Domain theft – what is it and how to avoid it?

Valuable tips for safer domain management!

The fact that our internet use spreads over more age groups and social classes probably does not come as a surprise to any of us. According to figures from “Swedes and the Internet 2019” (an annual report made by the Internet Foundation) almost 95% of the Swedish population states that it has access to the internet. With an increasing amount of internet users, the number of people to reach out to is also increasing. Which also sets higher demands on you as a company – in terms of, among other things, communication and security.

A key to a successful digital presence is to have domain names that are easy to remember and easy to pronounce. Protecting your website user’s safety is also a must. However, a “good” domain name can be desirable by others as well, so you should also look at what your security routine looks like. The last thing you want is to have your domain name stolen!

 

What is domain theft and how does it work?
Yes, domain thefts do happen. And it is exactly what it sounds like – someone steals your domain name.

 Let’s say that your company has a large e-commerce that is heavily dependent on the right domain name. What would you do if you one day realize that someone stole it? Your entire business is probably based on a functioning domain name and all the daily traffic on your website associated with the domain.

You would probably panic when you realize that it no longer works, or worse – that your domain displays content other than yours.

If this happens, you may have been a victim of domain theft. A third party has been given access to your domain and its information and can be able to make a transfer, with all that it entails.

 

How can this happen, you might ask?
There are many ways for third parties to take control of your domain names in cases where domain names are handled with gaps in the security routine. One way could be that someone is misleading you by claiming to be your domain registrar, in order to get you to disclose your login information.

Another way could be that a hacker has managed to access your login information via the email address associated with the domain name. If you use the same password for different services on the internet, the probability increases that someone can take control of your e-mail and thus gain access to your domain name.

A third scenario may be that you have had an e-mail address with a login to your domain management that has been linked to a domain name you have chosen to terminate. When someone then registers the domain name, they may have accessed the information through recreating the email address.

 

How do you protect yourself from domain theft?
Most essential to avoid losing important domain names is to have a good and reliable domain name provider. The decision of provider is critical, do your research and make sure to choose a domain provider that has a high security system. Also, choose a domain name provider that has a competent and fast support team that can help you in critical situations. In addition to have a reliable and competent domain provider, it is important that you use advanced passwords which you continuously update, if possible apply two-factor authentication to reduce the risks. Also make sure that you have control over your domain names and associated email addresses, and that you continuously monitor whether anyone registers domain names that allude to your name and / or trademark.

Also, keep an eye on your inbox for e-mails that you consider to be “Phishing” attempts. If you receive suspicious e-mails from someone who claims to be your domain provider and they encourage you to click on links or leave login details, please do not! Upon detection of such a mail, contact your provider’s support so they can decide if it is actually a “Phishing” attempt.


Using an outsourcing partner like Dotkeeper to handle your domain management minimizes risks and increases the security of your business-critical domain names. Working actively to prevent domain theft and other digital frauds are critical parts for your business and something that you should consider having detailed strategies for.

 We are happy to develop domain strategies and policies that help you act both proactively and reactively when it comes to digital infringements. Contact us at hello@dotkeeper.com and we’ll tell you more!

 

Sources:
https://securitytrails.com/blog/preventing-domain-hijacking-10-steps-to-increase-your-domain-security

https://svenskarnaochinternet.se/app/uploads/2019/10/svenskarna-och-internet-2019-a4.pdf

https://domainnamewire.com/2010/04/05/8-clues-a-domain-name-is-stolen/