StatusCake

How to Avoid Domain Hijacking

After you register the domain for your website, you might take pride in owning your company’s online address. However, from a legal standpoint, you don’t own it. While you can register it, thieves can hijack it from you. Domain hijacking does not receive a lot of attention, but it is a real threat. Domain hijacking is also very frustrating, as it is relatively easy for thieves to hijack a domain, and once they get control, it can be very difficult and expensive to regain it.

Domain hijackers take advantage of security weaknesses at your domain registrar, your email service, or your own security practices. The technical details are quite lengthy, but basically, thieves get control of your domain by convincing your domain registrar that they are you. Then, the thieves transfer your domain to their own account, usually with a registrar located in a different country. Thieves hijack domains for several criminal reasons, but the usual motive is to take control of your domain and then sell the registration back to you.

Domain hijacking is very costly. According to Symantec, a US-based security software company, the annual cost to firms from domain hijacking is about $400 billion (£310 billion). Many high-profile domains have been hijacked in the past, including Google, Forbes, Twitter, and the New York Times.

If thieves hijack your domain, recovering it can be very difficult. If you think that you have been the victim of domain hijacking, you should immediately notify your domain registrar. In some cases, your registrar can help you regain control of your domain if you can prove to their satisfaction that it has been hijacked. However, in many cases, the only recourse that you will have is a lengthy and costly litigation procedure to try to regain control.

Of course, the best way to deal with domain hijacking is not to have it happen in the first place. There are steps that you can take to minimise the risks:

  • Choose your registrar wisely. There are hundreds of domain registrars in existence, so be sure to conduct your due diligence to make sure that your domain registrar is reputable.
  • Keep your contact information current. Most registrars use email to keep in contact with their clients and to reset passwords, so be sure that your registrar has the correct email address for you.
  • Create a secure password. Weak passwords are one of the main reasons that domains get hijacked. Be sure to choose a password that is not easy to guess, and only provide access to the password to individuals in your company who absolutely require it.
  • Use a private personal identity. Thieves often do an internet search to find the contact information for domains, so consider registering your domain using the WHOIS Privacy Service, which will keep your contact information private.
  • Monitor your domain. Frequently check your domain for any unauthorised changes, and promptly notify your registrar if you notice anything unusual.
  • Lock your domain registration. Most registrars will allow you to lock your registration, which will prohibit a third party from transferring, modifying, or deleting it.
  • Renew your domain on time. Be aware of the expiration date for your domain registration and renew it before it expires.

By taking these steps, you can help avoid the expense and hassle of attempting to recover a hijacked domain in the future.

Share this

More from StatusCake

developer tools
short-reads

Software developer tools to increase productivity 

5 min read In this blog post I want to go over some of the software I use alongside my IDE/version control tools during my day-to-day work. These tools allow me to cut down on wasted time spent doing things inefficiently, track my work, take notes, and generally make my life easier.

statuscake github
Engineering

StatusCake GitHub Projects

4 min read I allows users of the platform to come up with custom ways of interacting and making our tools work for their specific needs. In this blog post I’m going to look at a few recent projects on GitHub that use the StatusCake API to either save you time or do something interesting with your test data.  

downtime
short-reads

The one where the Lloyds Banking Group suffered downtime

2 min read It’s estimated that over 18 million people in the UK use online banking. So when the Lloyds, Halifax, and the Bank of Scotland online banking platforms all suffered partial downtime, millions of people were unable to access their accounts properly. Find out more here!

google maps down
Engineering

Website downtime: The one where Google Maps went down

2 min read March saw many of the big tech companies have technical issues with their products and services. But the biggest one was by far the colossal Google; Google Maps experienced the much dreaded website downtime impacting thousands of users across the globe. It was reported online that Google Maps had suffered a partial outage meaning that many couldn’t access the location tool. Read all about it here.

website accessibility
How To

Website accessibility for all, by all

4 min read
It is so important that every aspect of the web is accessible to all, and if – like me – you work in digital, then it is our responsibility that we make that happen. Here’s how!

Want to know how much website downtime costs, and the impact it can have on your business?

Find out everything you need to know in our new uptime monitoring whitepaper 2021

*By providing your email address, you agree to our privacy policy and to receive marketing communications from StatusCake.