Domain hijacking

From Wikipedia, the free encyclopedia

This article needs additional citations for verification.
Please help improve this article by adding reliable references. Unsourced material may be challenged and removed. (September 2007)

Domain hijacking is the process by which internet domain names are stolen from the rightful registrant.

Many people confuse domain hijacking with the reregistration of an expired domain by a new party. One is a legal process and one is not. Domain hijacking is theft, while if a name owner does not renew a name he or she is no longer the owner and it is available for someone else to register.

1 Domain theft
2 Prevention
3 See also
4 References

[edit] Domain theft

Domain theft is an aggressive form of domain hijacking that usually involves an illegal act. In most cases, identity theft is used to trick the domain registrar into allowing the hijacker to change the registration information to steal control of a domain from the legitimate owner.

Some registrars are quick to set things right when these cases are discovered. However, it is well documented that some registrars will admit no fault in accepting the forged credentials and will refuse to correct the record until forced by legal action. In many of these cases, justice is not done and the hijacker retains control of the domain. The victims of such theft often do not have the resources or willingness to invest the effort necessary to regain control of their domain, which may require a lawsuit or a lengthy and time-consuming arbitration process, especially if the hijacker and victim are in different countries. Hackers that have hijacked a domain can do anything with that name, including putting up their own website or redirecting those who visit the address to another site.

[edit] Prevention

Extensible Provisioning Protocol is used for many TLD registries, and uses an authorization code issued exclusively to the domain registrant as a security measure to prevent unauthorized transfers.