How To Prevent Domain Name Hijacking?

Domain name hijacking is proliferating around us and it happens everywhere whether in Internet cafes or in secluded rooms. Many people make a living from stealing others’ domain names.

But luckily, there are ways to prevent this from happening. These are common methods of domain hijacking you should be aware of:

- Social engineering or an attempt to pose as a registrar (company that manages domain names) as a way to fool the registrant (owner of the domain name).

- Registering expired email addresses to pose as the registrant and convince the registrar to transfer the ownership of the domain. 

- Registering very recently expired domain names and it may happen minutes after the actual expiration. It occurs when the registrant (domain owner) fails to extend the ownership in time.

- Spyware or hacking

- Counterfeiting of account verification data and transfer authorization.

- Data theft by disgruntled employees

- Email server hacking to gain access of email accounts, which allows the hijacker to pose as the registrant

The ultimate motivation of domain name hijacking is money, although others aim to sabotage specific websites. Some domain names are very expensive, especially those that constitute one word or very popular phrases.

Some hijackers would do it just for the sake of challenge, despite the negative reputation they might get. However, often hijackers simply sell the recently acquired domain name to unknowing parties for a significant amount of money.

Redeeming stolen domain name can be very difficult, if it has been sold and legally owned by other parties and the hijacker is nowhere to be found. 

Hijackers often spirit away stolen domain names and they try to sell domain names quickly through auctions or other methods.

Often when victims discover that their domain names are no longer in their possession, their domain names have been claimed by third or fourth registrant, which makes it exorbitantly difficult, if not impossible to reclaim them back.   

Prevention

Outright protection is the best way to deal with domain name hijacking. Hijackers are often experts in domain registration service and they know how to take advantage of its common weaknesses.

These preventive measures can help to minimize the possibility of domain name hijacking:

• Update your contact information with your service provider and registrar. Hijacking can happen if someone takes possession or use your expired email address or previous phone numbers. If your contact information is accurate and updated, it’s easier for the registrar to detect hijacking attempts. Never provide false information or contact data.
• Work with only reputable registrar. There are virtually thousands of registrars to choose from in the Internet. Checks for complaints abound on unresponsiveness or lack of service by unreliable service providers. It is unlikely for dishonest registrar to help you if your domain name is hijacked. A dependable registrar will send the domain transfer confirmation to you before the actual transfer occurs.    
• Don’t let your email address expires. Email address is essential in managing your domain names and it can also be used to access your username and password. Because many service providers send transfer confirmation through the email, you should make sure that the email account stays active and you have full control of it. Allowing your email address to expire can make you vulnerable to domain name hijacking.
• Keep username and password in safe place. You shouldn’t divulge critical information to other people, even to those from the service provider.
• Use Whois privacy service, to make it more difficult for hijackers to fool the system.
• Keep tabs of your account data for any changes. By quickly identifying an illegal change, the more likely you can forestall the domain name hijacking attempt.

These preventive measures can help to minimize the possibility of domain name hijacking!