Protecting Digital Assets and Domain Names

Recently, there’s been an uptick in the Amount of Domains I am not sure whether it’s because of the globaloutbreak and folks are getting more desperate for cash, or if domain thieves are using their changing digital and techatmosphere. COVID-19 is causing more of us to become online and conduct business online. But this also means that many don’t fully understand how to properly protect their digital assets, like domains. This may be why we are seeing more and more online scams, phishing like Google Ads phishing, and internet theft in general.

Digital Assets

While I think of electronic assets, I think of many distinct kinds. Our electronic assets may include access to your bank account on line, access to accounts such as cryptocurrency accounts, and payment transactionsites like PayPal, Masterbucks, and Venmo. Then there is online shopping websites’ logins, such as Amazon, Walmart, Target, and eBay, in which most probably you have an account where your payment data is saved. Apple Pay and Google Pay would be many others, as well as your web site hosting account which handles your email (unless you use Gmail.com or Outlook.com), and, ultimately, your domain . If your domain goes missing, then you eliminate a lot: accessibility to email, as well as your site most likely will go down, where you’ll eliminate visibility, online sales, and clients. Online thieves are hacking sites and anywhere there is a login, because they’re trying to get to your digital assets.

Protecting Online Accounts

A Lot of Us are now Utilized to protecting our online accounts by using a Unique, protected password for each login that we’ve got online. An significant part protecting digital assets, and domains, would be to make sureyou get a secure password and two-factor authentication setup to your login at your domain registrar. In many cases, if a burglar gains access into an account at a domain registrar, the results can be disastrous if you don’t have additional protections in place to safeguard your domain .

Hackers who access your domain registrar’s account may do several things that would interrupt your business:

The thief or hacker could make modifications to the DNS records for your domain . They could point the domain name to another web server, perhaps their”copy” of your site.

The thief or hacker could push the domain name into their account. They may even keep your contact info about the WHOIS record so it looks like you still own it–but the domain may be transferred into their account. When it’s from your account and you no longer command the domain , then they’ve stolen the domain and mayresell it.

The thief or hacker could move the domain name from that registrar to another registrar. Whenever they start the transfer then they’veattempted to steal the domain , and as soon as it’s transferred then it’s regarded as stolen. They can keep the same name servers so that it points to your site, so you don’t detect that it’s stolen.

Digital thieves know that domains are valuable, since they are Digital assets which may be sold for tens of thousands, tens ofthousands, hundreds of thousands, and even millions of dollars. Regrettably, domain crimes typically go un-prosecuted. In many cases, the domain thieves aren’t located in precisely the same country as the victim. All of themhave the same thing in common: they want to benefit monetarily from stealing the domain name. Here’s a couple domain crimes that I’ve seen lately:

A company’s account at a domain registrar was hacked (using social technology). The company was involved in cryptocurrency, thusgaining access to the domain name allowed for the hackers to get the company’s crypto exchange.

The domain burglar introduced as a domain buyer, telling the domain owner they wanted to buy their domain for several thousand dollars. The buyer and seller agreed to a price, the burglar told them they could pay them via cryptocurrency. The seller transferred the domain name when they had been given details of this cryptocurrency trade. After the seller attempted to get the cryptocurrency and”cash in”, it was invalid. They had been scammed, and lost the domain .

A domain name owner that has a portfolio of valuabledomain names gets their account hacked at a domain registrar. The owner does notcomprehend this, and the domains are transferred to another registrar in a different country. The gaining registrar is uncooperative (or in about the theft), and will not return the domains.

A domain name owner has his or her account hacked at the domain registrar and domains are transferred out to a different registrar. Then they sell the domains to someone else, and the domainsare transferred yetagain to a different registrar. This happens several times, with different registrars. Those who purchased the domain names don’t know they are stolen, and they lose any investment they made in the domains. Sometimes it’s hard to unravel cases similar to this, asthere are several owners and registrars involved.

