Domain name transfer fraud
by John Bandler
Here is a quick explainer about domain name transfer fraud, with some cybersecurity and cybercrime prevention tips.
The value of domain names
Domain names have value for:
- Intellectual property
Computers love numbers, but us humans need words. Domain names allow us to use meaningful email addresses and website pages, so that we can tell people things like:
- "Visit me at JohnBandler dot com"
- "Email me at John at JohnBandler dot com"
- "Go to Google dot com to search it"
Instead of something like:
- Go to the website at IP address 22.214.171.124
Domain names are essential for business use, for websites, and email.
How to we obtain a domain name?
We rent domain names from a domain registrar. We don't buy them (that would be too easy for us), we rent them.
That means we need to ensure our rent is paid, we need to know which registrar we are renting from, and we need to secure our account with that registrar.
After we rent the domain name
After we have rented that domain name, for a period of years, we can put it to use. The things we can do with a domain name are:
- Create a redirect, so a website visitor to that domain is redirected to our main website
- Have website hosted using that domain name
- Have email service using that domain name
Often, a domain registrar is more than willing to provide or connect you to additional services, such as for website or email hosting. And vice-versa is true also (e.g., providers of website and email services are often more than willing to help you obtain domain name registrations).
To connect a website to our domain name, we need to have the website hosted somewhere on server (often with a website hosting provider) and then configure our domain name registration settings to the world knows how to get there. Meaning, tell the domain name system (DNS) where the website for our domain name is hosted.
To connect email to our domain name, we need to have an email service provider somewhere on a server, then configure our domain name registration so it properly points to that mail server provider.
The things that can happen
The main harm that can happen is we lose control over our domain name.
If we lose control over our domain name, we lose access to any email accounts that use that domain name, and our website will go down.
Here are various ways we can lose control over our domain name:
- We forget to renew it
- Auto renew fails for whatever reason (payment card expired, error, etc.)
- Malicious attacker gains control over our domain registration account and transfers the domain
When you lose control over your domain, your email and website will go down.
The domain name may then be offered for sale, often at a premium, and you can try to buy it back.
To prevent domain name frauds, follow Bandler’s Four Pillars of Cybersecurity, starting with the first pillar, improve knowledge and awareness.
Then proceed through devices and data, and with data, consider what domains you rent, with which registrars, and how those accounts are secured. Likewise for email and websites.
Then you can take appropriate steps to safeguard your important domain names, including:
- Check who has access to the domain name registrar account (e.g. who can access the domain registration company account to potentially transfer or cancel the domain)
- Ensure the domain registration account is configured with a strong, unique password, and two factor authentication
- Check autorenew settings and payment information
- Review other settings
Response to this cybercrime (for individuals)
Try get your domain name back!
Response to this cybercrime (for organizations)
Try get your domain name back!
Not fun either.
Government and law enforcement response
Quick thoughts here for government:
- Investigate all cybercrime cases.
- Successful cybercriminals don’t just do one scam, they attempt thousands and are successful for many.
- Indict and arrest the perpetrators.
- Follow the money
- Indict and arrest the money launderers
- Without investigation there is no arrest
- Without arrests there is no justice
- Without justice there is no deterrence, and this crime will remain rampant.
Domain name registrar response
I've seen a few of these. Unfortunately, some domain name registrars do not expend enough effort detecting this fraud, investigating it, or remediating it.
Cybercrime, including domain name transfer frauds, are pernicious and pervasive.
If you are a cybercrime victim, see the resources on this site and see my page on identity theft, contact your financial institution and law enforcement.
If your organization needs help to protect from cybercrime, improve cybersecurity, create or improve policies, or comply with cybersecurity related laws and regulations, please contact me.
This is not legal advice nor consulting advice, and is not tailored to your circumstances.
- Identity theft
- Bandler's Four Pillars of Security
- Cybersecurity Tips from John Bandler
- The Three Priority Cybercrime Threats
- Cybersecurity and Privacy for You and Your Organization
- Intellectual Property Law - An Introduction
- Cybersecurity for the Home and Office (book)
- Cybercrime Investigations (book)
- The Western Express Case
- Two factor authentication
This article is hosted at https://johnbandler.com/domain-name-transfer-fraud, copyright John Bandler, all rights reserved.
This article is also available on Medium.com at NOT YET (though not kept as up to date).
Originally posted 10/19/2023, updated 11/08/2023.