Recently, there has been an uptick in the Amount of Domains I am not positive whether it’s because of the globalpandemic and people are getting more desperate for cash, or if domain namethieves are using the shifting digital and techenvironment. COVID-19 is inducing more people to become online and conduct business online. But that also means that many don’t fully comprehend how to properly protect their digital assets, such as domains. This may be why we’re seeing more and more online scams, phishing like Google Ads phishing, and online theft generally.
Digital Assets
When I think of electronic resources, I think of several distinct types. Our electronic assets can consist of access to a bank account on line, access to reports such as cryptocurrency accounts, and payment tradesites such as PayPal, Masterbucks, and Venmo. Then there’s online shopping websites’ logins, for example Amazon, Walmart, Target, and eBay, in which most likely you have an account where your payment data is saved. Apple Pay and Google Pay would be many others, as well as your website hosting account that handles your email (if you don’t utilize Gmail.com or Outlook.com), and, ultimately, your domain . In case your domain namegoes missing, then you lose a lot: access to email, as well as your site probably will go down, where you’ll lose visibility, online sales, and clients. Online thieves are hacking websites and anywhere there is a login, because they’re attempting to get to your digital resources.
Many of us are now used to safeguarding our online accounts by using a Unique, secure password for every login that we have online. An significant part protecting digital resources, and domains, is to make sureyou get a safe password and two-factor authentication setup for your login in your domain nameregistrar. Oftentimes, if a thief gains access to an account in a domain nameregistrar, the consequences can be disastrous if you don’t have additional protections in place to protect your domain .
Hackers who gain access to a domain nameregistrar’s account can do a few things that would interrupt your company:
They can point the domain name to another web server, possibly their”copy” of your site.
The thief or hacker can push the domain name in their account. They may even keep your samecontact info about the WHOIS record so it looks like you still have it–but the domain namemay be transferred in their account. When it’s from your account and you no longer command the domain , then they have stolen the domain nameand canresell it. Whenever they begin the transfer then they’veattempted to steal the domain , and when it is moved then it is regarded as stolen. They may keep the same name servers so it points to your site, so you don’t notice that it is stolen.
Digital thieves know that domains are valuable, since they’re Digital assets that can be sold for tens of thousands, thousands, hundreds of thousands, and even millions of dollars. Regrettably, domain namecrimes generally go un-prosecuted. Oftentimes, the domain thieves aren’t found in the same country as the victim. They allhave the same thing in common: they wish to gain monetarily from slipping the domain name. Following is a few domain namecrimes that I’ve found recently:
A company’s account in a domain nameregistrar was hacked (using social technology). The business was involved in cryptocurrency, sogaining access to the domain name allowed for the hackers to get the company’s crypto exchange.
The domain thief introduced as a domain namebuyer, telling the domain nameowner they wanted to buy their domain namefor a few thousand dollars. The buyer and seller agreed to a price, the thief told them they could pay them through cryptocurrency. The seller moved the domain name when they were given details of this cryptocurrency trade. They were scammed, and lost the domain .
A domain name owner that has a portfolio of valuabledomain names gets their account hacked in a domain nameregistrar. The owner does notcomprehend this, and the domains are transferred to another registrar in a different nation. The gaining registrar is uncooperative (or in about the theft), and will not return the domains.
A domain name owner has his or her account hacked in the domain nameregistrar and domains are moved out to a different registrar. Then they sell the domains to someone else, and the domain namesare moved again to a different registrar. This occurs several times, with various registrars. People who purchased the domain names don’t know they are stolen, and they lose any investment they made in the domains. Sometimes it’s hard to unravel cases similar to this, asthere are numerous owners and registrars involved.
All ofthese occurred in the previous two to three weeks. And are only Examples of where the domain name owner could have done something to stop the domain name theft. In the instance of the domain namesale scam, the vendor should have employed a domain nameescrow assistance, there are numerous reputable escrow services, such as Epik.com’s Domain Escrow Services, as well as Escrow.com that handles domain name sales.
