Domain hijacking (or domain theft or domain name hijacking) is where a person changes the registration of a domain name without the permission of the legal registrant. It is generally done by exploiting a vulnerability in the domain name registration system. When a domain hijacking takes place, the website is usually redirected to another website, or the website is taken down.

Domain Theft

Domain theft is an aggressive form of domain hijacking that usually involves an illegal act. In most cases, identity theft is used to trick the domain registrar into allowing the hijacker to change the registration information to steal control of a domain from the legitimate owner. There are a number of different types of domain theft:

  • Impersonation of a domain name registrant in correspondence with a domain name registrar;
  • Forgery of a registrant’s account information maintained by a registrar;
  • Forgery of a transfer authorisation communication from a registrant to a registrar; and
  • Impersonation or a fraudulent act that leads to the unauthorised transfer of a domain name from a rightful name holder to another party.

Domain Hijacking for .com.au domains

AusRegistry, the registry database and name server system for the .au namespace, has a security measure called .auLOCKDOWN which allows .au domain name owners to lock their domain name records and prevent unauthorised changes. This measure permits only authorised individuals who are verified are permitted to alter domain name records.

Reverse Domain Hijacking

Reverse domain name hijacking (also known as reverse cybersquatting), takes place where a registered trade mark owner attempts to secure a domain name by making false cybersquatting claims against a domain name’s rightful registrant.

How to Prevent Domain Hijacking

The Internet Corporation for Assigned Names and Numbers (ICANN) prevents domains from being hijacked by imposing a sixty day waiting period between a change in registration information. There is also a requirement of an authorisation code issued by the domain registrant to be given to a new domain transferor to successfully transfer a domain against unauthorised transfers. Changing an email password often for your domain registrar and ensuring it is secure is a key step in preventing domain hijacking. It is important to also secure the email account associated with your domain name or business name registrant account. Purchasing WHOIS protection when registering your domain name is recommended to ensure your email address is not viewable publicly.

Conclusion

LegalVision can assist you with any questions you may have about your domain name or intellectual property protection. LegalVision has a team of great lawyers who can assist you in any domain name disputes. Please call our office on 1300 544 755 and our Client Care team will happily provide you with an obligation-free consultation and a fixed-fee quote.

 

Anthony Lieu

Next Steps

If you would like further information on any of the topics mentioned in this article, please get in touch using the form on this page.