Domain Hijacking Prevention.
Domain hijacking is actually is a part of identity theft. A hacker uses your e-mail for requesting to transfer the domain under his name. Then he can control the domain to show his desired files, or to direct it to some not suitable content and image website to humiliate you. Or may direct it to some web sites which may sell products to your visitors who are coming to visit your page, this is possible if your web site is having a good number of visitors. Thus they may blackmail you to pay a ransom to them or will keep hiding to sell it to some one else.
Not all hackers are trying to steal your domain. Domain hijacking is done by some people who have got good knowledge of domain registration and transfer. To avoid this, when you are registering a domain name you must take care of some important things. Don't use free e-mails which do not have good security for your account. Keep passwords with alphabets and numerals and make it strong. Don't access your accounts from public computers.
Always type URL in the address bar, don't follow links to login accounts as the hacker may have a trap for you to sign in his web site which will look alike the original website where you have accounts.
Use domain Lock in the control panel. Set alerts to be sent to your e-mail if there is any transfer request.
Select register who don't immediately accept transfers keep in pending action.
Regularly check the WHOIS of your domains. If your domain register is a good one, then they will send you time to time e-mails to check the WHOIS information of your domains.
Also read the information below that is provided by the ICANN about the domain safety.
Steps Registrants Can Take to Protect Domain Names A registrant can reduce the risk of losing a domain name by taking measures to his registration information and name holder status. The following measures are to be taken today. Awareness campaigns will increase registrant understanding opportunities and services.
To protect against unintended loss or hijacking of a domain name, a registrant should
- Keep domain name registration records accurate and current.
- Keep registrant account information (username, password, or other credentials) private, secure, and recoverable.
- Only grant registration account access and change control to parties in the registrant’s organization whose role(s) involve domain name administration.
- Choose a registrar with hours of operation that match the needs of the registrant.
- Keep current and accurate registrar business and emergency contact information.
- Be familiar with and incorporate urgent restoration of domain name and DNS configuration procedures as part of business continuity policy and planning.
- Investigate whether business interruption and losses related to a registration configuration incident are covered by insurance policies.
- Request that domain names be placed on Registrar-Lock.
- If a registrant’s sponsoring registrar uses EPP, the registrant should use a unique auth Info code for each domain name registered.
- Request that the losing registrar contact the registrant when a transfer request received using a contact point separate from that used by the gaining registrar.
- Routinely check the WHOIS service to check if a domain name is under Registrar-Lock. Note however that this information can be as much as 24 hours out-of-compared to the Registrar-Lock status in the registry.
- Routinely check domain name information to ensure that no unauthorized changes have been made to the contact information. This check can be automated using scripting tools and commercially available software. More frequent queries timeliness of detection and thus reduce the level of risk that a change will go unnoticed.
- Consult with the sponsoring registrar to establish appropriate (and possibly authentication processes for removing a transfer lock or changing a domain configuration. (We note that such added safeguards may delay or increase the Report: Domain Name Hijacking difficulty of transferring names, but this is exactly the relationship some registrants may want with a registrar.)
- Choose a registrar who issues a transfer pending notification as its standard practice. Registrants seeking to further reduce risk should:
- Choose a registrar who will notify the registrant using contact methods in addition to (and in parallel with) standard e-mail notices.
- Specify the contact methods that must be used (e.g., any or all contacts in the registration record, including, email, telephone, messaging and paging services, fax, etc.)
Some of these services are likely to be offered by registrars as part of a basic service. Registrants that place a high value on their domain names may be willing to pay a premium for enhanced protection of registration and DNS configuration, including automated monitoring services.