The Underground World of Domain Hijacking, and How to Protect Yourself
Author: Jim | Filed under: Observations
Imagine that you own a successful website, and everything is going great. Traffic is high, user activity is thriving and you are starting to make a name for yourself. Then imagine that you refresh the page an hour later only to find that your domain name is… wait a minute… parked?!
If a hacker can gain access to as little as your email address… they can wreak more havoc than you ever thought imaginable. Just a few months ago, popular website “MakeUseOf.com” was hacked and the domain name was transferred to another owner when someone else got a hold of the owners email address. The scary part is that they were able to convince the registrar that they were the owners, and had everything changed in less than an hour. Read the full details if you don’t believe me.
The rightful owners even got blackmailed:
“Hi There,
I said it very simply and very easily !
2 K !
Deal or not ?!
You own the domain I get the money…Regards”
Shocking, right? You are probably saying to yourself… “oh, that couldn’t happen to me.” But the bottom line is that even if you think you have your stuff together… the underground world of domain name hi-jacking is widely unknown and can really come back and bite you if you don’t take precaution. Don’t think your awesome registrar would let this happen? Think again. The above case was actually performed in less than an hour on the biggest of the big, GoDaddy.com… that’s right! Let’s talk about what happens in domain name hijacking and how you can prevent it.
What’s This About Hijacking?
The type of criminal that will hijack your domain name (and other online property) is out there on the prowl whether you like it or not. But what exactly is domain name hijacking, how is it done and why? Let’s get a basic knowledge of the issue so that we can understand the monster we are dealing with here.
What is Domain Name Hijacking?
Theft of domain name is the process by which internet domain names are effectively stolen from their rightful owner (registrant). This is not the same thing as buying an expired domain name. Domain name hijacking is illegal, and while many registrars will right the wrongs within a week… it is well-documented that most cases go unresolved as individuals typically don’t have the resources to get to a higher power.
How is it Done?
From what my experience has been with domain theft, the most common form is simple “social engineering.” This is a common term in the underground hacking world that simple refers to using your attitude and behavior to get something that isn’t yours. If anyone has seen the movie “Catch Me If You Can” you will know exactly what I mean. For the rest of you, consider it like walking out of a pizza shop with a pizza that isn’t yours… simply because you successfully convinced the cashier that you were the man on the ticket.
Other forms: hacking, spyware, registering lapsed email, forgery of authorization, adding false verification information, spoofing and impersonation
Why is this done?
As we saw above, many criminals steal domain names for the purposes of what is known as “cybersquatting.” In a nutshell, this is like registering a domain name with the sole intention of taking it from someone else for profit. In this case, you have stolen it as ransom so that you can potentially solicit a reward from the rightful owner. Others simply do it for respect. People like to feel powerful, and often hack things simply to flaunt their own skills to an underground community. Still others practice domain name theft solely to be bullies. Let’s face it, there is a lot of unwarranted malicious content out there… and this is a big source of domain name hijacking.
How YOU Can Stop Your Domain Name from Being Stolen
Okay so clearly this is a problem. I think that by now, I have you sufficiently freaked out. Don’t get too worried, as it’s not like this is a typical phenomenon (though it is increasing in occurrence). The first thing you should do is run and call your registrar and make sure that your domain name is “locked” so that nobody can initiate a domain name transfer. This is a new feature that pretty much 100% of domain name registrars practices to defeat a large amount of theft… simply by blocking any request for transfer that comes in. However, hackers have ways around this… so read on! 
