How do people steal domains?

[snareklutz]

I was just wondering, how are domain names stolen?

-Snareklutz

 

[armstrong]

I doubt anyone would openly teach you how to steal. Perhaps a more appropriate question would be "how to keep your domain name from being stolen?"

Some answers that come to mind:
- protect your email; determine who might be able to gain access; if you are using email under one of your own domains, for example, then your hosting company (having control of the server you are on), has this power; all the more reason to avoid fly-by-night hosting; if you opt to use free emails, then you don't have this hosting exposure, but make sure its from a popular source (like yahoo or google) and an active email that won't get deleted and made available to anyone
- use long, random passwords; and security question&answer that are different for every website you visit, and without basis in reality (i.e., "Where were you born" -> "Babylon9X")

 

[RJ]

Indeed. Protecting your email account is the most important important!

Also make sure registrar-lock is enabled on your domain at the registrar. It's on by default at most places, but if it's off someone can initiate a transfer.

 

[Complete Hostings]

at www.aplus.net i think you have to pay extra or does it come with it?

 

[Redleg]

Install and frequently use spyware scanners on your computer is a good idea as well..
Username/password loggers can be quite nasty..

 

[snareklutz]

Indeed. Protecting your email account is the most important important!

Also make sure registrar-lock is enabled on your domain at the registrar. It's on by default at most places, but if it's off someone can initiate a transfer.

Just interested, so if a domain is not locked, a transfer can be made without me knowing? Amazing...

 

[armstrong]

Just interested, so if a domain is not locked, a transfer can be made without me knowing? Amazing...

No, if the domain is unlocked, the transfer can be made even without the owner authorizing it. He'll still be notified via email, and have a chance to decline the transfer.

 

[Veolus]

Just try to make your password really hard i guess... :D

 

[primacomputer]

There are so many ways to steal a name that it would be beyond th scope of a post to describe them all. Any howto protect against is a howto do. I guess if I phrase things in a “prevention” sort of way then I won't loose any sleep.

As others have said, use strong passwords, different password, hard to guess questions, etc. This is common sense. So is keeping your machine clean of spyware.

Keep your contact information up to date. Check to make sure it is correct. I couldn't even count the number of names I have seen people loose because their ISP changed their mailbox or their spelled their ISPs name wrong. Your thief can register the typo and steal the name, or better yet wait till the name expires because you missed the notice.

Don't click emails from your registrar. Type their URL into the address bar. Despite what Microsoft may want you to believe, it is still trivial to spoof a URL.

Only check your email from a secure machine. Using an internet cafe is a risk. So is a wireless network. So are services that let you check mail on multiple accounts and view it in one place. Use an appropriate definition of “secure machine” depending on the value of you name and your paranoia. An office LAN may not be secure. I have (legitimately at the request of the owners) monitored an office network to collect all sorts of information, passwords included.

There are some things you can not really protect against, but may want to be aware of in case an “inexplicable” transfer happens. It is possible (trivial with certain servers) to bombard a machine with forged DNS information, causing it to resolve the wrong address for a name. If this was done to a mail server while it was relaying a transfer request then a name could easily be stolen. I have never seen this used to steal a name, but I have seen it used for other things.

While most transfers take place online, they can take place in the real world with good old paper. The story with sex.com has received a lot of press over the years. I have seen this happen to other names. It is not an isolated case. Not much you can do to protect yourself here though.

 

[Dave_Z]

Great posts, everyone!

snareklutz, just remember that no system is 100% invulnerable. A determined
hijacker will find attempt to find and exploit any weakness s/he finds in an
otherwise secure system.

Just anticipate as much as you can. The other posters have already given
clues and specifics on what may need work, those we can control.

Let me add another to those already provided: establish a network of people
around here and other places. Some people here have a wealth of experience
dealing with this, and they'll gladly help in any way they can.