Domain hijacking

Domain hijacking

Domain hijacking or domain theft is the process by which registration of a currently registered domain name is transferred without the permission of its original registrant, generally by exploiting a vulnerability in the domain name registration system or through social engineering.

Contents

Description

Domain names expire after a fixed period of time and become available to the public. If their original owner allows them to expire even momentarily, they may be immediately purchased by another party. Although this may be frustrating for a domain owner who is slow to renew, generally the new purchaser is not considered liable in this scenario and the original owner has no recourse.

The most common tactic used by a domain hijacker is to use acquired personal information about the actual domain owner to impersonate them and persuade the domain registrar to modify the registration information and/or transfer the domain to another registrar, a form of identity theft. Once this has been done, the hijacker has full control of the domain and can use it or sell it to a third party. This can be financially devastating to the original domain name holder, who may have derived commercial income from a website hosted at the domain or conducted business through that domain's e-mail accounts. Additionally, the hijacker can use the domain name to facilitate illegal activity such as phishing, where a website is replaced by an identical website that records private information such as log-in passwords.

Responses to discovered hijackings vary; sometimes the registration information can be returned to its original state by the current registrar, but this may be more difficult if the domain name was transferred to another registrar, particularly if that registrar resides in another country. In some cases the original domain owner is not able to regain control over the domain.

The legal status of domain hijacking remains unclear. It is analogous with theft, in that the original owner is deprived of the benefits of the domain, but theft traditionally regards concrete goods such as jewelry and electronics, whereas domain name ownership is stored only in the digital state of the domain name registry, a network of computers. There are no specific laws regarding domain hijacking, nor any law that specifically holds the domain name registrar responsible for allowing the registrant information to be modified without the permission of the original registrant. In some cases there may be recourse under trademark law, but not all domain names are (or can be) registered as trademarks.

Prevention

ICANN imposes a 60-day waiting period between a change in registration information and a transfer to another registrar; this is intended to make domain hijacking more difficult, since a transferred domain is much more difficult to reclaim, and it is more likely that the original registrant will discover the change in that period and alert the registrar. Extensible Provisioning Protocol is used for many TLD registries, and uses an authorization code issued exclusively to the domain registrant as a security measure to prevent unauthorized transfers.[citation needed]

See also

External links

References


Wikimedia Foundation. 2010.

Игры ⚽ Поможем решить контрольную работу

Look at other dictionaries:

  • Reverse domain hijacking — is the practice of inequitably unseating domain name registrants by accusing them of violating weak or non existent trademarks related to the domain name. A widely regarded case of reverse domain name hijacking occurred in 2000, when the Deutsche …   Wikipedia

  • Reverse Domain Hijacking — Als Reverse Domain Hijacking bezeichnet man den Versuch, sich die Domain eines fremden Internetauftritts dadurch anzueignen, dass man den Besitzer des Domaingrabbings beschuldigt, also behauptet, die Domain stünde aufgrund eines eingetragenen… …   Deutsch Wikipedia

  • Hijacking — means to take over by force .Hijacking may refer to:In property: * Aircraft hijacking or skyjacking * Carjacking * Credit card hijackingIn internet technology: * DNS hijacking * Domain hijacking * IP hijacking * Page hijacking * Reverse domain… …   Wikipedia

  • Hijacking — significa secuestro en inglés y en el ámbito informático hace referencia a toda técnica ilegal que lleve consigo el adueñarse o robar algo (generalmente información) por parte de un atacante. Es por tanto un concepto muy abierto y que puede… …   Wikipedia Español

  • Domain name speculation — is the practice of identifying and registering or acquiring Internet domain names with the intent of selling them later for a profit. The main targets of domain name speculation are generic words which can be valuable for type in traffic and for… …   Wikipedia

  • Domain tasting — is the practice of a domain name registrant using the five day grace period (the Add Grace Period or AGP) at the beginning of the registration of an ICANN regulated second level domain to test the marketability of the domain. During this period,… …   Wikipedia

  • Domain parking — is the registration of an Internet domain name without using it for services such as e mail or a website i.e without placing any content on the domain. This may be done to reserve the domain name for future development, to protect against the… …   Wikipedia

  • Domain name warehousing — is the common practice of registrars obtaining control of domain names with the intent to hold or “warehouse” names for their use and/or profit. Also see domain name front running and domain tasting, related business practices employed by… …   Wikipedia

  • Domain sniping — is the practice of an individual registering a domain name whose registration has lapsed in the immediate moments after expiry. This practice has largely been rendered moot through ICANN s addition of the Redemption Grace Period (RGP), which… …   Wikipedia

  • Domain name front running — is the practice whereby a domain name registrar uses insider information to register domains for the purpose of re selling them or earning revenue via ads placed on the domain s landing page. By registering the domains, the registrar locks out… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”