Lately, there’s been an uptick in the Amount of domains That are being stolen. I am not sure if it’s because of the worldwidepandemic and individuals are becoming more desperate for cash, or if domain namethieves are taking advantage of the shifting electronic and technologyatmosphere. COVID-19 is causing more of us to become online and conduct business online. But this also means that many don’t fully understand how to properly protect their electronic assets, like domain names. This may be why we’re seeing more and more online scams, phishing, and online theft generally.
When I think of electronic assets, I believe of many distinct kinds. Our electronic assets can consist of access to your bank account on line, access to reports like cryptocurrency accounts, and payment transaction sites like PayPal, Masterbucks, and Venmo. Then there is online shopping websites’ logins, such as Amazon, Walmart, Target, and eBay, in which most probably you have an account where your payment data is saved. Apple Purchase and Google Pay are other people, as well as your website hosting account that handles your email (if you don’t use Gmail.com or Outlook.com), and, ultimately, your domain . In case your domain namegoes lost, then you eliminate a lot: accessibility to email, as well as your website most likely will return, where you’ll eliminate visibility, online sales, and clients. Online thieves are hacking sites and anywhere there’s a login, since they’re attempting to access your digital assets.
Many Of us are now used to safeguarding our online accounts using a unique, protected password for each login that we have online. An significant part protecting digital assets, and domain names, would be to ensure thatyou get a secure password and two-factor authentication set up for your login at your domain nameregistrar. Oftentimes, if a thief gains access to an account at a domain nameregistrar, the consequences can be catastrophic if you don’t have additional protections in place to safeguard your domain .
Hackers who gain access to a domain nameregistrar’s account can perform a few things that would disrupt your business:
You would think it’s the copy, but the copy may contain malicious code.I’ve even seen them direct online sales from a copy of your website to them so they profit monetarily from it via identity theft or diverting funds.
The thief or hacker could push the domain name in their account. They might even keep your contact info on the WHOIS record so thatit looks like you still have itbut the domain namemay be moved in their account. If it’s out of your account and you no longer control the domain , then they’ve stolen the domain nameand canresell it. Whenever they start the transfer then they’ve attempted to steal the domain , and as soon as it is transferred then it is regarded as stolen. They can keep the exact same name servers so it points to your website, and therefore you don’t detect that it is stolen.
Digital thieves understand that domain name Names are valuable, as they’re electronic assets that can be sold for tens of thousands, thousands, hundreds of tens of thousands as well as millions of dollars. Regrettably, domain namecrimes generally go un-prosecuted. Oftentimes, the domain thieves aren’t found in theexact same state as the victim. They all have exactly the exact same thing in common: they wish to benefit monetarily from slipping the domain name. Following is a fewdomain namecrimes that I’ve found lately:
A organization’saccount at a domain nameregistrar was hacked (using social engineering). The business was involved in cryptocurrency, therefore gaining access to the domain name enabled for the hackers to access the organization’s crypto exchange.
The domain thief posed as a domain namebuyer, telling the domain nameowner they wanted to buy their domain namefor a few thousand dollars. The buyer and seller agreed to a cost, the thief told them they could pay them via cryptocurrency. The seller transferred the domain name when they had been given details of the cryptocurrency transaction. They had been scammed, and lost the domain .
A domain name owner that has a portfolio of domain names gets their account hacked at a domain nameregistrar. The owner does not comprehend this, and the domain names are transferred to another registrar in another country. The gaining registrar is uncooperative (or in on the theft), and won’t return the domain names.
A domain name owner has his or her account hacked at the domain nameregistrar and domain names are transferred out to another registrar. Then they sell the domain names to someone else, and the domain names are transferred yetagain to another registrar. This happens several times, with different registrars. Those who bought the domain names don’t know they’re stolen, and they lose any investment they made in the domain names. Sometimes it’s difficult to unravel cases similar to this, since there are several owners and registrars involved.
