I'm Bill Hartzer, Director of DNProtect AMA

[bhartzer]

I'm Bill Hartzer, and I am the Director of DNProtect.

I developed the algorithm behind DNP Score, which gives you a free analysis/report of any domain name.

I have also personally dealt with hundreds of stolen domain name cases since DNProtect has been offering the service the past few years.

Ask me anything related to domain name due diligence or stolen domain names.

 

[biggie]

Not sure why that is happening, it may be asking you to log into Federated Identity, not Epik?

Hi

FI, is an epik product and i too was redirected to it, from dnprotect.com sign up link.

also, since the site mentions risk, in relation to potential theft,
then how is risk calculated for domains with no apparent value?

and, since value is subjective,
then wouldn't the risk be subjective too?
i mean, is there a quality standard for the que to query?

and if not, maybe there should be one, which could reduce the load on the servers.
then, maybe the algo could work more efficiently.

just pondering...

imo....

 

[Embrand]

John, you hit the nail on the head. The first thing we have to deal with is the people who think "their" domain name is stolen because they haven't renewed the name. So honestly of the many requests we get the first order of business is to sort that all out. In many cases it becomes a broker-type deal where DNProtect is helping them "buy back" the domain, which usually is cheaper than hiring a domain attorney to file and defend a UDRP.

There are a lot of times where domains aren't actually stolen, and it's another issue that can be resolved. So, when I get those, I usually just point them in the right direction. Such as telling them to call their registrar.

Regarding domain privacy, my view on it is that if you CAN turn privacy off that you should. Use a business address. Use your real name on it. Use a highly filtered email account on the domain. The problem is that if the domain is always on whois privacy, it's tougher to prove, initially, that you own the domain. Usually, when someone gets into a domain registrar account without permission, they immediately put it on whois privacy and then they will transfer the domain out. If it's been on privacy all along, then you don't have the switch from privacy off to privacy on.

Dynadot offers partial privacy, where only the registrant company name or personal name is visible in the whois. The rest is redacted. Do you think this is good enough, or should we display all contact details in the whois?

Also, some registrars offer registry lock, but usually at a hefty price. Do you recommend this for the most premium names, or is that overdoing it?

 

[bhartzer]

Hi

FI, is an epik product and i too was redirected to it, from dnprotect.com sign up link.

also, since the site mentions risk, in relation to potential theft,
then how is risk calculated for domains with no apparent value?

and, since value is subjective,
then wouldn't the risk be subjective too?
i mean, is there a quality standard for the que to query?

and if not, maybe there should be one, which could reduce the load on the servers.
then, maybe the algo could work more efficiently.

just pondering...

imo....

Risk is calculated based on the "setup" of the domain, such as whether or not the domain is registered for 5+ years in the future, whether or not DMARC is set up, if the domain is blacklisted, etc.. At no point is a domain's value taken into account. Value IS subjective, so we don't look at it. Risk is not subjective.
There's always room for improvement in the queue. There are ways that a domain can be put in the front of the line so to speak. For example, I have the ability to enter a list of domains and run all of them at once. There is no quality standard, as we'd have to determine "quality" first, so why even do that?

 

[bhartzer]

Dynadot offers partial privacy, where only the registrant company name or personal name is visible in the whois. The rest is redacted. Do you think this is good enough, or should we display all contact details in the whois?

Also, some registrars offer registry lock, but usually at a hefty price. Do you recommend this for the most premium names, or is that overdoing it?

Partial privacy is a very good option. I personally recommend registry lock if you don't plan on transferring/selling the domain in the near future.

 

[biggie]

Value IS subjective, so we don't look at it. Risk is not subjective.

Hi

i disagree,
in that risk, or a domain being at risk - because it isn't registered 5 years in advance, is a subjective benchmark....
particularly, when you consider how many domain owners have or keep, each of their names registered 5 years in advance.
how many domainers currently have their names regged that far in advance?
maybe some who have high value names, but overall the average time is much shorter

one would have to renew their domains, which would be an additional expense...just to "up the score" or maintain it, per the rating system.

and who is going to add 5 years in advance, on a low quality name?

so, quality is a factor, when it comes to renewing or advance year registrations.
and if owners are hesitant to advance renew because of quality concerns or can't afford to at the time,
then the benchmark is subjective, if/when it doesn't reflect the average registration time, that the majority of domains are currently registered for.

maybe too deep down the hole, but just saying.....

imo...

