Recently, there’s been an uptick in the number of domain names That are being stolen. I am not positive if it’s because of the globalpandemic and folks are getting more desperate for cash, or if domain thieves are taking advantage of the changing digital and techenvironment. COVID-19 is causing more of us to become online and conduct business online. But that also means that many do not fully understand how to properly protect their digital assets, such as domains. This may be why we are seeing more and more online scams, phishing like Google Ads phishing, and online theft generally.

Digital Assets

While I think of digital assets, I believe of several distinct kinds. Our digital assets may include access to a bank account online, access to accounts like cryptocurrency accounts, and payment tradesites such as PayPal, Masterbucks, and Venmo. Then there’s online shopping websites’ logins, for example Amazon, Walmart, Target, and eBay, where most likely you have an account where your payment data is stored. Apple Pay and Google Pay would be others, as well as your website hosting account that handles your email (unless you utilize Gmail.com or Outlook.com), and, ultimately, your domain name. In case your domain goes lost, then you lose a lot: access to email, as well as your site most likely will go down, where you’ll lose visibility, online sales, and clients. Online thieves are hacking websites and anywhere there is a login, because they’re trying to access your digital assets.

Many of us are now Utilized to safeguarding our online accounts by utilizing a Unique, protected password for every login that we’ve got online. An significant part protecting digital assets, and domains, would be to ensurethatyou have a safe password and two-factor authentication set up to your login at your domain registrar. Oftentimes, if a thief gains access to an account at a domain registrar, the consequences can be disastrous if you do not have additional protections in place to protect your domain name.

Hackers who gain access to a domain registrar’s account may do several things that would interrupt your business:

The thief or hacker could make modifications to the DNS records for your domain name.

The thief or hacker could push the domain name into their account. They might even keep your contact info on the WHOIS record so thatit looks like you still own itbut the domain may be transferred into their account. When it’s out of your account and you no longer control the domain name, then they’ve stolen the domain and mayresell it.

The thief or hacker could move the domain name from that registrar to another registrar. As soon as they start the transfer then they haveattempted to steal the domain name, and when it’s moved then it’s considered to be stolen. They can keep the same name servers so that it stillpoints to your site, and therefore you don’t detect that it’s stolen.

Digital thieves know that domains are valuable, because they’re Digital assets that may be sold for tens of thousands, tens ofthousands, hundreds of thousands, as well as millions of dollars. Unfortunately, domain crimes typically go un-prosecuted. Oftentimes, the domain thieves are not found in the same country as the victim. All of themhave the same thing in common: they wish to gain monetarily from slipping the domain name. Following is a couple domain crimes that I’ve seen lately:

A company’s account at a domain registrar was hacked (using social engineering).

The domain thief introduced as a domain buyer, telling the domain owner they wanted to purchase their domain for several thousand dollars. The buyer and seller agreed to a price, the thief told them they could pay them through cryptocurrency. The seller moved the domain name once they had been given details of the cryptocurrency trade. After the seller attempted to access the cryptocurrency and”cash in”, it was invalid. They had been scammed, and dropped the domain name.

A domain name owner who has a portfolio of domain names gets their account hacked at a domain registrar. The owner does notcomprehend this, and the domains are transferred to another registrar in another country. The gaining registrar is stubborn (or in on the theft), and won’t return the domains.

A domain name owner has his or her account hacked at the domain registrar and domains are moved out to another registrar. Then they sell the domains to somebody else, and the domain namesare moved again to another registrar. This occurs several times, with different registrars. People who purchased the domain names do not know they are stolen, and they shed any investment they made in the domains. At times it’s difficult to unravel cases like this, sincethere are numerous owners and registrars involved.

All these happened in the previous two to three weeks. And so are just In the case of the domain sale scam, the seller must have used a domain escrow assistance, there are numerous reputable escrow services, such as Epik.com’s Domain Escrow Services, as well as Escrow.com that handles domain name sales.