Just how do you minimize the danger of your domain namegetting stolen?
Move your domain to a secure registrar.
Log in to your accounts account on a regular basis.
Set up registry (transfer lock) in your domain.
Check WHOIS data frequently.
Renew the domain for several years or”forever”.
Use other security attributes at your own Password.
Protect your domain with a domain name guarantee.
Consider moving your domain nameto a secure domain name registrar. There are registrars that have not kept up with common safetypractices, such as letting you install 2-Factor Authentication inyour account, Registrar Lock (which halts domain nametransfers), and even preparing a PIN number in your account for customer serviceinteractions.
Log in to your domain nameregistrar’s account on a regular basis. I Can’t actually say how often you need to get this done, but you ought to do it on a regular schedule. Log in, be sure to have the domain name(s) in your account, make sure they are on auto-renew, and nothing appears out of the normal. This less-than-5-minute task could literally save your domain namefrom being stolen.
Establish Registrar Lock or”transport lock” in your domain . Some Registrars call it”Executive Lock” or something comparable. It is a setting that makes sure the domain namecannot be moved to another registrar without needing it turned off. Some go so far as keeping it”on” unless they get verbal confirmation that it needs to be transferred.
Check the WHOIS data on the domain . Check it openly on a Public WHOIS, such as in ICANN’s WHOIS, WhoQ, or in your registrar. Make sure it’s correct, even the email addresses. In case the domain nameis using WHOIS Privacy, send an email to the obfuscated email address to ensure to make the emailaddress.
Renew your domain name for several years. I recommend at least 5 Years for precious domains (or ones you don’t wish to shed). You can find a “forever” domain nameregistration in Epik.com.
Ask the accounts in the event the account access can be restricted based on The IP address of the person logging in to the account. Ask the registrar if the account can be restricted from logging in by a USB Device, such as a physical Titan Security Key, or even a Yubikey. In case you have Google Advanced Protection allowed in your Google Account, you may have two physical keys to get that Google Account (and some advanced protection in the Google back-end). You would then have those Advanced Protection keys out ofGoogle to protect the domains on Google Domains.
Look at protecting your domain (s) with a domain name guarantee or support that protects those digital resources, such as DNProtect.com.
Security very seriously, have upgraded their systems”behind the scenes” so to speak. It is more difficult for the fraudsters and thieves to steal domains at these registrars. Some domain name registrars do nothave 24/7 technical support, they may outsource their customer serviceagents, and their domain software is obsolete.
Domain Name Thefts Occurring Right Now
As I write this today, I have been advised of 20 very Valuable domains that were stolen by their owners in the last 60 days. As an example, of two cases I personally affirmed, the domain names were stolen from one particular domain nameregistrar, based in the USA. The domains were moved to some other domain nameregistrar in China. Both ofthese firms who have the domains are, in reality, based in the United States. So, it is not plausible that they wouldmove their domain names to a Chinese domain name registrar.
In the case of the domains, the Exact Same domain namethief kept The domain name ownership documents intact, and they show the priorowners. But in 1 instance, part of this domain namecontact record was altered, along with the former owner’s speech is present, but the last partof the speech is recorded as a Province in China, rather than Florida, wherethe business whose domain name was stolen is situated.
What tipped us off to those stolen domain casesis the factthat both Domains were listed for sale on a popular domain name marketplace. However, these are domains in which the general consensus of this value would be over $100,000 per year, and were recorded for 1/10th of the value. It is too good to be true, and probably it isstolen. The same goes for these domains that are allegedly stolen. The price gives them away, also, in this case, the possession records (that the WHOIS records) also reveal evidence of this theft.
It’s not been more important to take responsibility for your Digital resources, and ensure they are with a domain nameregistrar That’s adapted and evolved with the times. A Couple of moments spent Sensibly, securing your electronic resources, is critical in times such as these. It can be the difference between your precious digital assets and internet Properties being guarded, or potentially subjected to theft and risk.
