How do you protect your domains?

[Peter]

Hey all

Just been dealing with a stolen domain name and a few things crossed my mind.

1) If you have/had a valuable domain name how would you protect it from thieves?

2) If a domain was stolen from you and it had to go to a WIPO how would you prove the domain was stolen?

3) If you bought a domain name and then found it was possibly stolen would you transfer it back to the original owner? If so what proof would you ask for first.

Here are my personal answers to these questions:-

1) Ensure registrar lock is enabled, do not use a free email for the whois, use a different email address for the registrar login, use secure passwords, ensure I keep upto date on any changes to the domain name.

2) To be honest I have absolutely no idea what I would do here. The problem is that when someone steals a domain they either push it to another account or transfer to another registrar. This could simply look like you just sold it. Would have to find a way to prove that although they found out the auth code that you never told them it or allowed the transfer. If the whois does not show abnormal changes this is very difficult.

3) This is a very difficult question to answer. If I received sufficient proof I would of course transfer the domain back and if possible liaise with the original owner and the police to find who the thief was. But as my answer to number 2 shows (in my eyes anyway) it is extremely hard to prove ownership.

What are your thoughts?

 

[bmugford]

3.) Yes there is no doubt. It is just the right thing to do. I have first hand experience with this happening from a deal on NP in the last few months, despite all possible due diligence on my end.

Once I was provided ample proof as to the claim, I was willing to transfer it back to the original owner.

You only have one reputation, and really no domain is worth ruining it. You don't want to get a label as dealing in stolen goods.

Brad

3) If you bought a domain name and then found it was possibly stolen would you transfer it back to the original owner? If so what proof would you ask for first.

 

[Peter]

Very good decision bmugford. You are 100% correct reputation is EVERYTHING. Without that it does not matter how much money you have, you would be worthless.

On a side note. This has got me thinking more. If I had this happen I would look towards a WIPO however on investigation I find this would be no use. The following is a quote from a stolen domain case:-

The jurisdiction of this Panel is limited to providing a remedy in cases of “abusive registration of domain names”, also known as “cybersquatting”: Weber-Stephen Products Co. v. Armitage Hardware, WIPO Case No. D2000-0187.

WIPO have no jurisdiction in such a case. Only course of action is a legal dispute and as the internet crosses many borders it is unlikely you would have a good outcome and would you have anywhere near enough money to pursue. And depending on what country they are in this may not even be an option.

 

[SebastianJu]

> 1) Ensure registrar lock is enabled

As I understand if you unlock a domain then it can be taken to another registrar. So I didnt do this way till now and Im asking myself dont they ask if they should move a domain?
Shouldnt it be that I unlock it, the buyer wants to transfer, my registrar is asking me and then the domain is moved? If so it shouldnt make a difference if locked or unlocked.
If not it would be easy to steal a domain. Simply find an expiring auction where the domain is sold, find out the registrar and then let your registrar move the domain to your account. Because the seller will have unlocked it for the original buyer...

Someone knows?

Greetings!
Sebastian

 

[Peter]

registrar lock does indeed stop a transfer. Depending on the extension they would also need an auth code some other domains require the registrar to change the tag on the domain instead of having an auth code. And yes they do send an email to ensure that a transfer should be initiated.

HOWEVER say for example your whois email is the same as the email used to register at the registrar. If they manage to gain control of your email account they can use the forgot password feature of your registrar, log in, get the auth code, initiate a transfer away then click on the link in the transfer request email. 5 days later you have little recourse and have no control of your domain.

That is purely 1 method there are of course others, in fact the year before last if you had a Gmail account they did not even need control of the email account they could use an exploit to forward all emails to another address. By the time you would have worked out what was going on it would most likely be too late.

 

[DomainReseller]

Surprisingly, a substantial amount of online crime is performed by individuals based in the United States. If the proper information is logged and the right people are contacted, quite a bit can be done by the victim of such a case. Based on personal experience, local law enforcement rarely has the ability to deal with online crime. It's safe to assume in most cases that the crime was committed either nationally or internationally.

