Phone: 0488 406 050

How domain hijacking can CRIPPLE your website

A few years back, a client of Tropical Coast Web Design went through the unfortunate experience of having their .com.au domain name “stolen” from underneath their feet.

Whilst the domain “hijacking” was done through legitimate means, the registrant who acquired it had no right to the name itself and it caused disruption as my client’s customers could not access their website for many weeks.

Domain Hijacking sounds like a criminal activity but the actual definition can go both ways.

Wikipedia describes Domain Hijacking as “the act of changing the registration of a domain name without the permission of its original registrant, or by abuse of privileges on domain hosting and registrar software systems, a cybercrime.”

In the case of our client, their domain name had simply lapsed in payment. In Australia, lack of payment doesn’t mean that the name is immediately available for anyone to buy. Even after the due payment for renewal has passed, the business still has 14 days to “pay up” and reacquire their .com.au domain name.

During this 14-day period though, the domain name will appear on the Australian Domain Authority’s (AudA) website as pending expiry and this is where those dubious businesses can swoop it and attempt a hijack. They can set up a domain backorder account through legit means such as GoDaddy and CrazyDomains.  If the payment isn’t forthcoming from the original registrant, the backorder will immediately purchase the domain as soon as it becomes available.

What can you do?

Fortunately, in Australia, our .com.au domains are protected to a certain degree. To register a particular domain, it must have a clear or exact link to the business who is registering it. For example, Tropical Coast Web Design, who specialise in website design, cannot register a domain name for deckfurniture.com.au – it has nothing to do with our business and, if picked up by the AuDA, we would receive a rap over the knuckles and lose the name with no refund.

It’s important to note that this does not apply to regular .com domain names – that is why it is so important to register the Australian .com.au domains.

In the case of my client, the domain name was taken and used by a business not related to anything in the domain name itself. At my suggestion, my client quickly contacted the AuDA about the hijacking issue, a brief investigation was undertaken and the domain was released for re-purchase. Tropical Coast Web Design purchased the domain back on behalf of our client and we were back in business.

The downside was that their business website was out of action for over a month – a long time, especially if you are an online retailer.

To prevent your domain name being taken, be sure that you have automatic payment renewal set up through your domain register and credit card details are current and not likely to expire soon. Your domain register will email you in advance when renewal is upcoming so also check that your registered email address is correct.

Tropical Coast Web Design can register domain names on behalf of clients and take care of any automated payments ensuring that domains remain in the hands of their rightful owners.

Domain Hijacking is not the end of the world. If you do have a legitimate claim to the domain name – get in touch with the AuDa and they will investigate the issue on your behalf.

But as always, an ounce of prevention is worth a pound of cure.

Tropical Coast Web Design