8 Things a Domain Thief Loves

Joe — Sun, 15 Feb 2009 21:19:00 +0000

We all put a lot of effort into securing the domain names we purchase. It may be creative energy finding the perfect name for your blog in an increasingly crowded landscape; or waiting patiently for your company name to be released back into the wild by someone who's owned it for 5 years but never used it.

Regardless, your domains can be stolen or sniped from right under your nose. We thought we'd take a light hearted look at how to keep your domains safe from potential domain thieves:

1. Unlocked Domain Names

The thief does not like a locked domain name, it means they have to go through another layer of protection to steal it. Lock all your domains by default.

Do you realise how easy it is for a thief to crack your free email compared to pop3. C'mon now, get serious.

Solution: Lock all your domains by default.

2. Domain name front running (also called domain sniffing)

Just because that domain you searched for three months ago is now with someone using it to promote a Nigerian Strip Poker site, does not mean that it was sniffed and then stolen. However, enough evidence does exist to suggest the practice does exist.

http://www.gandibar.net/post/2008/10/22/Why-domain-name-services-are-not-all-equal

What more can a domain thief hope for than to know the domain name you want.

Solution: search for your name on reputable domain registrar's site (not to blow our own trumpet but you won't catch anyone 'sniffing' here)

3. Weak Passwords

You may think that having a password like "123abc" is an ironic way to fool password crackers, but you wont be laughing when your domain name is used to promote a One Legged Albanian Car wash service.

Solution, make it long and hard. the password that is.

4. Non Variant password implementation

Yes I know it's easier to have the same password for every online account you own. Not wise, if you lose one, you lose them all. Think about that for a minute.

Solution: Keep a hard copy of your accounts and respective passwords handy.

5. Shady, Not to be Trusted Domain registrars

I'm not naming names here, but there are some places you should not be registering your domain. Your neighbourhood domain name thief knows the weak registrars. When you're a vulture you hang where the meat is.

Solution: Read up on the registrar, make sure they have a good rep.

6. Industrial Password Cracking software

If you have a free email service, or you are with a registrar whose security is weak, then the domain name thief will be bringing out his favourite password cracking software.

Solution: Chose a long password and include non dictionary letters.

7. Downloads of Dodgy Software

If you want to spend hours downloading all six series of T. J. Hooker using Bit Torrent I'm not going to judge you, even though Shatner will be losing the royalties. But, are you really sure that download isn't letting some hairy-assed keylogging software onto your pristine machine.

Once the domain thief has a keylogger installed he can open a can of rampant destruction on your security and as you say goodbye to that domain name at least Shatner can comfort you.

8. Naive people who cannot spot a Phishing scam

I've never met someone who has had their details phished, but who would admit it? If your registrar has sent you an email to confirm personal details or to confirm your password, it is most probably a phishing exercise.

If in doubt, email or call the registrar.

So there you have it. It's impossible to guarantee 100% security, but if you make it so hard that even the hardened domain thief cannot work up the enthusiasm, it's job done.

Gandi Bar - Security

8 Things a Domain Thief Loves