Prevent domain hijacking with these security tips

If you buy a domain name, it’s rightfully yours for as long as you continue to renew it. But in some unfortunate incidents, domain names are stolen by a hacker and either resold or used for nefarious purposes. Instances like these are called domain hijacking, and although they don’t happen often, they can be a serious headache deal with.

The best way to prevent domain hijacking from happening to you is to be proactive about your account’s security. By following these tips, you can do your part to keep your account—and your domains—safe.

Use Whois Privacy

ICANN’s Whois public database is a goldmine for hackers looking for information about a potential target. WhoisPrivacy protects your personal information by masking details like your name, address, phone number, and email. Even though having that information out in the open may not seem like a big deal, it’s just another puzzle piece that hackers could use to access your online accounts.

Set up two-step verification

At Name.com we offer the free option to provide further security to your account through two-step verification. When enabled, two-step verification requires a numerical code generated on your smartphone or mobile device in addition to your normal username and password each time you log into your account.

Secure your email account

Email is the primary way we communicate with you about your domains and web services—including security communications like links to reset your password—so it’s important to keep it safe from would-be hackers. Choosing a strong password for your email account, and not sharing it with anyone, can help keep your email secure. Email services like Gmail also offer two-step verification to further secure your account.

Switch up your passwords

Yes, I know that it’s hard to remember a bunch of different passwords, but using the same password for every account you have on the internet is a recipe for disaster. Maybe it’s not the end of the world if someone hacks your Twitter account and posts a bunch of spam—but what if they use that same password to access your email or Name.com account? Clearly, that’s a little more serious and can lead to far more damage.

While these precautions aren’t fail safe, they can vastly decrease the chances of your account being hacked and your domains stolen.

What happens if your domain is hijacked?

If any of these measures fail, and your domain is hijacked, alert your registrar immediately. If a hijacker manages to transfer your domain to a different registrar, there are more complications—especially if the domain was transferred in compliance with ICANN policy. At this point you’ll need to reach out to the other registrar and see if they are willing to transfer the domain back into your possession. If they don’t, you and your registrar will need to follow ICANN procedures to begin the domain recovery process. For more information about reporting domain hijacking, take a look at Rightside’s Guide to Reporting Domain Name Abuse.