Frequently Asked Question

Domain Theft
Last Updated 6 years ago

Domain Theft is a term which describes a process by which a domain name is transferred to a third party without the legal registrant's permission. This should of course never happen, but the domain name system is notably weak when it comes to authentication and simply relies on email accounts rather than something more substantial. Not only is domain theft a recurrent theme but resolving the situation is a lengthly and differcult process.

So, how can someone steal a domain name

Well its simple actually, to use electronic methods firstly gain access to the any of the contact email's, then request a password reset which is intercepted. The password is reset and access to the domain management platform is gained. From there, an auth code can be generated and utilised to migrate the domain to another service provider, and registrant/contacts changed.

Or, you can create a letterhead, send it to the registrar and suggest that you've lost access to your email. This isn't always successful but we hear of plenty of times it is especially when the website is hijacked and contact phone numbers changed (which is the default verification method).

How we do our best to prevent this

  • When a domain name is registered, we either show our information or where possible that of the whois privacy provider which prevents fraudsters from discovering the email account they need to compromise.
  • We enable domain locking for all domains where locking is possible. Whilst this doesn't prevent domain theft it certainly slows it down.
  • We operate our helpdesk 24/7 so there's always someone to see 'suspect' email's and deal with them.
  • We use paper, verify registrants and applicants both via email AND via telephone to ensure both registrant and applicant are aware of any changes.

Since implementing these countermeasures we are reassured that none of our managed customers have been victims of domain theft.

Please Wait!

Please wait... it will take a second!