How Domains Are Stolen | domainthefts.org

News

[07.22.2008]
After 5 weeks, my stolen domain was returned to me with the help of estdomains.com and namecheap.com and many friends emails!

Join Today!
There is strength in numbers! by sending emails to registrars & ICANN when someone's domain is stolen, you can help stop the increasing number of domain thefts.

Did you know?
ICANN.org does nothing to help return stolen domains. If you file a compliant with them, they will simply forward your complaint to the orginal domain registrar!

ICANN's Arbitration Costs.
For a single person independant arbitration to try and restore a stolen domain will at minimum cost you $1,500.00

Domain Theft Statistics
There are none that I could find anywhere. Just thousands of posts on the internet about people having their domains hijacked.

Who's fault is it for all the thefts?
The thieves and the apathy of ICANN.org and domain registrars. There is NO ONE policing domain thefts!

What can I do?
Eventually, you will probably be a victim of domain theft. Join today and help others get their domains back, and get help if you lose your domain(s)!

Domain Theft 101

Domain thieves steal domains in many ways, but the most common is that the owner used a free email service for their domain contact information. This information is publicly visible through a whois of any domain that isn't using a privacy service to hide the information. Once the criminal finds domains using free email addresses such as hotmail and yahoo, they can break into your email account, gaining access to any saved emails or new emails.

These criminals are also known to lead people into opening their computers up to install their keylogger programs on the victims computer using malicious sites and email. Then they have all the information on your computer (and whatever you type) sent directly to them in an email. Other domain thefts occur when the hacker breaks into your domain registrar account, or an employee of the registrar sells your account info, or even steals your domain themselves! Another way is to trick the domain registrar into thinking they are you, and getting your domain transfered elsewhere. These situations have all happend in the past.

What can I do?

You can lessen the chances of being ripped off by never using a free email service. Also, there is an option to lock/unlock domains by the owner. Make sure it's always locked unless YOU are transferring the domain. Check your domain information (especially the email addresses) frequently. Don't use easy passwords. Mix up your password with caps and non-caps characters and numbers. Change your password at least once a month (more is better!). Don't use a password for your domain registrar account that you are using anywhere else.

Once a criminal has gotten into your domain account, all they have to do to follow ICANN's policy for domain transfers by changing the contact email for each domain and the registration information, save it and wait for a few minutes to an hour. After the whois information has changed, they can simply request to transfer the domain to another registrar, and you will probably not know until it's too late.

If the losing registrar's whois matches the hacker's information at the new registrar (and it will since he followed ICANN's policy for domain transfers and changed all the whois information before transferring), at the time of the domain transfer, you will probably get an email from your domain registrar that they can't do anything because the thief followed ICANN's policy for domain transfers!

Jan Michaels domainthefts.org

Domain Owner's Union