The 10 Hottest Trends in Online Marketing Featured Customer: AnniesCostumes.com Jupitermedia'S Search Engine Strategies Conference & Expo

Sex, Theft and Bankruptcy

Ten Steps to protect your domain from theft and unauthorized changes

By Monte Cahn, CEO Moniker.com

When it comes to domain name theft, no domain name has captured more media attention than sex.com. Of course, disputes about sex often obtain a great deal of attention, and the sex.com domain name dispute produced its share of headlines because the case involved sex, theft, declared bankruptcy, a once-thriving Internet porn business, and fraud, instead of the typical cybersquatting allegations. Indeed, this case was remarkable for its impact on the development of case law concerning whether there is a valid basis to assume that trademark interests should overwhelm all non-commercial interests in the use of domain names. The answer was no, but the case law to support that answer is in tension with cases that strongly imply a contrary conclusion.

There is abundant evidence that there are inadequate procedures in place to ward off domain name theft. Web bandits steal domain names by presenting fake requests to domain name registrars, who, upon receiving the request, transfer the domain name registration over to the individual named on the form or calling for the domain. Acting quickly, web bandits attempt to sell domain names to unsuspecting third parties or divert traffic through Pay Per Click (PPC) channels. This scam works for two reasons: [1] some domain names have definite upward value in the secondary market, and [2] many domain name registrars do not have adequate security measures in place to preclude most domain name thefts. What is more, registrars occasionally compound the serious effects of domain name theft by engaging in their own suspicious advertising and misleading marketing strategies that appears to mimic the former practice of long distance telephone service providers who illegally slammed (stole) customers from one company to enroll the customer elsewhere.

The sex.com case illustrates how easy it can be to steal a domain name. Undoubtedly, you are familiar with the facts of this case, but a few salient points include: Stephen Cohen, it is alleged, stole Gary Kremen's domain name, sex.com, simply by submitting a fake transfer letter to domain registrar Network Solutions with a forged signature. Since most ICANN-approved registrars respond to domain name transfers in an automation-like fashion, Stephen Cohen, a convicted felon, was able to con Network Solutions (NSI was just sold by VeriSign for $60M in cash – $21 Billion less than what they purchased the company for just 2 years ago) and to steal a domain name that by some accounts could be worth more than any domain name sold to date.

I would argue that each of our domain names is as valuable to each of us as sex.com is to Mr. Kremen.   So what standard of care do registrar's (and/or registries) owe registrants in thwarting attempts at domain name theft? In part, this is a question of Internet governance, and ICANN should fulfill its role by providing guidance in its registrar agreements, and in issuing notices to registrants or by posting ground rules on its website. And registrars should do all that is necessary to prevent incidents of domain theft and unauthorized changes to contact records and/or DNS.

ICANN was not around in 1995, but it has not insisted that registrars prove that they have systems and procedures in place to avoid domain name thefts. Indeed, domain name thefts have steadily increased since 1995. The registrar namespace is competitive due to one of ICANN's success stories; ICANN has also made progress toward its initial expansion of the Top-level domain name space. With a number of businesses newly operating in the names-space, it is increasingly important for ICANN and individual registrars to focus on what systems and policies must be in place to deter the theft of domain names and domain name services.

At Moniker.com, we take pride in protecting your domain assets.   Along with our superior support efforts, we place a special emphasis on security.   We have put into place several safety measures, policies, and processes to protect your domains and as a result, we have not lost a domain to domain theft since our inception!   Although there are many actions that one can take, we feel that listed below are some of the more important ones to make sure you and your registrar have in place:

1. Make sure that your domains are always locked at your registrar.   This lock should show up when looking up your domain in WhoIS or at the registry.   An example of how this should be displayed is:

Domain Name: MONIKER.COM
Registrar: MONIKER ONLINE SERVICES, INC.
Whois Server: whois.moniker.com
Referral URL: http://www.moniker.com
Name Server: NS1.MONIKER.COM
Name Server: NS2.MONIKER.COM
Status: REGISTRAR-LOCK

1. Make sure that you protect your admin email and only allow access to those you trust.   If you change personnel, make sure you update who should be in charge of your domain name from an administrative stand point.   Make sure they are competent and understand the value of protecting your intellectual property.
2. Make sure that your account information is correct and accurate in your account at all times including using a valid email
3. Send an email to support@moniker.com from the admin email of record to authorize a transfer out.   Registrars should not allow transfer requests unless they receive an email from the admin email of record.   Then they should provide administrative review and approval of domain transfer requests based on confirmation of the transfer out request.
4. Always protect your email from hijacking.   The best way is to secure a personal domain to use as your email – example monte@moniker.com (moniker.com is the domain we secured to use as our email).   Using publicly available email such as AOL, Mindspring, Hotmail, etc. are more susceptible to hijacking and theft than a domain that you own and use as your email address.
5. Cover your domains in all available top level extensions such as .biz, .info, .org, and .net.   This will make it less likely for others to divert traffic from your domains or offer confusingly similar products, services, or information.
6. Also cover your domain name spelling variations as well as misspellings of your domains.
7. Safeguard your passwords and change your passwords on a regular basis.
8. Protect your domain name and brand identity by registering a trademark.   Go to www.uspto.gov for more information on how to check and register trademarks and copyrights around you content and ideas.
9. Renew and register your domain names for multiple years.   You can register and renew your domains up to 10 years.   This reduces the chance of losing your domain as a result of expiration.

Moniker is the only registrar that takes the following steps to protect your domains:

1. We lock domains at the registrar and at the Registry
2. We set all accounts to “HIGH SECURITY” which requires email verification for most critical changes such as DNS, Registrant Changes, and Transfers.
3. Many registrars have an auto Ack policy which allows transfers to occur within 5 days of being requested if there is no response from you as the registrant.   Moniker is one of a few registrars that have an auto NACK policy which denies these requests unless specifically authorized by the registrant.
4. Moniker.com is the only registrar that has executive review of every transfer out request by at least 3 employees including an officer of the company in an effort to verify the validity of such requests.
5. Personal contact is made to each registrant if there are any questions about the legitimacy of the request.

If you have any questions about domain security, please do not hesitate to call Moniker customer service at 1(800) 841-7686.

Do you know someone who would be interested in this publication?

Increase your site ranking on Google, Yahoo and other search engines Create a reciprocal link with Moniker

Home  |  About Us  |  Contact Us  |  News  |  Web Hosting  |  Sell Domains  |  Search Domains © 2003, DomaiNewz - 1.800.841.7686 - info@moniker.com