Recently, there’s been an uptick in the Amount of Domains Which are being stolen. I am not positive if it’s because of the worldwideoutbreak and folks are getting more desperate for cash, or if domain thieves are taking advantage of their changing digital and techenvironment. COVID-19 is causing more of us to become online and conduct business online. But that also means that many don’t fully comprehend how to properly protect their digital assets, such as domains. This may be why we’re seeing more and more online scams, phishing like Google Ads phishing, and online theft in general.
While I think of digital assets, I think of several different kinds. Our digital assets can include access to your bank account online, access to reports such as cryptocurrency accounts, and payment transactionsites such as PayPal, Masterbucks, and Venmo. Then there’s online shopping websites’ logins, for example Amazon, Walmart, Target, and eBay, in which most probably you have an account where your payment data is saved. Apple Pay and Google Pay are many others, in addition to your web site hosting account which handles your email (unless you utilize Gmail.com or Outlook.com), and, ultimately, your domain name. In case your domain goes lost, then you lose a lot: access to email, in addition to your site probably will go down, where you are going to lose visibility, online sales, and clients. Online thieves are hacking websites and anywhere there is a login, because they’re trying to get to your digital assets.
Protecting Online Accounts
Many of us are now used to safeguarding our online accounts by using a Unique, secure password for each login that we’ve got online. An significant part protecting digital assets, and domains, is to ensurethatyou have a secure password and two-factor authentication set up for your login at your domain registrar. In many cases, if a thief gains access into an account at a domain registrar, the results can be disastrous if you don’t have extra protections in place to protect your domain name.
Hackers who access a domain registrar’s account can do a few things that would disrupt your business:
They could point the domain name to another web server, perhaps their”copy” of your site. They might even keep your samecontact info about the WHOIS record so thatit looks like you still own itbut the domain may be moved in their account. If it’s from your account and you no longer control the domain name, then they’ve stolen the domain and mayresell it. As soon as they begin the transfer then they’vetried to steal the domain name, and as soon as it is transferred then it is considered to be stolen. They may keep the same name servers so it points to your site, and therefore you don’t notice that it is stolen.
Digital thieves know that domains are valuable, since they are Digital assets which can be sold for tens of thousands, tens ofthousands, hundreds of thousands, as well as millions of dollars. Regrettably, domain crimes generally go un-prosecuted. In many cases, the domain thieves aren’t found in the same state as the sufferer. They allhave exactly the same thing in common: they want to benefit monetarily from stealing the domain name. Here’s a few domain crimes that I’ve found recently:
A organization’s account at a domain registrar was hacked (using social technology).
The domain thief introduced as a domain buyer, telling the domain owner they wanted to purchase their domain for a few thousand dollars. The buyer and seller agreed to a price, the thief told them that they could pay them via cryptocurrency. The seller transferred the domain name once they were given details of the cryptocurrency trade. When the seller tried to access the cryptocurrency and”cash in”, it was invalid. They were scammed, and lost the domain name.
A domain name owner that has a portfolio of domain names gets their account hacked at a domain registrar. The owner does notrealize this, and the domains are transferred to another registrar in another nation. The gaining registrar is stubborn (or in about the theft), and will not return the domains.
A domain name owner has her or his account hacked at the domain registrar and domains are transferred out to another registrar. They then sell the domains to someone else, and the domain namesare transferred yetagain to another registrar. This occurs several times, with different registrars. People who purchased the domain names don’t know they are stolen, and they shed any investment that they made in the domains. Sometimes it’s difficult to unravel cases like this, asthere are numerous owners and registrars involved.
All ofthese occurred in the previous two to three weeks. And are just In the case of the domain sale scam, the vendor must have employed a domain escrow assistance, there are numerous reputable escrow services, such as Epik.com’s Domain Escrow Services, in addition to Escrow.com that handles domain name sales.
So how can you minimize the danger of your domain getting stolen?
Transfer your domain name to a secure registrar.
Log in to your accounts account on a regular basis.
Setup registry (transfer lock) in your domain name.
Assess WHOIS information frequently.
Renew the domain name for several years or”eternally”.
Take advantage of other security attributes at your own Password.
Protect your domain using a domain name guarantee.
Consider moving your domain to a secure domain name registrar. There are registrars that have not kept up with common safetypractices, such as letting you set up 2-Factor Authentication onyour account, Registrar Lock (which halts domain transfers), as well as preparing a PIN number in your account for customer supportinteractions.
Log in to your domain registrar’s account on a regular basis. I Can’t really say how often you need to do this, but you ought to do it on a regular schedule. Log in, be sure to have the domain name(s) in your account, make sure they are on auto-renew, and nothing looks out of the normal. This less-than-5-minute task could literally save your domain from being stolen.
Set up Registrar Lock or”transfer lock” in your domain name. Some It is a setting which makes sure thatthe domain cannot be transferred to another registrar without needing it turned off. Some go so far as maintaining it”on” unless they get verbal confirmation which it needs to be transferred.
Check the WHOIS information on the domain name. Test it publicly on a Public WHOIS, such as at ICANN’s WHOIS, WhoQ, or at your registrar. Make sure it’s right, even the email addresses.
Years for valuable domains (or ones thatyou don’t want to shed). You can get a “eternally” domain registration at Epik.com.
Request the accounts in the event the account access can be restricted based on Request the registrar if the account can be restricted from logging in by a USB Device, such as a physical Titan Security Key, or a Yubikey. In case you have Google Advanced Protection allowed in your Google Account, you will have two physical keys to access that Google Account (and a few innovative security in the Google back-end). You would then have those Advanced Protection keys out ofGoogle to protect the domains on Google Domains.
Look at protecting your domain name(s) using a domain name guarantee or service which protects those digital assets, such as DNProtect.com.
Some domain name registrars, especially those who take domain Security really seriously, have updated their systems”behind the scenes” so to speak. It is harder for the fraudsters and thieves to steal domains at those registrars. Some domain name registrars don’thave 24/7 technical assistance, they may outsource their customer supportrepresentatives, and their domain name software is outdated.
As I write this now, I have been informed of at least20 very Valuable domains which were stolen from their owners at the last 60 days. For example, of 2 cases I personally affirmed, the domain names were stolen from one particular domain registrar, based in the USA. The domains were transferred to another domain registrar in China. Both ofthese companies who own the domains are, in fact, based in the United States. Thus, it is not plausible that they’dmove their domain names into a Chinese domain name registrar.
In the case of both domains, this Exact Same domain thief kept The domain name ownership documents undamaged, and they bothshow the formerowners. But in one case, part of the domain contact record was changed, along with the former owner’s speech is present, however, the last portionof the speech is recorded as a Province in China, rather than Florida, in whichthe firm whose domain name has been stolen is located.
What tipped us off into those stolen domain is that both Domains were listed available on a popular domain name market. However, these are domains in which the general consensus of the value could be over $100,000 each, and were recorded for 1/10th of the value. Bear in mind the 1 year old $150,000 Porsche listed available on Craigslist for $15,000? It is too good to be true, and probably it’sstolen. The same goes for these domains which are supposedly stolen. The purchase price provides them away, also, in this scenario, the ownership records (the WHOIS documents) also show evidence of the theft.
Digital resources, and make sure thatthey are using a domain registrar That’s evolved and adapted with the times. A Couple of moments spent Sensibly, securing your digital assets, is imperative in times such as these. It can be the difference between your valuable digital assets and internet Properties being safeguarded, or potentially exposed to theft and risk.