Domain Hijacking: How Thieves Steal Your Online Identity

One of the more unpleasant aspects of the online world has to do with theft. The worst type of theft committed online is that of domain hijacking. Domain hijacking is the act of changing a website’s registration details illegally, or without the permission of the current registrant. Knowing the ways domain hijackers operate can help website owners to protect their domain names and the hard work that goes into developing a website around them.

Social Engineering

One of the most popular ways to steal a domain name is through what is called “social engineering”. This can apply to a number of cyber situations, but in the case of domain theft, it is when a person acts as an impostor to communicate with a registrar and change the registration details.

Registrars should have security protocols in place to prevent this, but a determine cyber thief may be able to get around the more lax operations.

Lapsed Emails

A lapsed email a registrant has used with a registrar may be re-registered and used to reset a password. The hijacker can then go into the registrant’s account to change the details of their domain names.

This is less likely, but still a concern. Keeping contact details up to date should be a major priority for anyone holding valuable domain names.

Hacking and Spyware

Hackers can either target the registrar itself if the security is lax, or they can go after the registrant’s email address to find the information. Some email addresses have had vulnerabilities exploited, leading to some rather serious cases of domain hijacking, along with some registrars as well.

Spyware installed on a registrant’s computer can also harvest important log in details which can be used to access email addresses and registrar accounts to change registration details.

Domain Sniping

While not technically illegal, domain sniping is commonly associated with domain hijacking. All domains expire after a certain amount of time. Some hijackers will keep an eye on registration details, and if it has not renewed, may use software scripts to register the domain the instant it is available.

While not illegal, it is in a grey area of sorts as far as ethics goes.

Reverse Domain Hijacking

Reverse hijacking occurs when a trademark holder accuses a registrant of cybersquatting in order to force them into giving up a domain name to avoid litigation. In these cases, a trademark owner may not have a right to the domain, but knowing that the current owner is unlikely to have the resources to contest the claim, they issue the cybersquatting complaint as a strong arm tactic.

Each of these approaches can completely wipe out the hard work a website owner has put into acquiring a domain and building a business. Take the necessary precautions to safeguard your domains, their information, and the businesses that they help to power. Do not forger to change your passwords often and protect your email address as well as your computer.

0 Responses

  1. [...] This is the first time I’ve heard of something like this. I had no idea this sort of thing happened, or how common it is. [...]

Leave a Reply

Your email address will not be published. Required fields are marked *