How To Prevent Domain Theft
According to domaintheft.org there are a few common ways that thieves are able to take control of a domain name. Many domains are stolen because their owners didn't take the time to follow proper security precautions. At DomainTheft.org we have heard of just about every possible way a domain can be stolen and complied a list of steps you can take to make sure your domains are secure and are transferred safely in the event of a sale.
- Never use Gmail, Yahoo or any other free email service as the contact on your domains.
The #1 way in which domains are stolen is by thieves hacking-into your email account and authorizing a transfer. Free email services have many known exploits and are not secure for domain registration. Use an email address like firstname.lastname@example.org and you will thwart a large majority of attempted thefts.
- Choose a secure password at your registrar.
This may seem like an obvious one but it's amazing how many people use their address, children's names, or birthday in their passwords. If a thief wants to take one of your names they will try passwords like this at your registrar. Use a completely random password with upper and lower-case letters and include a few numbers as well. Remember, if a thief can access your registrar they can transfer as many names as they want!
- Pick a trusted registrar.
Don't pick a tiny registrar that nobody has ever heard of. If you are buying high-value domain names you will want to keep these names with a trusted registrar that has been in business for a long time and has taken proper security precautions. Some of the top registrars for security that are used by domain investors are Moniker, Fabulous, and Name.com.
- Use an Escrow Service When Selling Domains
Make sure to use an escrow service like Escrow.com whenever you sell a domain name. Avoid using Pay Pal and be weary of any buyer that will only pay using Pay Pal. One of the #1 ways that domain names are stolen during the sales process is when a buyer pays via Pay Pal, accepts the domain, and then requests a refund through Pay Pal saying they never received the domain name. Using an escrow service will ensure that the money is secured before you transfer your domain.
- Remember to Lock Domains After Purchase
When you buy a domain name they will sometimes come-into your account unlocked. Make sure all of your domains are locked so that there is an additional step required should someone try to initiate a transfer.
Sites with Same Problem
davidairey.com - Resolved
abduzeedo.com - Prevented - Was able to stop domain transfer before it happened, but all signs indicate the same hacker tried to steal it (email@example.com) - Originally on DreamHost
css-tricks.com - Resolved Originally at GoDaddy, Bad Guy moved to PlanetDomain - Domain is back at GoDaddy.
davidwalsh.name - Resolved Originally at GoDaddy, Bad Guy moved to Name.com then to 1and1 (highly unusual and isn't supposed to be possible) - Name.com is was able to get it back from 1and1, although I don't think it was through cooperation on 1and1's part.
scriptandstyle.com - Resolved Originally at GoDaddy, Bad Guy moved to PlanetDomain - David Walsh is the owner of this domain. Transferred back to GoDaddy on December 6th.
sohtanaka.com - Unresolved Originally at 1and1, Bad Guy moved to PlanetDomain - Soh Tanaka's site is offline (nameservers were removed). PlanetDomain is ready to give the domain back to 1and1, but 1and1 isn't responsive.
designshack.net - Resolved Originally at GoDaddy, Bad Guy moved to PlanetDomain - David Appleyard is the owner of this domain. Transferred back to GoDaddy.
instantshift.com - Resolved Originally at GoDaddy, Bad Guy moved to PlanetDomain - Daniel Adams has domain back in GoDaddy account.
kirupa.com - Resolved Originally on NetworkSolutions, Bad Guy moved to PlanetDomain - Kirupa Chinnathambi has domain back.
shiachat.com - Resolved Originally on 1and1, Bad Guy moved to PlanetDomain. Stolen on October 8, went down on November 24. Ali A. is now has domain back (actually kept it on PlanetDomain instead of moving back to 1and1 because they are so awful).