toggle accessibility mode

Domain Name Theft: Do You Know What it Is?

By John DiGiacomo


In recent years, a new form of crime has been emerging, leaving both law enforcement and the judicial system as a whole at a loss for how to approach it and what they can do to prevent it. Domain name theft, otherwise known as domain name hijacking, is the “wrongful taking of control of a domain name from the rightful name holder.” Domain name theft is the result of someone committing fraud, misrepresentation, or impersonation of the actual domain name registrant.

ICANN, the Internet Corporation for Assigned Names and Numbers, published a report in 2005 which analyzed the concept of hijacking and looked at the impact domain name theft is having on original registrants.

Domain name theft can have a detrimental effect on both the finances and the reputation of the affected business. Some of the challenges created by this theft include:

  • Loss of revenue
  • Denial and theft of email
  • Unauthorized disclosure of personal information
  • Damage to registrant’s personal and business reputation

Domain registrars, such as GoDaddy and, are often unable to do anything to help their clients. This is largely due to the three most common ways domain name theft occurs:

  1. The hijacker gains access to your email and requests a transfer of the URL from one registrar to another, making it look like you authorized it. This can also include “phishing”, where a fake email is sent to the registrant asking for personal information, which the hijacker will then use to gain access to the account and transfer the domain name.
  2. If the registrant accidently misses renewing their ownership of the URL, an individual can come in and purchase the website.
  3. The fraudulent purchase of domain names. In this case the hijacker will contact the registrant directly and offer to purchase the domain name for an appealing price. After the registrant agrees, the hijacker explains they will pay once the domain name has been transferred, and then never pay.

In cases one and two, the theft appears as a legitimate transaction to the registrar, leaving them with questions as to who the proper owner is and increasing the challenges with returning the domain name to its rightful owner. In the third situation, because the domain name is often transferred to a different registrar, there is little the original registrar can do.

The selling of domain names can be quite a lucrative business; short URLs can be sold for tens of thousands of dollars, if not more, creating a large incentive for hijackers and theft of this “property.” As one example, Facebook is reported to have purchased for approximately $8.4 million in 2010.

In September 2014, the Huffington Post covered a story of an individual whose business was completely based online. After his domain name was stolen, he lost a high volume of revenue and over a year later, still did not have his domain name returned to him. His last estimate showed his domain name to be worth $47,000 – money he had hoped to put towards retirement one day.

So, how do you prevent yourself from falling victim to this crime? Consider looking into domain name privacy protection and the use of two-factor authentication to ensure you have the best possible protection available.

For more information about domain name theft and what you can do if you have been a victim of it, contact Revision Legal’s Internet attorneys here or call 855-473-8474.

Put Revision Legal on your side