Due Diligence Before Buying a Domain Name

If you’re a domain investor, it’s likely that you’ve either been offered a stolen domain name or seen one advertised for sale, whether you knew it was stolen or not. Buying a stolen domain name can cost the buyer quite a bit of money (once the name is recovered) and it could hurt his reputation if he sells it.

In my opinion, it’s the buyer’s responsibility if he buys a stolen domain name, and all buyers should perform due diligence on a domain name before making the acquisition or risk losing his investment and domain name. Just like with physical property, if a purchase is found to be stolen, the person in possession of it will probably lose it and will likely not see his funds returned (I am sure there are cases where this isn’t true – especially when something is bought in good faith, but it’s an assumption).

There are a lot of seemingly obvious clues that can be seen when a stolen domain name is offered, including ridiculously low price, top domain name offered by a new member of a forum without any previous feedback, or someone emailing you in private with a too good to be true offer. While not all of these necessarily mean a domain name is stolen, they are clues that a buyer should note and should set off red flags.

A buyer should use the Whois History tool offered by DomainTools to see if there are any suspicious changes in the Whois data. For example, if a Whois record seems to remain the same for 10 years and the most recent change notes a simple email address update while the rest of the record is the same, that is a big red flag.

A couple of years ago, I was emailed by someone offering a pretty good domain name at a great price that looked to be owned by a lady in New York, although the contact email had recently changed. I was able to get in touch with the lady shortly after domain investor Richard Lau had already done the same, and she was able to recover her domain name by contacting the registrar. Had I not done due diligence, I could have bought this name, which surely would have been taken from my account and given back to the rightful owner once they determined that it had been pilfered from her account.

Due diligence is especially critical when you are purchasing intangible property like domain names.

Elliot Silver
Elliot Silver
About The Author: Elliot Silver is an Internet entrepreneur and publisher of DomainInvesting.com. Elliot is also the founder and President of Top Notch Domains, LLC, a company that has closed eight figures in deals. Please read the DomainInvesting.com Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest. Reach out to Elliot: Twitter | Facebook | LinkedIn


  1. Due dilligence should be used also when researching domains that may have been used by spammers and are now blacklisted in the major search engines. Rendering your time and effort useless.

  2. I received an email from Sedo about 2 months ago notifying me that a domain name I had previously submitted an offer on was in auction again. The name had since been sold for a fairly high sum, but was suddenly being offered again in Sedo auction with a reserve of just $2000. I was initially pretty excited and going to jump in.

    Then I thought better and contacted the owner directly (whom I had communicated with a year ago) as something seemed suspicious, i.e. why would someone who paid 5 figures for a domain name turn around and list it for auction with a reserve of only $2000. Sure enough, he was shocked and discovered that his prized domain had been stolen. The culprit that stole it apparently pushed it quickly to Sedo auction. The owner informed Sedo and a day later, they removed it. It took him about 6 weeks to get the domain returned to his account.

    So if it sounds too good to be true, be sure to check it out very carefully. Not only do we risk losing money, but the TIME that is wasted trying to recapture a stolen domain is terribly costly.

    • @ Mircea

      Stolen registrar account password, hijacked email account leading to a thief logging into the attached registrar account and taking domain names, buying expired domain name that is attached to Whois records for other domain names and pretending to be the owner…etc

  3. You can use domain tools, but be prepared to pay a nice sum of money if you want a more detailed report. I would suggest having Sedo broker the deal to ensure that all legal aspects are covered. 

    I wouldn’t buy a name from a private party unless I’ve done business with them in the past. 

    No use doing all that research and spending a ton of time and money, and the domain happens to be stolen. 

    Use Sedo to facilitate the deal. Maybe look into some type of buyer’s insurance offered in case of a bad deal. 

    Many financial institutions don’t cover electonic purchases such as domains, even if they’re stolen.    

  4. Received an offer today via email to buy MesotheliomaLawyers.com for $100. More thieves at work obviously. In a perfect world, one could quickly & easily trace the physical location of such emails.

  5. That an obvious hack. That domain is worth a fortune. $50-100k. Mesotheliomalawsuit.org sold for $10K a few weeks ago. I think that domain is worth more than trademarklawyer.com.

    The cost per click mesothelioma is very high – $24+. I own a few .org mesothelioma domains that I plan to monetize in the near future.

    I would ignore any offers that are ridiculous. They could have at least asked $10K-20K for the domain. It’s like asking $100 for a BMW.

  6. @ N Menuis

    You own a nice website. Very clean. I really like the .us domains. I have an extensive inventory in a few popular fields. I just completed a deal; sold a real nice .us job domain.

    There are many keywords that pair together nicely with the .us. Great site. Good luck on pushing the premium domains.


Please enter your comment!
Please enter your name here

Recent Posts

Fred Hsu Offers Tips on Domain Name Security

According to Coin Telegraph, there has reportedly been a security incident involving domain names at Squarespace. "Multiple decentralized finance (DeFi) apps were targeted in...

Registrar Where My Last 10 Afternic Sales Landed

After I sell a domain name, I don't pay much attention to it. Occasionally, I will look to see how it is being used,...

DomainLeads Integrated into Dropping.pro Email

One of the paid tools I use daily is the Dropping.pro email alerts. I created 3 alert emails with different parameters, and each morning,...

Sedo Reports Record Breaking .Game Sale

As of this morning, the largest domain name sale in the .Game extension recorded by Namebio was the $40,888 sale of A.Game. That domain...

When the Best Prospect Goes Under

It feels pretty good when a startup founder wants to buy your domain name. I know the domain name can probably incrementally help the...