Domain Hijacking and How You Can Prevent It

By Meredith Croyle

Domain Broker


Losing a domain is an incredibly frustrating experience for domain owners. This article will help explain how this happens, and how you can keep it from happening to you.


There are three main ways that people lose domain names.


  1. An owner allows the domain registration to lapse,
  2. A domain is stolen after a hijacker gains access to the registry record
  3. An owner does not keep up-to-date contact information in their record and their record is deleted after the registrar concludes that contact with the owner is not possible.

The good news is that there are steps you can take to keep this from happening to you. The most basic way to avoid loosing your domain is to keep track of expiration dates and maintain your contact information. One smart way to do this is to consolidate your domains at one high-quality registrar. This allows you to manage a domain portfolio more easily and comprehensively. Remember, your domain can be deleted if your contact data is out of date. Domains now have to verify ownership annually.


A second and related tip is to make sure that you are listed as the Administrative Contact. If it is a corporate domain name, then make sure the business owner or a senior executive is the administrative Contact; this person is authorized to modify the site, the records, and he or she can change the domain’s ownership.


Next, it is important to use non-free email accounts for your Administrative Contact email address whenever possible. Free email addresses can be suspended or deleted. If this happens, you will not receive notices from your registrar for renewal, and someone else could register that email address and then use it to request a domain transfer.


You can also place a registrar lock on your domain. This can help prevent it from being transferred, modified, or deleted by a third party. It is also important that you make sure your registrar gives you the ability to unlock your domain at any time without having to call or email them. Otherwise, when you sell a domain name you will have to wait for someone at the registrar to process your request, and then the transfer will take more time, and importantly, it will take more time for you to receive your payment.


It is also important for you to be an educated email user. Never respond to emails that ask you to click on a link or respond without investigating the source and fully understanding the e-mail’s contents. Be especially careful with domain-related emails that look official but are from an unknown source. Contact your registrar to find out what is happening and if the email is from them. Domain hijackers have been known to send out mass transfer requests hoping that a small number of people will actually accept the transfer request. Do not let yourself fall prey to this type of scam.


An easy step you can take to make sure you do not lose your domain is putting your registrar on your email list of “approved senders”. This will ensure that you receive emails from your registrar, including the all important registry renewal notices.


Finally, on a related note, it is a good idea to renew your domain early and for long periods of time. Registrars are allowing domain owners to register their domains for longer periods of time and at more competitive prices.


Protect your domains by following these guidelines:

  1. Keep track of expiration dates and keep your contact information up-to date. (Consider Domain Consolidation.)
  2. Make sure you are listed as the Administrative Contact so that only you can modify the domain record or change ownership.
  3. Try to avoid using free-email addresses.
  4. Make use of registrar locks over which you have control.
  5. Be an educated email user; investigate email senders and email contents.
  6. Place your registrar on your “approved sender” email list and have emails from them go straight to your inbox.
  7. Renew your domain early and for long periods of time.



Author: Meredith H. Croyle