Recently, there’s been an uptick in the Amount of domain names I am not sure if it’s because of the globalpandemic and individuals are becoming more desperate for cash, or if domain thieves are using the changing electronic and technologyatmosphere. COVID-19 is causing more of us to become online and conduct business online. But that also means that many do not fully understand how to properly protect their electronic assets, such as domains. This may be why we’re seeing more and more online scams, phishing, and online theft in general.
When I think of electronic resources, I believe of several different kinds. Our electronic assets can include access to your bank account on line, access to reports like cryptocurrency accounts, and payment transaction sites such as PayPal, Masterbucks, and Venmo. Then there’s online shopping sites’ logins, for example Amazon, Walmart, Target, and eBay, where most likely you have an account where your payment information is saved. Apple Pay and Google Pay would be other people, in addition to your web site hosting account that manages your email (if you don’t utilize Gmail.com or Outlook.com), and, ultimately, your domain name. If your domain goes missing, then you lose a lot: accessibility to email, in addition to your site probably will go down, where you’ll lose visibility, online sales, and clients. Online thieves are hacking sites and anywhere there’s a login, since they’re trying to get to your digital resources.
Many People are now used to protecting our online accounts using a unique, protected password for every login that we have online. An significant part protecting digital resources, and domains, would be to ensure you have a secure password and two-factor authentication setup for your login in your domain registrar. In many cases, if a burglar gains access to an account in a domain registrar, the consequences can be disastrous if you do not have extra protections in place to safeguard your domain name.
Hackers who access a domain registrar’s account can perform several things that would disrupt your company:
They can point the domain name to another web server, perhapstheir”copy” of your site. They might even keep your contact info about the WHOIS record so it seems like you still own it–but the domain may be transferred into their account. When it’s out of your account and you no longer control the domain name, then they’ve stolen the domain and canresell it.
The thief or hacker can transfer the domain name with that registrar to another registrar. As soon as they begin the transfer then they’ve tried to steal the domain name, and as soon as it’s transferred then it’s regarded as stolen. They can keep the same name servers so that it points to your site, and therefore you don’t detect that it’s stolen.
Digital thieves understand that domain Names are valuable, as they’re electronic assets that can be sold for tens of thousands, tens ofthousands, hundreds of thousands, as well as millions of dollars. Regrettably, domain crimes generally go un-prosecuted. In many cases, the domain thieves are not found in thesame country as the sufferer. They all have the same thing in common: they wish to gain monetarily from stealing the domain name. Here’s a fewdomain crimes that I’ve found recently:
A company’saccount in a domain registrar was hacked (using social engineering). The company was involved in cryptocurrency, therefore gaining access to this domain name enabled for the hackers to get the organization’s crypto exchange.
The domain burglar posed as a domain buyer, telling the domain owner they wanted to purchase their domain for several thousand dollars. The buyer and seller agreed to a price, the burglar told them that they could pay them via cryptocurrency. The seller transferred the domain name when they were given details of this cryptocurrency transaction. After the seller tried to access the cryptocurrency and”cash in”, it was invalid. They were scammed, and dropped the domain name.
A domain name owner that has a portfolio of domain names gets their account hacked in a domain registrar. The owner doesn’t realize this, and the domains are transferred to another registrar in a different country. The gaining registrar is uncooperative (or in about the theft), and won’t return the domains.
A domain name owner has his or her account hacked in the domain registrar and domains are transferred out to a different registrar. Then they sell the domains to somebody else, and the domains are transferred again to a different registrar. This happens several times, with different registrars. People who bought the domain names do not know they are stolen, and they lose any investment that they made in the domains. At times it’s difficult to unravel cases similar to this, since there are numerous owners and registrars involved.
All Of these happened in the previous two to three weeks. In the instance of this domain name sale scam, the seller should have used a domain escrow service, there are numerous reputable escrow services, such as Epik.com’s Domain Escrow Services, in addition to Escrow.com that manages domain name sales.
Just just how can you minimize the risk of your domain getting stolen?
Move your domain to a protected registrar.
Log into your registrar account on a regular basis.
Setup registry (transfer lock) in your domain.
Assess WHOIS data regularly.
Renew the domain for several years or”forever”.
Take advantage of other security features at your own Password.
Protect your domain using a domain name warranty.
Consider Transferring your domain to a protected domain name registrar. You will findregistrars that have not kept up with common security practices, such as letting you set up 2-Factor Authentication in your account, Registrar Lock (that halts domain transfers), as well as preparing a PIN number in your account for customer service interactions.
Log Into your domain registrar’s account on a regular basis. I can notreally say how often you want to do this, but you should do it on a normal schedule. Log in, be sure to have the domain name(s) on your account, be sure they are on auto-renew, and nothing appears out of the normal.
Establish Registrar Lock or”transport lock” in your domain name. Some It is a setting that makes certain the domain cannot be transferred to another registrar without having it turned off.
Assess The WHOIS data on the domain name. Test it openly on a public WHOIS, like in ICANN’s WHOIS, WhoQ, or in your registrar. Make certain it’s right, even the email addresses. If the domain is using WHOIS Privacy, send an email to the obfuscated email address to ensure toget the email.
Renew your domain name for several years. For valuable domains (or ones you don’t want to lose). You can get a “forever” domain registration in Epik.com.
Ask the registrar in the event the account access can be restricted based on Ask the registrar if the account can be restricted from logging in by a USB Device, like a bodily Titan Security Key, or a Yubikey. If you have Google Advanced Protection enabled in your Google Account, you may have two physical keys to get that Google Account (plus a few innovative protection in the Google back-end). You would then have those Advanced Protection keys out ofGoogle to protect the domains on Google Domains.
Consider protecting your domain name(s) using a domain name warranty or service that protects those digital resources, such as DNProtect.com.
Some domain name registrars, especially those who take domain Security very seriously, have upgraded their systems”behind the scenes” so to speak. It is more difficult for the fraudsters and thieves to steal domains at those registrars. Some domain name registrars do nothave 24/7 technical assistance, they can outsource their customer supportagents, and their domain registrarsoftware is obsolete.
Domain Name Thefts Occurring Right Now
As I write this today, I have been informed of at least20 very valuable domains that were stolen from their owners in the last 60 days. As an example, of two cases I personally confirmed, the domain names were stolen out of one particular domain registrar, based in the USA. The domains were transferred to some other domain registrar in China. Both these companies who own the domains are, in fact, based on the USA. Thus, it’s not logical that they’d transfer their domain names to some Chinese domain name registrar.
In the case of
Both domains, this same domain name thief retained the domain name ownership records intact, and they both show that the former owners. However, in 1 instance, part of this domain contact record was altered, andthe prior owner’s speech is current, however, the last part of the addressis recorded as a Province in China, and not Florida, where the businesswhose domain name was stolen is located.
What tipped us off to those stolen domain casesis the factthat both Domains were listed available on a favorite domain name marketplace. But, these are domains where the general consensus of this value would be over $100,000 each, and were recorded for 1/10th of the value. Bear in mind the 1 year old $150,000 Porsche listed available on Craigslist for $15,000? It is too good to be true, and probably it isstolen. The same is true for all these domains that are supposedly stolen. The price gives them away, and, in this case, the possession records (the WHOIS documents) also show evidence of this theft.
It has never Been more important to take responsibility for your electronic resources, and Ensure they are using a domain registrar that has accommodated And developed with the times. A Couple of moments spent wisely, securing your Digital resources, is imperative in times such as these. It can be the Difference between your valuable digital assets and web properties being Safeguarded, or potentially subjected to theft and threat.