A Way to Steal Your Domain
In the wild and wooly days of the internet people would occasionally find their domain names in the "hands" of
another owner. The process is called hijacking and is as illegal as any other form of theft. The problem
is that it was hard to prove.
These days registrars take a few more precautions and have greatly updated security. If your domain lands in
someone else's hands today it's likely because the domain expired and you just lost the rights to it. Make
sure you keep your registration up to date and that won't be a problem.
Still, hijacking is still possible and the following article goes into the problem and the solution in more
Article by Subhash Kumar
Domain hijacking is the process by which internet domains are basically stolen. Many people
confuse domain hijacking with the "reuse" of an expired domain. One is a legal process and one is not. Domain
hijacking is theft, reuse of an expired domain is "opportunity usage".
Domain theft is an aggressive form of domain hijacking that usually involves an illegal act. In most cases,
identity theft is used to trick the domain registrar into allowing the hijacker to change the registration
information to steal control of an unexpired domain from the legitimate owner.
In domain hijacking or domain slamming for some reason, you can't get into your own domain, you're not receiving
email from that domain, and you discover that it's now registered to someone else. Needless to say, to a small
online business this can be devastating.
It could happen for a number of reasons. Maybe you have a particularly valuable domain name that someone wants
to sell. In fact, .com domains are supposedly more likely to be stolen than any others. It's also possible, though
unlikely, that whoever stole your domain did it as an attack on your business or you personally.
This is also done by sending a forged fax to the domain registrar, impersonating you (the registrant.) Other
attacks are more subtle: the email that tells you your domain name is about to expire, and that you need to renew.
Are you sure that email is actually from your registrar? That last form of attack is called domain
slamming, after a similar and now illegal practice formerly engaged in by certain phone companies, which
switched user's long distance phone companies without their knowledge or consent.
Domains can also be hijacked when registrars don't follow all the procedures. The gaining registrar (to
whom the domain is transferred) is supposed to get the approval of the domain name registrant or administrative
contact before going forward with the transfer.
Likewise, the losing registrar (from whom the domain is being transferred) is supposed to notify the
registrant of the transfer during the five-day grace period before the transfer is completed. Either way, that's
YOU if it's your business. You can deny approval of the transfer, but only if you know about it.
Protection from Domain Hijacking
All it takes is one easy step to protect yourself from potentially losing your domain name in this manner. You
can place a 'lock ' on your domain name. Your domain name registrar should allow you to lock your domain name
either by phone, fax, email, or online domain manager using your login and password . Your domain registrar will
let you know which method they require. Once a lock is placed on your domain name, a transfer of registrar cannot
be completed unless the lock is removed by you.
To check if your domain is locked or not, visit www.NetSol.com, click
on the 'Who-Is' section of the site, then enter your domain name. Scroll down below the registration information
and look for the section that says, 'Lock Status'. If this says, 'REGISTRAR-LOCK ' then your name is protected. If
this says, 'ACTIVE' then your domain name is not locked and your domain name is not protected.
Most, if not all, registrars provide domain locking functionality. They may or may not charge for it and they
may or may not activate it by default. Make sure that you verify for yourself that all your domains are locked.