All these happened in the past two to three weeks. And so are only Examples of where the domain name owner could have done something to block the domain name theft. In the instance of the domain sale scam, the vendor should have employed a domain escrow assistance, there are several reputable escrow services, such as Epik.com’s Domain Escrow Services, as well as Escrow.com that handles domain name sales.

Just just how do you minimize the risk of your domain getting stolen?

Transfer your domain to a protected registrar.
Log into your accounts account on a regular basis.
Set up registry (transfer lock) on your domain.
Assess WHOIS information regularly.
Renew the domain for many years or”eternally”.
Take advantage of other security attributes at your own Password.
Protect your domain using a domain name warranty.

Think about moving your domain to a protected domain name registrar. You will find registrars that haven’t kept up with common securitypractices, such as letting you set up 2-Factor Authentication inyour account, Registrar Lock (which halts domain transfers), and even preparing a PIN number on your account for customer serviceinteractions.

Log into your domain registrar’s account on a regular basis. I Can’t actually say how often you need to do this, but you ought to get it done on a normal schedule. Log in, be sure to have the domain name(s) on your account, make sure they are on auto-renew, and nothing looks out of the ordinary.

Set up Registrar Lock or”transport lock” on your domain . Some Registrars call it”Executive Lock” or something comparable. It is a setting which makes sure the domain cannot be transferred into another account without needing it turned off. Some go so far as maintaining it”on” unless they get verbal confirmation which it should be transferred.

Check the WHOIS information on the domain . Test it openly on a Public WHOIS, such as at ICANN’s WHOIS, WhoQ, or at your registrar. Make sure it’s right, even the email addresses. If the domain is using WHOIS Privacy, send an email to the obfuscated email address to make sure to get the emailaddress.

Renew your domain name for many decades. Years for precious domains (or ones you don’t want to lose). You can get a “eternally” domain registration at Epik.com.

Ask the accounts in the event the account access can be restricted based on The IP address of the person logging into the account. Ask the accounts if the account may be restricted from logging in by a USB Device, such as a bodily Titan Security Key, or even a Yubikey. If you have Google Advanced Protection enabled on your Google Account, you will have two physical keys to get this Google Account (and a few innovative security in the Google backend). You would then have those Advanced Protection keys fromGoogle to protect the domains on Google Domains.

Consider protecting your domain (s) using a domain name warranty or service which protects those digital assets, such as DNProtect.com.

It is harder for the fraudsters and thieves to steal domains at those registrars. Some domain name registrars do nothave 24/7 technical assistance, they can outsource their customer servicerepresentatives, and their domain software is obsolete.

Domain Name Thefts Occurring at This Time

As I write this now, I have been informed of at least20 very Valuable domains which were stolen by their owners at the previous 60 days. For example, of 2 cases I personally affirmed, the domain names were stolen out of one particular domain registrar, based in the USA. The domains were transferred to another domain registrar in China. Both these companies who own the domains are, in fact, based on the USA. Thus, it’s not plausible that they wouldmove their domain names into some Chinese domain name registrar.

In the case of both domains, the Exact Same domain thief kept The domain ownership documents intact, and they show the formerowners. But in 1 instance, part of this domain contact record was altered, and the former owner’s address is current, but the final portionof the address is recorded as a Province in China, and not Florida, in whichthe firm whose domain name has been stolen is situated.

What tipped us off into those stolen domain casesis that both Domains were listed for sale on a popular domain name marketplace. However, these are domains in which the overall consensus of this value could be over $100,000 each, and were recorded for 1/10th of their value. It is too good to be true, and most likely it’sstolen. The same is true for these domains which are supposedly stolen. The purchase price gives them away, and, in this scenario, the possession records (the WHOIS documents) also show evidence of this theft.

It has not been more important to take responsibility for your Digital assets, and make sure they are using a domain registrar That’s evolved and adapted with the times. A Couple of moments spent Wisely, securing your electronic assets, is critical in times like these. It may be the difference between your precious digital assets and internet Properties being guarded, or possibly subjected to theft and risk.

-