Small Business Scams: Domain Registration Theft

Scam Alert, Domain Name Theft

Your domain name is the address of your website. (For example - tbeachboard.com) It’s your online calling card, and more often than not, the exact name of your business. Since they hold so much value, scammers will hijack domain names, and resell them to their owners for a hefty price.

How does a domain name get hijacked?

It can happen through a variety of ways.

  • “Social Engineering” - Tricking someone into giving away confidential information.
  • Hacking - Scammers can hack into your domain name registrar or the email associated with your account
  • Buying the domain before you - Scammers will frequently buy domain names so they can sell them for a big profit above the original cost
  • Web developer buying your domain name for you - Scammers pose as web developers and agencies, register the domain name you want under their name, and shut your website down until you pay them

What can I do to prevent my domain from being hijacked?

Purchase the Domain Name Yourself

One way to prevent domain name theft is making sure that you purchase and register your domain. If you’re planning on building a website, go directly to your hosting company or registrar and purchase it yourself.

If they register it under their name, even if the domain is your trademarked business name, that domain name is legally theirs and you can’t do anything about it. Never let anyone buy your domain name for you.

My personal recommendation is to go with Siteground for registration and hosting. You can check out my review here - SiteGround Web Hosting

Have Secure Passwords

Another way to prevent it is to make sure you have secure passwords for your email, hosting and registrar account. If a hacker accesses your account, they can change any information they want, including who the domain is registered to.

Many companies include a password strength checker with their sign up forms. Make sure the password you choose has a mix of lower and capital letters and symbols. (Eg. @,&,%,#,$.) The password you come up with should make the checker max out.

If you have the option, sign up for Googles two-factor authentication. It will add an additional field on your sign up form for you to input a randomly generated number. You get the number by downloading Google's Authenticator app on your phone and will make your account even more secure. Click here to check out Google's Authenticator App.

Keep your Personal Information to Yourself

Be careful about who you give your account information to. Scammers will try to pose as the domain name registrar, hosting provider, or other authority figures to try and trick you into giving them your info. As a rule of thumb, never give up any personal information over the phone or through e-mail.

Generally, employees will ask for an email address, phone or account number to verify that they're talking to the owner of the site. If someone's asking for anything beyond that, like passwords and social security numbers, that should throw up red flags!

Subscribe for News and Updates!

Like My Site?

Share it with your Friends!