- Register with a good domain registrar
You don’t want to be registered with FreeDomainNamesExpress.com or what have you… stick with the big names that have at least 500 thousand active domains in their purse. GoDaddy, 1and1, eNom, Register.com, NameCheap or your reputable web host are all great and still affordable. - Maintain your accurate contact information
First of all, if you log into your account and someone elses information is there… this is a problem, haha. Believe it or not, this actually happened to my with PayPal… but I fought it and eventually won out. Same with domain names, make sure everything is always up to date so if they need you, they will get YOU (not someone else). This is especially true with email addresses. If your email address goes bad, a hacker can gain access to it and easily get full control of your accounts through this backdoor. - Register Your Domains Privately
Bottom line, if they don’t have your information in the first place in a publically available place… it is going to be much harder for them to do their due diligence and hack you out of your property. More than likely, you’ll be passed for an easier target. - Choose an upgraded registration package
I know that GoDaddy offers Business and Enterprise domain name plans for your safety. These might run you an extra $10… but if you have a good business running that is a small price to pay in the long run. Consider upgrading! - Don’t lose your passwords or usernames
Obvious right? Well so many people are loose with their information, and it really hurts. I used to have one password that unlocked everything and what happened… I got hacked. I thought it couldn’t happen to me, but it did because I had made it too easy. Now I use longer passwords, and a rotation of multiple passwords that I switch in and out at random. It’s a bit of extra work… but it’s a good memory game to excercise your brain if nothing else.
Domain name hijacking is a rampant problem that has gone pretty undiscovered across the board. I really wanted to alert you guys to this issue so that you know exactly what the deal is, and how you can help yourself out. If you have any questions, feel free to ask them below. Additionally, you can forward this article to your friends so that we can educate more people of this big issue that many registrars turn a blind eye to. Saving the world, one domain name at a time! 
-Jimvesting
Loading ...
Hey Jim, excellent article.
I wrote about this back at the time that it was going on and there were some good comments about it at http://linkmoney.org/i-can-steal-your-website/
What it caused me to do was to first, change my GoDaddy password, (and the other four companies I host with as well.)
Then I changed several different gmail addresses to isp https primary addresses. I use three different isps so mix them up a little.
Then I make it a point to go in once a month and change passwords again.
Then I cross my fingers.
Rich Hill
Twitter: @jimvesting
December 20, 2008 at 5:38 pm #
Cool Rich! I didn’t know that you wrote about that… great post! Sorry for stealing your idea in effect, haha. This has happened to other big websites as well, so it’s definitely a scary thing
This is scary. I did not know that this can happen. Thank you for bringing this to our notice. I shall indeed be careful henceforth.
This is indeed scary, but the post was very informative. I didn’t realize it was such a rampant problem myself. I have most domains hosted with my main host, but do have some domains on places like DynaDot. You hear any horror stories with them?
This is one thing I have been thinking about for a very long time.
Thanks for giving me a heads up and now I’ll reconsider my thoughts.
Brilliant post Jim. Excellent information.
thanks for getting me spooked… but thanks for the solution too!
Very helpful post. I’m going to be calling my registrar to “lock” things up, so to speak. Having been a victim of hackery before, it’s certainly a stress I’d take all steps to avoid.
Twitter: @melvinblog
December 21, 2008 at 2:20 am #
Thanks for this great read Jim. Actually, I wasn’t really that fond of this domain hijacking and I learned something w/it…
Nice post. This is always a scary thing.
Thanks for sharing. It’s definitely better to be safe than sorry and to protect your domain before its too late. Great advice!
This is a very scary thing to happen. Greg Ellison
There are some really bad people out there.I guess the best way is to buy your domain from a trusted vendor like GoDaddy for instance, host your site at a well known company even if it costs a little more.Also, because of the hacking problem, taking a back up of your site every week will save you from a lot of problems.
Crazy stuff!
Thanks for sharing!
To whom it may concern
I registered my domain name (Caspianpetro.com) 2007 with godaddy.com company, I was checking my web site, I found my domain name is hijacked with someone else with different name, I called godaddy and reported but unfortunately they can not do any things, if anyone know how can I return my domain.
Thank you
:
David,
I would call them back and make a huge stink. Don’t take no for an answer. Be unreasonable with them.
Click my name at the top of this post. It is linked to a report from DomainTools.com. Scroll down about 1/3 of the page to see results.
Looks as if he changed it Dec. 28th. You can also try pleading your case to domain server hosts (LUNARIFFIC.COM).
If that fails, hire a lawyer in Indonesia where the hi-jacker supposedly lives.