, sometimes the registrars are also not very cooperative and can give you a tough time. This has been seen in many Domain Theft Cases, where due to the negligence (if not connivance) of the domain registrar, the domain name was stolen or lost to a hijacker. The only remedy which then remains available is opening up a dispute with ICANN, to compel the Registrar to give back your domain name.