Doing business today you are as likely to give out your website address as you are your email or phone number. Your web domain is your business identity on the internet. So you want to use all your power to protect it, right? One cyberthreat you must be aware of is domain hijacking.
You build up your business’s website to represent your brand online. Every bit of content, and all the fonts and images you selected, reflect your business. You probably also have email addresses associated with the domain name (e.g. firstname.lastname@example.org). So, imagine the pain of finding out that a cyberhacker has stolen your domain and nullified all the progress you have made in establishing your business’s brand over the years.
When your domain gets hijacked, you lose control of your website, its email addresses, and all associated accounts. And it’s not easy to recover them.
The Infosec Institute shares examples:
An advertising agency spent $20,000+ AUD and 19 months recovering its stolen domain.
The owner of ShadesDaddy.com lost $70,000+ AUD and had to lay off six of its eight employees. He said domain name theft is “like your house got stolen.” We believe it can be even worse than your house being “stolen”. Your business’s branding is EVERYTHING. Once you lose your domain, website, email addresses and associated accounts, your business is left with little to nothing.
How does a domain get stolen?
There are several ways this can happen to a business or individual.
The simplest is that your domain name expires, and you don’t know it. Domain registrars must send notice one month and one week before the domain expires. But the reminders might go to an email address that is no longer active or to the Web company that set your site up years ago and with whom you no longer communicate.
Once your domain rights lapse, the site gets disabled. After that, the domain name goes back into a pool of domain names for anyone to buy.
There are people who make money from purchasing domains. They hope to make money off your company’s desperation to get its domain back. Or they profit from redirecting traffic from your reputable web address to their own.
Then there are the hijackers. These cybercriminals also want to profit from web traffic redirects or to access your domain emails to send false invoices. They might intercept emails sent to your domain to learn proprietary information. They could change the content on your site or redirect traffic to a hub for online gambling, or worse.
The hijackers might steal your domain by gaining access to the email account you used to set up the domain. Cybercriminals might use phishing emails to obtain the access credentials. They use the password reset mechanism to take over your account and transfer the domain to a different registrar.
Your domain registration company could be compromised, too. It helps to pick an accredited registrar for your domain registration.
Any of these scenarios can have a serious, lasting impact on your business. Once someone else has access to your domain address they can do whatever they want with it.
Protect Against Domain Hijacking
The first step is to protect your access credentials. Leveraging two-factor authentication can also help prevent hijackers from stealing your domain. A registry lock can also help. It requires more communication if someone tries to change domain registration. This lets you know of suspicious activity and gives you some time to react.
It’s also important to know who is managing your domain name and how it is being managed. Inteck IT can take care of this ongoing process for your business. Reach out today! Call us on 1300 39 65 65 or (02) 8722 0439.