Just just how do you minimize the danger of your domain getting stolen?

Move your domain name to a protected registrar.
Log in to your accounts account on a regular basis.
Set up registry (transfer lock) in your domain name.
Check WHOIS data regularly.
Renew the domain name for several years or”forever”.
Take advantage of additional security features at your own Password.
Protect your domain using a domain name guarantee.

Consider moving your domain to a protected domain name registrar. You will find registrars that haven’t kept up with common securitypractices, like letting you set up 2-Factor Authentication inyour account, Registrar Lock (which halts domain transfers), as well as preparing a PIN number in your account for customer supportinteractions.

Log in to your domain registrar’s account on a regular basis. I Can’t really say how often you need to get this done, but you ought to get it done on a normal schedule. Log in, be sure you stillhave the domain name(s) in your account, make sure they are on auto-renew, and nothing appears out of the normal. This less-than-5-minute task could literally save your domain from being stolen.

Establish Registrar Lock or”transport lock” in your domain name. Some It’s a setting that makes sure thatthe domain cannot be moved into another account without needing it turned off. Some go as far as maintaining it”on” unless they get verbal confirmation that it should be transferred.

Check the WHOIS data on the domain name. Check it openly on a Public WHOIS, like at ICANN’s WHOIS, WhoQ, or at your registrar. Make sure it’s correct, even the email addresses. In case the domain is using WHOIS Privacy, send an email to the obfuscated email address to make sure you make the emailaddress.

Renew your domain name for several decades. I recommend at least 5 Years for valuable domains (or ones thatyou don’t wish to lose). It’s possible to get a “forever” domain registration at Epik.com.

Request the accounts in the event the account access can be restricted based on Request the registrar if the account may be restricted from logging in by a USB Device, like a bodily Titan Security Crucial, or even a Yubikey. In case you have Google Advanced Protection allowed in your Google Account, you may have two physical keys to access that Google Account (and some innovative protection in the Google backend). You would then have those Advanced Protection keys fromGoogle to protect the domains on Google Domains.

Consider protecting your domain name(s) using a domain name guarantee or support that protects these digital assets, such as DNProtect.com.

Some domain name registrars, especially those who take domain Security really seriously, have upgraded their systems”behind the scenes” so to speak. It’s more difficult for the fraudsters and thieves to steal domains at these registrars. Some domain name registrars do nothave 24/7 technical assistance, they can outsource their customer supportrepresentatives, and their domain name software is obsolete.

As I write this now, I have been advised of 20 very Valuable domains that were stolen by their owners at the last 60 days. For example, of two cases I personally confirmed, the domain names were stolen out of one specific domain registrar, based in the united states. The domains were moved to another domain registrar in China. Both these companies who own the domains are, in reality, based in the United States. So, it’s not logical that they wouldmove their domain names to a Chinese domain name registrar.

In the case of both domains, this same domain thief kept The domain name ownership records intact, and they show the priorowners. But in 1 case, part of the domain contact record was altered, along with the prior owner’s address is current, but the last partof the address is listed as a Province in China, and not Florida, in whichthe firm whose domain name has been stolen is located.

What tipped us off to these stolen domain is that both Domains names were listed available on a popular domain name marketplace. However, these are domains where the overall consensus of the value could be over $100,000 each, and were listed for 1/10th of the value. It’s too good to be true, and most likely it’sstolen. The same is true for these domains that are allegedly stolen. The purchase price provides them away, and, in this case, the ownership records (the WHOIS documents) also show evidence of the theft.

It’s never been more important to take responsibility for your Digital resources, and make sure thatthey are using a domain registrar That’s evolved and adapted with the times. A Couple of moments spent Wisely, securing your digital assets, is critical in times such as these. It may be the difference between your valuable digital assets and internet Properties being guarded, or possibly exposed to theft and risk.