One course of action I would recommend is contacting the FBI's cybercrime department. After speaking to some the SACs at the local headquarters, I discovered that there are some restrictions on which cases can be dealt with by their agency. In Texas, the FBI generally won't touch the case unless the damage total over $5,000. One of the struggles is proving the value of a domain name in order to initiate such action. A loophole for this issue is to spend the additional money on attempts to recover the stolen item.

As a website/webserver security professional, I receive questions like this on a regular basis.

Many of you are familiar with social marketing. One recommended course of action is posting information about the stolen domain name on forums like NamePros.com.

In response to the issue regarding proof of ownership, there are some tools available online to obtain detailed reports of ownership changes, nameserver modifications, and more.

One often overlooked fact is that the unauthorized use of an account belonging to someone else is a form of identity theft.

To increase the security of your online activities, I strongly recommend securing your email account(s). One of the most harmful hacking methods is brute force attacks on an email account. Once access to the account is obtained, the attacker can simply use the "Forgot Password" link on most of the sites on which you have an account. The first basic method I recommend is a strong password. Due to an increase in online crime, it's surprisingly common to use 20+ character passwords (including special characters).

Additionally, some registrars are known for better assisting customers with cases like this. I recommend doing a little bit of research before you choose a specific registrar for your next domain name registration/transfer.

 

[Spade]

What frustrates me is the problem of the "Stolen and Sold" domain. An owner who loses their domain to fraud of anykind gets their domain name back, but you the buyer loses your money because the original owner didnt properly protect himself? This slope obviously gets even more slipper due to a buyers obligation of due dilligence (ie. too good to be true)...

 

[Peter]

thing is spade it isn't always the original owners fault. Wherever humand are involved there is a weak part.

Many domains are sold using social engineering. Most security questions companies use are legally obtainable information.

Many services use place of birth, mother maiden name, date of birth etc etc as security questions, I could obtain these if I had your name. Also I see it in my work, people call up unsure of the answer and people help out of sympathy. Social engineering is all about getting someone to help you because they feel obliged too.

 

[Kate]

You need to take advantage of whatever security measures are made available by your registrar.
For example enom/namecheap has security options whereby you can be notified by E-mail of every login, change of domain settings etc. More than once I was notified of failed attempts to log in to my Enom account

BTW Wipo has been successfully used to recover stolen domains, even though such cases are somewhat beyond their scope.

 

[Peter]

BTW Wipo has been successfully used to recover stolen domains, even though such cases are somewhat beyond their scope.

Looking at the cases however that only seems to be if you have a TM and can prove it.

 

[Auraka]

These are my answers to question one:

1. For important domains transfer them to pairnic/moniker/fabulous. All of which have enhanced security measures. Pairnic makes you send in ID and a special code before they'll unlock a domain once you set it to be locked. Fabulous has e-lock and Moniker has maxlock.

2. Keep good relationships with the industry. I'm confident that if any name I own is sold and transferred to one of the bigger registrars I can get it back in a matter of hours through the relationships I have created.

3. Use a different password for your email than you do all of your domain accounts and make sure each of those accounts has a different password. Never use free-wifi unless you can VPN to some place secure or tunnel http traffic over ssh.

 

[Spade]

thing is spade it isn't always the original owners fault. Wherever humand are involved there is a weak part.

Not Entirely Disagreeing with you - However its almost never the buyers fault - yet he seems to be the one that takes the hit.

 

[Dave_Z]

To increase the security of your online activities, I strongly recommend securing your email account(s).

And your computer, too. Both your computer and your email are practically 2
ways one can hijack your domain name.

Looking at the cases however that only seems to be if you have a TM and can prove it.

Unfortunately that's true. UDRP was used to recover xi.com and a few others,
but its 3 conditions must be met.

Some folks here already gave some pretty good suggestions. But I guess the
real dilemma is what to do if it's already happened.

To that, I say you contact your registrar right away as timing can be critical.
It's a reality that not every hijacking case might be solved, but one just does
what they can under the circumstances.

Oh, and don't expect it to be resolved overnight. These things take time, and
be ready to tackle the worst.

 

[zigmund]

Best protection -> I don't have any domainz, so I have nothing to worry about.
BTW what occupation is that doimanner? :lol: