Don`t Lose Your Domain to Hijackers!
(Page 1 of 4 )
Some have compared it to trying to get into your own bricks-and-mortar store and discovering you’re locked out, while a stranger sits behind the counter – and worse, the cops can’t do anything about it. It’s been going on for years, and if you’re not careful you could be the next victim. Read on to find out how you can stay the master of your domain.
This particular crime is usually called either domain name theft or domain hijacking. Another variation of it is domain slamming, which I’ll define a little later in this article. By any name, the results are the same: for some reason, you can’t get into your own domain, you’re not receiving email from that domain, and you discover that it’s now registered to someone else. Needless to say, to a small online business this can be devastating.
It could happen for a number of reasons. Maybe you have a particularly valuable domain name that someone wants to sell. In fact, .com domains are supposedly more likely to be stolen than any others. It’s also possible, though unlikely, that whoever stole your domain did it as an attack on your business or you personally.
So exactly how do these thugs go about stealing your (and your business’) online identity? There are a number of ways they accomplish this, and not all of them require the thief to be technologically sophisticated. How hard is it, for example, to send a forged fax to the domain registrar, impersonating you (the registrant)? Other attacks are more subtle: the email that tells you your domain name is about to expire, and that you need to renew. Are you sure that email is actually from YOUR registrar? That last form of attack is called domain slamming, after a similar and now illegal practice formerly engaged in by certain phone companies, which switched a users' long distance phone companies without their knowledge or consent.
Hijackers can use whois records for their nefarious deeds. All they have to do is look up your domain name’s whois information. If you have an address for a free email account listed, they can use it to get domain account information. And of course, whois records show when your domain name is due to expire, so if you’re not prompt about renewing your domain name, and somebody else wants it, you could be out of luck (check into the policies of your registrar; many offer a “grace period” of anywhere between five days and one month).
Domains can also be hijacked when registrars don’t follow all the procedures. The gaining registrar (to whom the domain is transferred) is supposed to get the approval of the domain name registrant or administrative contact before going forward with the transfer. Likewise, the losing registrar (from whom the domain is being transferred) is supposed to notify the registrant of the transfer during the five-day grace period before the transfer is completed. Either way, that’s YOU if it’s your business. You can deny approval of the transfer, but only if you know about it! It’s not just common courtesy for the registrars to do this; it’s required by ICANN’s Inter-Registrar Transfer Policy.
Next: Some Horror Stories >>
More Web Hosting Articles Articles
More By Terri Wells
