Posted to Ben Finklea's blog on February 27th, 2007

Protect your Domain from Hijackers & Hackers

Recently a company here in Austin posted a frantic email to a newsgroup that I belong to: The domain name for my soon to be launched startup has been hijacked. Godaddy, the registrar, says that my contact info on the domain (which DID NOT expire) was incorrect so they sent email to the wrong contact info and since it didn't get answered, they gave my domain to someone else who is hiding their contact info. This kind of thing happens all the time! Your domain name is your identity online. If you've invested in online marketing and then you lose your domain, your investment is washed down the drain. Take these steps to protect your domain:

  1. Lock your domain. Most domain registrars will let you "lock" your domain against transfers. This means that no one can transfer the domain to another registrar which is one of the top ways that domains get hijacked. You can always "unlock" it to make a transfer later if you need to. It's not foolproof but it's simple and effective.
  2. Use anonymous registration. To register a domain you must provide administrative contact information. By making this private you can reduce the risk of hijackers using this information to pull off a hijack.
  3. Trademark your domain name. If you do get hijacked but you own the trademark for your domain then you will have a much easier time getting it back.
  4. Set up an alternative email address. If you do get hijacked you will lose your email address for awhile. Make sure that at least one of the contacts on your domain registration uses an alternate email address (like gmail or yahoo). That way, you can still respond to inquiries about the domain.
  5. Don't rely on an email from your registrar to remind you to renew your domain. It is YOUR responsibility to keep your domain name registered and up to date! Set a reminder in your calendar a couple of months in advance of the expiration date. And, if it's a mission-critical domain name, go ahead and renew for the maximum allowed time - usually 10 years. That's a lot of peace-of-mind for less than $100.

While you can't completely protect yourself, these tactics will at least make it harder for someone to do you harm and easier to get your domain back if they do.