Doing business today you are as likely to give out your website address as your email or phone number. Your Web domain is your business identity on the internet. Don’t risk falling victim to the cyberthreat known as domain hijacking.
You build up a business site to represent your brand online. Every bit of content, and all the fonts and images you selected, reflect your business. You probably also have email addresses at the domain name (e.g. firstname.lastname@example.org). So, imagine the pain of finding out that someone else has stolen your domain.
When your domain gets hijacked, you lose control of your website, its email addresses, and all associated accounts. And it’s not easy to recover them.
The Infosec Institute shares examples:
An advertising agency spent US$15,000 and 19 months recovering its stolen domain.
The owner of ShadeDaddy.com lost US$50,000 and had to lay off six of its eight employees. He said domain name theft is “like your house got stolen.”
How does a domain get stolen?
There are several ways this can happen to a business or individual.
The simplest is that your domain name expires, and you don’t know it. Domain registrars must send notice one month and one week before the domain expires. But the reminders might go to an email address that is no longer active or to the Web company that set your site up years ago and with whom you no longer communicate.
Once your domain rights lapse, the site gets disabled. After that, the domain name goes back into a pool of domain names for anyone to buy.
There are people who make money from purchasing domains. They hope to make money off your company’s desperation to get its domain back. Or they profit from redirecting traffic from your reputable Web address to their own.
Then there are the hijackers. These cybercriminals also want to profit from Web traffic redirects or to access your domain emails to send false invoices. They might intercept emails sent to your domain to learn proprietary information. They could change the content on your site or redirect traffic to a hub for online gambling, or worse.
The hijackers might steal your domain by gaining access to the email account you used to set up the domain. Cybercriminals might use phishing emails to obtain the access credentials. They use the password reset mechanism to take over your account and transfer the domain to a different registrar.
Your domain registration company could be compromised, too. It helps to pick an accredited registrar for your domain registration.
Any of these scenarios can have a serious, lasting impact on your business. Once someone else has access to your domain address they can do whatever they want with it.
Protect Against Domain Hijacking
The first step is to protect your access credentials. Leveraging two-factor authentication can also help prevent hijackers from stealing your domain. A registry lock can also help. It requires more communication if someone tries to change domain registration. This lets you know of suspicious activity and gives you some time to react.