Recently, there’s been an uptick in the Amount of Domains I am not sure if it’s because of the globaloutbreak and people are getting more desperate for cash, or in case domain thieves are taking advantage of their changing digital and techatmosphere. COVID-19 is inducing more people to be online and conduct business online. But that also means that many don’t fully understand how to properly protect their digital assets, such as domains.

Digital Assets

When I think of digital assets, I think of several different kinds. Our digital assets may include access to your bank account on line, access to reports like cryptocurrency accounts, and payment tradesites such as PayPal, Masterbucks, and Venmo. Then there is online shopping sites’ logins, for example Amazon, Walmart, Target, and eBay, in which most likely you have an account where your payment information is stored. Apple Pay and Google Pay would be many others, in addition to your web site hosting account that handles your email (if you don’t use Gmail.com or Outlook.com), and, finally, your domain . In case your domain goes missing, then you lose a lot: access to email, in addition to your website most likely will return, where you’ll lose visibility, online sales, and clients. Online thieves are hacking websites and anywhere there is a login, because they’re trying to get to your digital assets.

A Lot of Us are now Utilized to safeguarding our online accounts by utilizing a Unique, secure password for each login that we have online. An significant part protecting digital assets, and domains, would be to ensurethatyou get a secure password and two-factor authentication set up to your login at your domain registrar. In many cases, if a thief gains access into an account at a domain registrar, the results can be catastrophic if you don’t have extra protections in place to safeguard your domain .

Hackers who access a domain registrar’s account may do several things that would interrupt your business:

You’d think that it’s the copy, but the copy could contain malicious code.I’ve even seen them direct online sales from a copy of your website to them so that they profit monetarily from it via identity theft or diverting funds.

The thief or hacker can push the domain name in their account. They might even keep your contact info on the WHOIS record so thatit seems like you still have it–but the domain may be moved in their account. When it’s from your accounts and you no longer command the domain , then they’ve stolen the domain and mayresell it.

The thief or hacker can move the domain name with that registrar to another registrar. Whenever they start the transfer then they havetried to steal the domain , and when it’s transferred then it’s considered to be stolen. They may keep the exact same name servers so it points to your website, so you don’t detect that it’s stolen.

Digital thieves know that domains are valuable, since they are Digital assets that may be sold for thousands, thousands, hundreds of thousands, as well as millions of dollars. Unfortunately, domain crimes typically go un-prosecuted. In many cases, the domain thieves aren’t located in precisely the exact same state as the sufferer. All of themhave exactly the exact same thing in common: they want to benefit monetarily from stealing the domain name. Following is a couple domain crimes that I’ve found recently:

A organization’s account at a domain registrar was hacked (using social engineering). The business was involved in cryptocurrency, thusgaining access to the domain name allowed for the hackers to access the organization’s crypto exchange.

The domain thief introduced as a domain buyer, telling the domain owner they wanted to buy their domain for several thousand dollars. The buyer and seller agreed to a price, the thief told them that they could pay them through cryptocurrency. The seller transferred the domain name when they were given details of this cryptocurrency transaction. After the seller tried to access the cryptocurrency and”cash in”, it was invalid. They were scammed, and dropped the domain .

A domain name owner that has a portfolio of domain names gets their accounts hacked at a domain registrar. The owner doesn’tcomprehend this, and the domains are transferred to another registrar in another country. The gaining registrar is uncooperative (or in on the theft), and will not return the domains.

A domain name owner has her or his accounts hacked at the domain registrar and domains are transferred out to another registrar. Then they sell the domains to someone else, and the domain namesare transferred again to another registrar. This occurs several times, with different registrars. Those who bought the domain names don’t know they are stolen, and they lose any investment that they made in the domains. Sometimes it’s hard to unravel cases like this, sincethere are several owners and registrars involved.

All ofthese happened in the past two to three weeks. And are only Examples of where the domain name owner could have done something to block the domain name theft. In the instance of the domain sale scam, the vendor should have employed a domain escrow service, there are several reputable escrow services, including Epik.com’s Domain Escrow Services, in addition to Escrow.com that handles domain name sales.

