On occasion, I blog about security issues and phishing attempts that I spot or that are reported by domain name registrars. For instance, yesterday I wrote about Namecheap’s urgent warning, a week ago I wrote about a Register.com phishing email, and a while back I wrote about a GoDaddy phishing email. Security is important for all, and I think it is especially important for those whose valuable assets are online.
I think that most domain name owners believe their accounts are secure and are probably immune from theft. Most domain investors wisely take extra precautions with their domain names, securing their email accounts and domain registrar accounts with 2 factor authentication and other security functionality. I also think this may be a false sense of security, and being overcautious is wise.
Even if you don’t do business with a company that announces a security issue or has customers that are being targeted by various hacking attempts, it is important that you are aware of the risks. With a wide variety of security issues that exist and are created, the primary concern for domain investors is most likely domain name theft.
I will assume that most active domain name investors frequently buy domain names on the aftermarket. Hopefully due diligence is performed prior to buying a domain name, but some people are more thorough than others. If a domain name turns out to be stolen, the buyer could end up losing money if the domain name is returned by the registrar or via the legal system. Additionally, the person from whom the domain name was stolen may litigate, potentially tying up the domain name and the buyer’s ability to do something with it.
Regardless of where a domain name is purchased, due diligence should be performed to ensure a domain name is not stolen. Unfortunately, there are many ways a thief can make a domain sale look legitimate: public auction, broker representation, or resale to a less savvy investor who sells it again. I am sure there are other ways to do this. The point is that we all need to be vigilant, and that starts at being aware of security issues that arise, even if they don’t directly impact us when announced.