 

[bhartzer]

Hi

i disagree,
in that risk, or a domain being at risk - because it isn't registered 5 years in advance, is a subjective benchmark....
particularly, when you consider how many domain owners have or keep, each of their names registered 5 years in advance.
how many domainers currently have their names regged that far in advance?
maybe some who have high value names, but overall the average time is much shorter

one would have to renew their domains, which would be an additional expense...just to "up the score" or maintain it, per the rating system.

and who is going to add 5 years in advance, on a low quality name?

so, quality is a factor, when it comes to renewing or advance year registrations.
and if owners are hesitant to advance renew because of quality concerns or can't afford to at the time,
then the benchmark is subjective, if/when it doesn't reflect the average registration time, that the majority of domains are currently registered for.

maybe too deep down the hole, but just saying.....

imo...

Yes, the 5 years is a subjective benchmark. However, I was able to prove that a domain name was stolen because the client registered it for 5 years in advance.
How many domainers have names registered that far in advance? Problem not many at all. DNP Score doesn't care about domainers, it cares about protecting a domain enough so that there is less RISK that the domain is lost. Auto renew, for example, fails a LOT. Renewing for 5 years helps make it less risky that you will lose the domain.
If you don't renew for 5+ years then it may not be valuable to you. It's okay if you lose it. That's fine. It's a low quality name, so yeah, do riskier things with it because it's a low quality name.

I agree that the benchmark is technically subjective. The "benchmark" is there based on potential risk of losing the domain name, not "quality" necessarily.

 

[TCK]

We certainly agree about that. The downside is if the WHOIS email is also the account control email, in which case the WHOIS information is broadcasting, "compromise this email address to get the domain name."

This is an interesting point. I was thinking that WHOIS privacy benefits the registrar because it forces the buyer to go through their marketplace instead of contacting the domain registrant directly. As far compromising an email address this rests solely on the registrant. If you are going to use weak passwords and the same passwords across all of your online accounts then you are inviting bad players to compromise your emails and other accounts.

Also Gmail and hosted email providers give you a warning if your email has been accessed from an unknown IP or geo location.

 

[bhartzer]

This is an interesting point. I was thinking that WHOIS privacy benefits the registrar because it forces the buyer to go through their marketplace instead of contacting the domain registrant directly. As far compromising an email address this rests solely on the registrant. If you are going to use weak passwords and the same passwords across all of your online accounts then you are inviting bad players to compromise your emails and other accounts.

Also Gmail and hosted email providers give you a warning if your email has been accessed from an unknown IP or geo location.

Well, a very large number of our stolen domain name cases has involved hacked email accounts, mainly Gmail. They had 2FA turned on, both on gmail and at the domain registrar. It gets turned off by the hacker. We've never had a domain stolen that was using a gmail account when Google Advanced Protection was on the account (as far as we know). Advanced Protection requires a Yubikey be tied to the account.

 

[Digital Nomad]

Well, a very large number of our stolen domain name cases has involved hacked email accounts, mainly Gmail. They had 2FA turned on, both on gmail and at the domain registrar. It gets turned off by the hacker. We've never had a domain stolen that was using a gmail account when Google Advanced Protection was on the account (as far as we know). Advanced Protection requires a Yubikey be tied to the account.

How does the 2FA get turned off by the hacker if they need to be in the account first?

 

[bhartzer]

How does the 2FA get turned off by the hacker if they need to be in the account first?

Somehow they're getting in some other way; for example, we've had plenty of stolen phones that resulted in stolen domain names.

 

[Digital Nomad]

Somehow they're getting in some other way; for example, we've had plenty of stolen phones that resulted in stolen domain names.

So the thief stole the phone and then stole the domain? That must be very targeted.

 

[Future Sensors]

So the thief stole the phone and then stole the domain? That must be very targeted.

This is probably how DNProtect ended up at Epik.

 

[bhartzer]

So the thief stole the phone and then stole the domain? That must be very targeted.

in several cases, it was targeted towards those individuals. One was the owner of a large business in Houston, the other a celebrity who was in New York City.

 

[bmugford]

So the thief stole the phone and then stole the domain? That must be very targeted.

For anyone who has an account representative at GoDaddy, I would suggest enabling DTVS on your account.

Even if you can get by someone's password AND 2 stage authentication, a domain can't be moved or transferred.

