Losing control of your business domain name can happen in several ways.
If you’ve forgotten to renew it before the expiry date, there is a grace period during which you can renew. However, if you don’t, someone else can acquire it.
Cyber criminals often send fake emails pretending to be from your registrar, telling you it is time to log in and renew. If you enter your credentials via a fake link, they will then use your credentials at the genuine registrar’s site to change the registration to themselves. If you can, lock your domain name, so that it can’t be moved without your explicit permission using multi-factor authentication.
And there is a risk that someone may be able to guess your password without a phishing email, especially if you’ve reused the password somewhere else, and that has been leaked. Make your passwords strong.
However the takeover of your domain name has happened, you may be able to reclaim it via your registrar; but this will inevitably take time.
Losing your domain name can be catastrophic. Your customers can’t find your business, and—depending on what the new owner does—may end up as victims of fraud if they visit while you don’t control whatever is there.
How to protect your domain name
There are several things you can do to protect your domain name:
- Use a strong password for your account at your registrar
- Use multi-factor authentication if it is offered
- Lock it, so it can’t easily be transferred away
- Set auto-renew on, so that renewal doesn’t fall off your to-do list
- Renew for as long a period as you can afford
- Remind your staff about the risks of phishing emails—and use this as an example.
Need more information or advice on information security for your business? Contact us on 0113 733 6230, or use our contact form.