All Of these happened in the previous two to three months. In the instance of the domain name purchase scam, the vendor should have used a domain nameescrow service, there are several reputable escrow services, such as Epik.com’s Domain Escrow Services, as well as Escrow.com that handles domain name sales.
Just just how do you minimize the risk of your domain namegetting stolen?
Move your domain to a protected accounts.
Log into your accounts account on a regular basis.
Setup registry (transfer lock) on your domain.
Assess WHOIS information regularly.
Renew the domain for many years or”forever”.
Take advantage of other security features at your own Password.
Protect your domain with a domain name guarantee.
Consider Moving your domain nameto a protected domain name registrar. You will findregistrars that have not kept up with common safety practices, such as allowing you to set up 2-Factor Authentication on your account, Registrar Lock (which halts domain nametransfers), as well as preparing a PIN number on your account for customer support interactions.
Log Into your domain nameregistrar’s account on a regular basis. I can notreally say how frequently you need to do this, but you ought to do it on a normal schedule. Log in, make sure you have the domain name(s) on your account, make sure they’re on auto-renew, and nothing looks out of the normal. This less-than-5-minute task could literally save your domain namefrom being stolen.
Establish Registrar Lock or”transport lock” on your domain . Some It’s a setting that makes sure thatthe domain namecannot be transferred into another account without having it turned off. Some go so far as maintaining it”on” unless they get verbal confirmation that it needs to be transferred.
Assess The WHOIS information on the domain . Test it publicly on a public WHOIS, like at ICANN’s WHOIS, WhoQ, or even at your registrar. In case the domain nameis using WHOIS Privacy, send an email to the obfuscated email address to ensure youmake the email.
Renew your domain name for many years. For valuable domain names (or ones thatyou don’t want to lose). You can find a “forever” domain nameregistration at Epik.com.
Ask the accounts if the account access can be limited based on The IP address of the person logging into the account. Ask the accounts if the account can be restricted from logging in by a USB Device, like a physical Titan Security Crucial, or even a Yubikey. In case you have Google Advanced Protection enabled on your Google Account, you will have two physical keys to access this Google Account (and a few innovative protection in the Google back-end). You would then have those Advanced Protection keys out ofGoogle to protect the domain names on Google Domains.
Consider protecting your domain (s) with a domain name guarantee or support that protects these digital assets, such as DNProtect.com.
Security really seriously, have upgraded their systems”behind the scenes” so to speak. It’s harder for the fraudsters and thieves to steal domain names at these registrars. Some domain name registrars don’thave 24/7 technical support, they can outsource their customer serviceagents, and their domain software is obsolete.
Domain Name Thefts Occurring at This Time
As I write this now, I have been informed of 20 very valuable domain names that were stolen from their owners at the last 60 days. For example, of 2 cases I personally affirmed, the domain names were stolen from one particular domain nameregistrar, based in the united states. The domain names were transferred to another domain nameregistrar in China. Both these companies who have the domain names are, in actuality, based on the United States. So, it is not plausible that they would move their domain names to a Chinese domain name registrar.
Both domain names, this exact same domain name thief retained the domain name ownership documents whole, and they both reveal that the former owners. But in one instance, part of the domain namecontact record was altered, andthe prior owner’s address is current, but the final portion of the addressis listed as a Province in China, rather than Florida, in which the businesswhose domain name has been stolen is located.
What tipped us off to these stolen domain is the factthat both Domains names were listed for sale on a favorite domain name marketplace. However, these are domain names in which the overall consensus of the value could be over $100,000 each, and were listed for 1/10th of their value. It’s too good to be true, and most likely it’sstolen. The same is true for all these domain names that are supposedly stolen. The cost provides them away, also, in this case, the ownership records (the WHOIS records) also reveal evidence of the theft.
It has never Been important to take responsibility for your electronic assets, and Make sure thatthey are with a domain nameregistrar that has adapted And developed with the times. A Couple of minutes spent sensibly, securing your Digital assets, is imperative in times like these. It can be the Difference between your precious digital assets and internet properties being Safeguarded, or potentially exposed to theft and threat.