You need to confirm it on the phone with your account rep, and provide a PIN that is not kept anywhere that is publicly accessible.

It is a great peace of mind. I am sure other registrars offer similar services.

Brad

 

[TCK]

Most who lose domains it is because they don't want to renew or missed the opportunity and they went into redemption or ended up on an expired auction. Many newbie domainers view domaining as passive income and don't want to be bothered. If you own premium domains you will pay attention and make sure they are protected. Is that an accurate observation or am I being fanciful?

 

[bhartzer]

For anyone who has an account representative at GoDaddy, I would suggest enabling DTVS on your account.

Even if you can get by someone's password AND 2 stage authentication, a domain can't be moved or transferred.

You need to confirm it on the phone with your account rep, and provide a PIN that is not kept anywhere that is publicly accessible.

It is a great peace of mind. I am sure other registrars offer similar services.

Brad

This is a great tip. But assumes that you have an account rep at GoDaddy.
By the way, by far, more stolen domain name cases come from only a few registrars, GD being one of them.
GD needs to implement this, or make it option, for their customers who don't have account reps.

 

[bhartzer]

Most who lose domains it is because they don't want to renew or missed the opportunity and they went into redemption or ended up on an expired auction. Many newbie domainers view domaining as passive income and don't want to be bothered. If you own premium domains you will pay attention and make sure they are protected. Is that an accurate observation or am I being fanciful?

I would say that's true of "domainers". But I don't recall ever getting a stolen (or lost) domain case involving a domainer. They're all real business owners (and those who have websites) who are losing domains and getting their domain names stolen.
I also don't ever recall a "parked domain" get stolen, they're all domains that had websites on them.

 

[TCK]

@bhartzer Do you have any real life stories you can share of domains being stolen. I know of some but they ended up in the original registrants account. The thief was caught.

 

[bmugford]

This is a great tip. But assumes that you have an account rep at GoDaddy.
By the way, by far, more stolen domain name cases come from only a few registrars, GD being one of them.
GD needs to implement this, or make it option, for their customers who don't have account reps.

Well, in fairness they have as many (or more) registrations as the next 10 registrars combined.

Of course with 76+ million registrations, even at a normal rate, that total number is going to be larger than anyone else.

Brad

 

[Digital Nomad]

Somehow they're getting in some other way; for example, we've had plenty of stolen phones that resulted in stolen domain names.

I guess other ways that hackers use are phishing sites and reverse proxies to bypass 2FA. I won't go into detail, but most important is to be careful by clicking on any email links.

 

[Digital Nomad]

That's not Epik's strategy.
I "personally" created the "DNP Score" algorithm back in 2013-ish timeframe, and actually it was a manual process to calculate a score and do the due diligence. If you might remember, my previous product/service was called Verified Domains.
DNP Score is all MY 'intellectual property' and has been for years, nothing to do with Epik at all. Epik just automated my algorithm.

So they did it without your permission? Were you aware of these social posts/emails/marketing?

BTW forgot about this, were you aware that Epik was marketing DNProtect as an Epik brand? Did they do it without your consent?

 

[bhartzer]

@bhartzer Do you have any real life stories you can share of domains being stolen. I know of some but they ended up in the original registrants account. The thief was caught.

Yes, I've personally dealt with several hundred cases in the past year or so alone. What type would like you to hear? The most common ones? The most outrageous ones?

 

[bhartzer]

Well, in fairness they have as many (or more) registrations as the next 10 registrars combined.

Of course with 76+ million registrations, even at a normal rate, that total number is going to be larger than anyone else.

Brad

I agree, totally. Just the numbers are going to play into this, big-time. Larger registrars are probably going to have more stolen domain names. But I also blame their policies, as well. No one wants to wake up to their email not working and their website down because their domain was stolen.

 

[Digital Nomad]

I agree, totally. Just the numbers are going to play into this, big-time. Larger registrars are probably going to have more stolen domain names. But I also blame their policies, as well. No one wants to wake up to their email not working and their website down because their domain was stolen.

Nobody wants to wake up having their domains removed without notification either by the registrar themselves... or have their funds frozen... or... you know what I'm saying right?

 

[Digital Nomad]

It's funny how you give GoDaddy a negative twist indirectly, but ignore all questions about Epik promoting DNProtect as their brand and being aware of that or down playing it all, anyways bro, good luck with everything.