blog

How To Keep Your Domain Name Safe From Hackers

Every day, several thousand domain names get stolen, and hundreds of WordPress blogs get hacked.

You cannot afford to be on the list of people losing their domain names under avoidable circumstances. You must avoid domain theft at all cost so that the asset you’ve invested in for years will not get stolen.

In case you don’t know, your domain is a part of your brand identity, and it’s also a potential gateway to wealth.

You may have heard that some domain names have been sold for millions of dollars in the past. Just recently, Travelzoo sold the domain fly.com for $2.89 million. This was the same domain they acquired in 2009 for $1.76 million.

Check out this list of other domain names that have been sold for over $35M in the past.

All that aside, do you know that there are easy ways you can protect your domain name against theft?

Knowing the various tactics employed by domain thieves will help you in taking proactive measures to keep your name safe.

Here’s How To Avoid Domain Theft

1. Keep your domain registration records and contact information accurate.

Whenever there is a change of address, phone number, or email address that you’ve been using for domain name transfer communications, you must let your registrar know.

Make sure you also update your emergency and business contact information.

When any suspicious activity occurs, your registrar will be able to contact you and let you know ASAP.

2. Be wise in choosing your registrar.

Be-wise-in-choosing-your-registrar

Don’t buy your domain name from just any registrar; be sure that the registrar has been in business for a long time and is trustworthy.

When choosing a domain registrar, you must look beyond price and find a company that offers quality services and support.

They should be able to provide more than the minimum registration and domain transfer services. The technical support should be readily available 24×7 irrespective of your location.

The registrar must also have a system that notifies you of a pending domain transfer and allows you some days to respond before the domain is actually moved. This is to ensure that the domain is not transferred without your knowledge.

Such notifications would allow you halt a pending transfer.

Also, be sure the registrar has a way of notifying you of changes in your registration record or any ownership change requests. Check that they give you the option of specifying which communication method is best for you (email, phone, fax, etc.).

Does the registrar have additional security measures like two-step authentication? This is where you receive a code on your mobile phone every time you go to log in. You need to correctly enter this code before you’re granted access to your account.

It may be irritating to users, but without safeguards like this, a hacker can easily transfer your domain out of your account.

Note: GoDaddy is always a good choice. 

3. Keep your domain registrant info private.

Keep-domain-registrant-info-private

You need to jealously guard your account info the same way you would any other account info on any other site (you need to be extra protective because your domain is a business asset).

You should never give your login details to a stranger or any other person except to someone authorized to manage your domain (e.g. a webmaster or a developer). Make sure you change the account details when this person leaves your organization.

Don’t use your contact email address as your username for your registrar account as hijackers will always guess this. Instead, create a different username that is not the same as the contact email.

4. Lock-up your domain.

Ask your registrar to place your domain name under a registrar lock.

This makes it impossible to alter your registration information and DNS configuration without your consent; you have to unlock your name before anything changes.

If your registrar supports EPP (Extensible Provisioning Protocol), then they can help to add a second “lock,” the Authorization Information Code or authInfo.

Once the EPP is activated for your account, your registrar will send you the authInfo code within 5 days to have your domain transferred out. This code must be given to the gaining registrar before the domain can be accepted. In some cases, the registrars give you the right to set up the authInfo value.

In that case, you have to be sure that each domain name you register has its own EPP authInfo code that is unique to it. Only one domain name would be in danger if for any reason the authInfo code is broken.

After locking your domain name, make sure you check the Who.Is periodically to ascertain that the status of the domain has not changed. If you notice any change in your domain name information, report it immediately to your registrar.

5. Don’t access your domain account directly from your email.

You may occasionally get emails from your domain registrar to let you know of discounts or other promos.

Sometimes, you will log in to your account by clicking on the link in your email because you trust your registrar.

However, domain hijackers will try to send you a phishing email with links and logos that look exactly like your registrar’s. If you must use any link in your email, be sure to cross check it on your status bar before going ahead.

If you log in through a phishing link, you might lose access your account.

To prevent such an ugly incident, it is always better to type your registrar’s address directly into the address bar without clicking on any email link.

6. Separate your domain from your hosting account.

Separate-domain-from-hosting-account

Some domain owners make the terrible mistake of using the same company to register their domain and also host it. If a domain hijacker gets access to your hosting account, they will take over everything, and you will not be able to recover your domain.

You should use separate providers for domain registration and for hosting.

7. Change your password periodically.

While it is wise to create a highly secured password, it is advisable to change this password after some time.

To create a secure password, use a combination of uppercase, lowercase, numbers, and special characters.

Never use common names, dictionary words, birth dates, anniversary dates, etc. Hackers will easily guess these. And again, when you hire someone to work on your account, make sure you change the password after they leave.

8. Enable privacy.

You should enable Who.is privacy (Who.is Guard) for your domain and make sure your contact details are not visible to anyone.

Domain thieves can easily use this info to locate you and set bait for you using phishing emails. Once you enable Who.is privacy, your details (name, email, address, phone number, etc.) will not be visible to the public.

How To Keep Your Domain Name Safe

Domain names are often very valuable assets that must be protected. If you lose your domain, your entire business could go down, too.

Follow the tips we have listed in this post and your domain will be better protected from the hands of domain hijackers.

What about you? Have you ever lost a domain to anyone? What domain registrar do you currently use and what measures do they use to safeguard against domain thieves? Please share your experience via the comment box below. It would be great to see you contribute to helping other people secure their domain names!

Related posts

7 Replies to “How To Keep Your Domain Name Safe From Hackers
  1. 全「身」趨勢!LSD真空無痛技術,無需使用冷凍啫喱,比傳統激光脫毛更安全,更舒適,更快捷。腿部背部永久脫毛,只需15分鐘!最快激光脫毛科技 配以22x35mm 及 9x9mm 治療機頭,比其他品牌之24mm為大,覆蓋肌膚範圍更廣。 因而更能縮短療程時間及次數。專為亞洲皮膚而設 因應不同膚色設定不同能量,無論膚色較深或較白均適用 最舒適及最有效的激光脫毛體驗 (與755nm及1064nm作比較) 設真空脫毛技術 LUMENIS LightSheer® Desire 激光脫毛儀備有真空脫毛技術,令激光能量更集中聚焦,達至更快及更有效之療程效果。

    http://cosmedicbook.com/treatments/info/VENUS-VIVA

  2. Venus Viva™對所有皮膚類型都是安全的,並使用革命性的Nano Fractional Radio Frequency™(納米點陣射頻™)和Smart Scan™(智能掃描™)技術,通過選擇性真皮加熱,從而提供優異的治療效果。使用Nano Fractional RF™將能量透過表皮傳遞至真皮,從而產生熱量,並啟動膚膚的生理機制,重建膠原蛋白及刺激纖維母細胞,最終刺激導致組織重塑。功效:✔改善膚質✔肌膚緊緻✔減淡妊娠紋✔痤瘡及暗瘡疤痕✔減淡細紋及皺紋✔面部肌膚賦活再生 適合面部及頸部

    http://cosmedicbook.com/treatments/info/DR-CYJ-髮胜肽健髮療程

Leave a Reply