Guide Helps Domain Name Owners Avoid Scams

Internet management organisation ICANN recently issued advice to help firms and individuals to avoid problems caused by hijacked or maliciously registered domain names.

ICANN’s “Security and Stability Advisory Committee” (SSAC) warned that hijacked domain names can disrupt the owner’s business, enable phishing attacks, deny or steal email messages and can cause damage to company brands and business reputations.

Problems are often caused by firms mis-managing their own domain names.

Here are five tips to avoid your domains being lost or hijacked:

1. Keep accurate and up-to-date records of your, or your company’s, domain names and account information like login URLs, Usernames and Passwords. And keep all your records in a safe, secure place.

2. If you entrust management of your domains to someone else in your company, be absolutely sure you keep track of your account login details, passwords and who is registered as the Administrative Contact for your domains and their email address. If that person leaves your company, be sure you change your account passwords, etc. in good time so the person leaving does not know them. Disgruntled employees are a frequent cause of hijacked domain names!

3. Even if you or your company is registered as the owner (“Registrant”) of your domain names, remember that moving a domain name to another account or another registrar does not require the owner’s authorization. Only the Administrative Contact’s approval is required, so be sure the Admin. Contact for your domain names is either you or someone you trust completely!

4. Be sure the email address for the Administrative Contact in the domain record (WHOIS) is up to date. If your employee’s email address is listed after leaving your employment, your company may be at risk because he/she could use that email address to hijack your domain.

5. Ensure that you use a domain registration service offering “Registrar Lock“. This means the domains cannot be modified or moved unless the registrant or administrative contact positively requests it.