SPECIAL REPORT: How to protect your domain name from hijackers, porn pirates, and your registrar.

Is your domain really safe? If you are not prepared, there are a number of common mistakes which can result in the permanent loss of your domain. Owners of multiple domain names are particularly at risk. This article explains the most common ways that domains are lost and gives specific advice on how to safeguard your names.

As a domain owner, you should be aware of and protect yourself against the following three scenarios..

1. Inadvertent domain expiration: The owner does not renew the name in time and it is snatched up by a domain speculator. This is often caused by failure to receive renewal notices because of out of date contact information.

Most registrars no longer send out renewal notices via postal mail. This means that if your e-mail address is out of date, you will not receive renewal notices. This problem is further compounded by your registrar's inability to warn you that your domain is about to be deleted.

Once deleted, domains are commonly snatched up within seconds by speculators running automated programs. Some speculators offer to sell them back to the original owners for greatly inflated prices, others point the domain to a money making web site hoping to capitalize on the domain's traffic. This is one of the reasons that so many expired domain names now point to pornographic web sites. [PC World: Porn Sites Hijack Expired Domains, ABC News: Taken over by Porn, Wired News: Sites Forlorn When Reborn as Porn]

2. Domain hijacking or theft: A domain hijacker effectively 'steals' the domain by submitting a fraudulent registrar transfer request and tricking an unsophisticated domain owner or registrar into giving them control of the name.

Once the hijacker has control of the name, they will usually assume ownership of the domain and start redirecting it to their own web sites. It is also quite common for hijackers to ransom off domain names and redirect traffic to explicit web sites (both for profit and shock value).

At this point, legal options can be expensive and time consuming. Since the domain has been transferred away from the domain owner's original registrar, this registrar is often powerless in assisting. Domain hijackers are aware of this and commonly transfer domains to countries far away from the original owner - making legal recourse cost prohibitive.

3. Inaccurate contact information: Did you know that your name can be cancelled if your domain information is not accurate and you fail to respond to a registrar's inquiries within fifteen days? (Section of ICANN's Registrar Accreditation Agreement). In the past, this section was seldom enforced, however as of October 2003, ICANN is requiring all registrars to contact their customers on a yearly basis to verify domain information.

It is too soon to tell how aggressively this section will now be enforced, however if your information has changed and you have not taken the time to update it, your domains may be at risk of being deleted.

How to protect yourself...

1. Keep track of your domain names' expiration dates and keep your contact information up to date: Most inadvertent domain expirations and many fraudulent transfers are due to out of date contact information.

If you have more than one domain, consider consolidating your names with a registrar who offers domain portfolio management features. This will allow you to use one master account to see all of your domain names (and their expiration dates) at a glance, as well as make changes to all of your domains at once. Some registrars are now offering free options such as automatic expiration date tracking and auto-renewal as additional safeguards. Before consolidating, be sure to read our free report on domain consolidation.

2. Be careful who is listed in your contact information. You or your organization should always be listed as the organization and administrative contact.

When registering corporate domain names, make sure that the company name is listed as the owner of the domain. Do not allow an outside web site designer or host to be listed as either the domain owner or administrative contact. If possible, the business owner or a senior executive should be listed as administrative contact since this person will be authorized to modify or change ownership of company domain names.

3. Be careful when using free e-mail addresses from services like Hotmail. Many free e-mail services will automatically suspend or delete your e-mail account if you do not log in frequently enough. Once your e-mail account is deleted, a domain hijacker can sign up for your same e-mail address and use it to give permission to transfer your domains away from you.

If possible, avoid using a free e-mail address on your domain records. If you are using a Hotmail account, you may want to consider paying to upgrade your account to exempt you from their 30 day inactivity policy.

4. Place a registrar lock on your domain. This will lock your domain record at the registry level and prevent it from being transferred, modified or deleted by a third party. This feature is very helpful in protecting your name against unauthorized transfers and hijacking.

If your registrar does not offer this feature, consider transferring your domains to one who does. Since a 'registrar lock' can also make it more difficult for you to transfer away from a registrar, you should look for a registrar that gives you the ability to automatically unlock your domain names at any time without having to call or e-mail them.

5. Do not reply (or click on any links) in any domain related e-mail correspondence you do not recognize. Also be careful not to reply to any 'official looking' renewal notices you receive in the mail from companies you do not recognize. Domain hijackers and unscrupulous registrars have been known to submit mass amounts of transfers hoping that a small percentage of confused registrants will accidentally confirm the transfers. When in doubt, contact your original registrar to verify any suspicious messages.

6. Add your registrar's domain name to your spam filter's approved sender list. If you (or your ISP) are using a spam blocking service, you run the risk of not receiving domain renewal notices from your registrar if they are incorrectly categorized. You can prevent this from occuring by adding your registrar to your list of 'approved senders'. This will automatically bypass any filtering and ensure that all renewal notices make it straight to your inbox.

7. Consider renewing your domain name early and for a longer amount of time. If your domain name is critical to your business and is one you will want for years to come, consider renewing your domain registration in five year increments. This will avoid yearly registration hassles and prevent your domain from accidentally expiring.


There are a number of common mistakes which cause domains to expire, be hijacked or deleted. However, being aware of these mistakes and taking the proper precautions can greatly increase the security of your domain names. Most importantly, keep your domain information up to date and consider consolidating your names with a registrar that provides the tools you need to securely manage and protect your domain names.

Who do we recommend? We have been recommending Register.com for several years and were pleased to see that they have recently added some of the best domain management features that we have come across.

We are particularly impressed with their Name Portfolio Management features which include an automatic 'registrar lock' default and the ability to view combined domain name reports sorted by expiration date - very helpful when viewing large lists of domains at a glance. Also noteworthy is their precise global editing control over contact info, DNS servers and renewal and registrar lock settings. This allows you to make changes to all (or a specific list) of your domains at once.

Special discount for BetterWhois visitors:  Register.com currently charges $35 a year for domain transfers via their retail site, however due to our high volume, we have secured a discounted rate of $15 which is available to all BetterWhois visitors via the following link:


If you found this article helpful, you might also be interested in....

Special Report: Have you consolidated your domains yet?

Special Report: How to protect your domain from cybersquatters

 Please contribute your feedback...

Article: How to protect your domain names from hijackers, porn pirates, and your registrar.

Please rate the usefulness of this article:

Any suggestions or comments?  Please let us know...


Copyright 2009
BetterWhois.com, Inc.
4410 Massachusetts Ave NW
Washington DC 20016