Minimizing the Risk of Having Your Domain Name Stolen

Lately, there’s been an uptick in the number of domain names I am not sure whether it’s due to the globalpandemic and people are becoming more desperate for money, or if domain thieves are using the shifting electronic and technologyatmosphere. COVID-19 is inducing more people to be online and conduct business online. But that also means that many do not fully comprehend how to properly protect their electronic assets, such as domains.

Digital Assets

When I think of electronic resources, I believe of many different types. Our electronic assets may include access to a bank account online, access to accounts such as cryptocurrency accounts, and payment transaction sites such as PayPal, Masterbucks, and Venmo. Then there’s online shopping sites’ logins, for example Amazon, Walmart, Target, and eBay, in which most likely you have an account where your payment information is stored. Apple Purchase and Google Pay would be others, as well as your web site hosting account that manages your email (unless you utilize or, and, finally, your domain name. If your domain goes missing, then you eliminate a lot: accessibility to email, as well as your site most likely will return, where you’ll eliminate visibility, online sales, and clients. Online thieves are hacking websites and anywhere there is a login, since they’re attempting to access your digital resources.

Protecting Online Accounts

Many People are now utilized to protecting our online accounts byusing a unique, protected password for every login that we’ve got online. An important part of protecting digital resources, and domains, would be to make sure thatyou get a safe password and two-factor authentication setup for your login at your domain registrar. In many cases, if a burglar gains access into an account at a domain registrar, the consequences can be catastrophic if you do not have extra protections in place to safeguard your domain name.

Hackers who access a domain registrar’s account may perform several things that would interrupt your company:

The thief or hacker could make modifications to the DNS records for your domain name. You would think it’s the copy, however, the copy could contain malicious code.I’ve even seen them direct online sales from a copy of your site to them so that they profit monetarily from it through identity theft or diverting funds. They might even keep your contact info about the WHOIS record so thatit seems like you still own it–but the domain may be transferred into their account. When it’s out of your account and you no longer command the domain name, then they’ve stolen the domain and mayresell it. Whenever they start the transfer then they’ve attempted to steal the domain name, and when it’s transferred then it’s regarded as stolen. They may keep the same name servers so that it points to your site, and therefore you don’t detect that it’s stolen.

Digital thieves understand that domain Titles are valuable, as they are electronic assets that may be sold for thousands, tens ofthousands, hundreds of tens of thousands and even millions of dollars. Unfortunately, domain crimes typically go un-prosecuted. In many cases, the domain thieves aren’t found in thesame state as the victim. All of them have the same thing in common: they wish to gain monetarily from stealing the domain name. Following is a fewdomain crimes that I’ve seen lately:

A company’saccount at a domain registrar was hacked (using social technology). The company was involved in cryptocurrency, so gaining access to this domain name enabled for the hackers to access the company’s crypto exchange.
The domain burglar posed as a domain buyer, telling the domain owner they wanted to buy their domain for several thousand dollars. The buyer and seller agreed to a price, the burglar told them that they could pay them through cryptocurrency. The seller transferred the domain name when they had been given details of this cryptocurrency transaction. After the seller attempted to access the cryptocurrency and”cash in”, it was invalid. They had been scammed, and lost the domain name.
A domain name owner that has a portfolio of domain names gets their account hacked at a domain registrar. The owner doesn’t comprehend this, and the domains are transferred to another registrar in another country. The gaining registrar is uncooperative (or in about the theft), and won’t return the domains.
A domain name owner has his or her account hacked at the domain registrar and domains are transferred out to another registrar. Then they sell the domains to somebody else, and the domains are transferred again to another registrar. This happens several times, with different registrars. Those who purchased the domain names do not know they’re stolen, and they lose any investment that they made in the domains. Sometimes it’s hard to unravel cases similar to this, since there are numerous owners and registrars involved.