So how can you minimize the risk of your domain getting stolen?

Transfer your domain to a secure registrar.
Log into your registrar account on a regular basis.
Set up registry lock(transfer lock) in your domain.
Check WHOIS information frequently.
Renew the domain for several years or”forever”.
Use additional security attributes at your registrar.
Shield your domain with a domain name warranty.

Consider moving your domain to a secure domain name registrar. There are registrars that have not kept up with common securitypractices, like letting you install 2-Factor Authentication onyour accounts, Registrar Lock (which halts domain transfers), as well as preparing a PIN number in your accounts for customer serviceinteractions.

Log into your domain registrar’s accounts on a regular basis. I Can’t actually say how often you need to get this done, but you ought to get it done on a normal schedule. Log in, make sure you have the domain name(s) on your accounts, make sure they are on auto-renew, and nothing appears out of the ordinary. This less-than-5-minute task could literally save your domain from being stolen.

Set up Registrar Lock or”transport lock” in your domain . Some It’s a setting that makes sure thatthe domain cannot be transferred into another account without having it turned off. Some go so far as maintaining it”on” unless they get verbal confirmation that it needs to be transferred.

Check the WHOIS information on the domain . Test it openly on a Public WHOIS, like at ICANN’s WHOIS, WhoQ, or at your registrar. In case the domain is using WHOIS Privacy, send an email to the obfuscated email address to make sure you get the emailaddress.

Years for precious domains (or ones thatyou don’t wish to lose). You can find a “forever” domain registration at Epik.com.

Request the registrar if the accounts access can be restricted based on The IP address of the person logging into the accounts. Request the accounts if the accounts may be restricted from logging in by a USB Device, like a bodily Titan Security Key, or even a Yubikey. In case you have Google Advanced Protection enabled in your Google Account, you may have two physical keys to access that Google Account (plus some advanced security in the Google back-end). You’d then have those Advanced Protection keys fromGoogle to protect the domains on Google Domains.

Consider protecting your domain (s) with a domain name warranty or service that protects those digital assets, including DNProtect.com.

Some domain name registrars, especially those who take domain Security really seriously, have updated their systems”behind the scenes” so to speak. It’s more difficult for the fraudsters and thieves to steal domains at those registrars. Some domain name registrars do nothave 24/7 technical assistance, they may outsource their customer servicerepresentatives, and their domain software is outdated.

As I write this today, I have been advised of at least20 very Valuable domains that were stolen from their owners in the previous 60 days. As an example, of 2 cases I personally confirmed, the domain names were stolen out of one specific domain registrar, based in the USA. The domains were transferred to another domain registrar in China. Both ofthese companies who have the domains are, in reality, based on the United States. So, it’s not plausible that they’dmove their domain names into a Chinese domain name registrar.

In the case of both domains, the Exact Same domain thief kept The domain ownership records undamaged, and they show the formerowners. But in 1 instance, part of this domain contact record was altered, along with the prior owner’s speech is current, but the final partof the speech is listed as a Province in China, and not Florida, wherethe firm whose domain name was stolen is located.

What tipped us off into those stolen domain is the factthat both Domains names were listed for sale on a favorite domain name marketplace. But, these are domains in which the overall consensus of this value could be over $100,000 each, and were listed for 1/10th of the value. Remember the 1 year old $150,000 Porsche listed for sale on Craigslist for $15,000? It’s too good to be true, and most likely it isstolen. The same goes for these domains that are supposedly stolen. The purchase price gives them away, also, in this scenario, the possession records (that the WHOIS documents) also reveal evidence of this theft.

Digital assets, and make sure thatthey are with a domain registrar That has evolved and adapted with the times. A few minutes spent Sensibly, securing your digital assets, is imperative in times such as these. It may be the difference between your precious digital assets and internet Properties being safeguarded, or possibly exposed to theft and risk.