All Of these happened in the previous two to three months. In the instance of this domain name purchase scam, the vendor should have employed a domain escrow assistance, there are numerous reputable escrow services, such as’s Domain Escrow Services, as well as that manages domain name sales.

So just how can you minimize the danger of your domain getting stolen?

Move your domain name to a protected accounts.
Setup registry lock(transfer lock) in your domain name.
Check WHOIS information regularly.
Renew the domain name for many years or”eternally”.
Take advantage of additional security features at your registrar.
Shield your domain with a domain name warranty.

Consider Transferring your domain to a protected domain name registrar. You will findregistrars that have not kept up with common safety practices, like letting you set up 2-Factor Authentication in your account, Registrar Lock (which halts domain transfers), and even setting up a PIN number in your account for customer service interactions.

Log Into your domain registrar’s account on a regular basis. I can’treally say how frequently you need to do this, but you ought to get it done on a normal schedule. Log in, be sure to have the domain name(s) in your account, be sure they’re on auto-renew, and nothing appears out of the ordinary. This less-than-5-minute task could literally save your domain from being stolen.

Establish Registrar Lock or”transfer lock” in your domain name. Some Registrars call it”Executive Lock” or something similar. It’s a setting that makes certain thatthe domain cannot be transferred to another registrar without needing it turned off. Some go as far as maintaining it”on” unless they get verbal confirmation that it needs to be transferred.

Assess The WHOIS information on the domain name. Check it publicly on a public WHOIS, such as at ICANN’s WHOIS, WhoQ, or at your registrar. Make certain it’s correct, even the email addresses. If the domain is using WHOIS Privacy, send an email to the obfuscated email address to make sure youget the email.

For valuable domains (or ones thatyou don’t wish to shed). You can get a “eternally” domain registration at

Ask the accounts if the account access can be restricted based on The IP address of the person logging in to the account. Ask the accounts if the account may be restricted from logging in by a USB Device, such as a physical Titan Security Crucial, or a Yubikey. If you have Google Advanced Protection enabled in your Google Account, you may have two physical keys to access that Google Account (and a few innovative security in the Google back-end). You would then have those Advanced Protection keys fromGoogle to protect the domains on Google Domains.

Look at protecting your domain name(s) with a domain name warranty or service that protects those digital resources, such as

Some domain name registrars, especially those who take domain It’s more difficult for the fraudsters and thieves to steal domains at those registrars. Some domain name registrars don’thave 24/7 technical assistance, they may outsource their customer supportrepresentatives, and their domain name software is obsolete.

As I write this now, I have been advised of 20 very valuable domains that were stolen by their owners at the last 60 days. For example, of two cases I personally confirmed, the domain names were stolen from one particular domain registrar, based in the united states. The domains were transferred to some other domain registrar in China. Both these companies who own the domains are, in actuality, based in the USA. Thus, it’s not logical that they would move their domain names into a Chinese domain name registrar.

Both domains, this same domain name thief kept the domain name ownership documents intact, and they both show the former owners. However, in 1 instance, part of this domain contact record was changed, andthe prior owner’s address is current, however, the final portion of the speechis listed as a Province in China, rather than Florida, in which the firmwhose domain name has been stolen is situated.

What tipped us off to those stolen domain casesis the factthat both Domains were listed for sale on a favorite domain name market. But, these are domains in which the overall consensus of this value would be over $100,000 each, and were listed for 1/10th of their value. Remember the 1 year old $150,000 Porsche listed for sale on Craigslist for $15,000? It’s too good to be true, and most likely it isstolen. The same is true for all these domains that are supposedly stolen. The price provides them away, also, in this scenario, the ownership records (the WHOIS records) also show evidence of this theft.

It’s never Been important to take responsibility for your electronic resources, and Ensure thatthey are with a domain registrar that has accommodated And developed with the times. A few minutes spent wisely, securing your Digital assets, is imperative in times such as these. It can be the Difference between your precious digital assets and internet properties being Safeguarded, or possibly subjected to theft and threat.

Related Post