I hear it all the time as a domain dispute attorney: Someone stole my domain name. It happens every day, hundreds of times a day. Someone hacks into an email account, which gains access to the domain registrant account with GoDaddy or Network Solutions. All of a sudden, your domain name is lost; someone has stolen your domain name. You’re trying to understand what your options are.

In many instances, these can be extremely serious domain theft matters because your domain name is where your website lives. So, if someone gets control of your domain name as a result of domain name theft, they also can control what is called the DNS, the domain name server, which says what website your domain name is going to point to. So essentially, they can take down your website once they gain control of your stolen domain name.

Welcome to Cybersquatting Law Radio where domain name, cybersquatting, and trademark domain name issues are always the hottest topic of discussion.  Whether you are a trademark owner who believes they are a victim of cybersquatting or a domain owner wrongly accused of trademark infringement, you will find all the tips you need to protect your rights right here.

Enrico Schaefer: I hear it all the time as a domain dispute attorney: Someone stole my domain name. It happens every day, hundreds of times a day. Someone hacks into an email account, which gains access to the domain registrant account with GoDaddy or Network Solutions. All of a sudden, your domain name is lost; someone has stolen your domain name. You’re trying to understand what your options are.

In many instances, these can be extremely serious domain theft matters because your domain name is where your website lives. So, if someone gets control of your domain name as a result of domain name theft, they also can control what is called the DNS, the domain name server, which says what website your domain name is going to point to. So essentially, they can take down your website once they gain control of your stolen domain name.

Let’s take a look at this from a legal point of view. If someone has stolen your domain name, you need to immediately contact an attorney to understand what your options are. If the person who stole your domain name is an ex-partner or an employee or a disgruntled web developer and you know who it is who has control of your stolen domain name, then you’re in a pretty good position because then a cybersquatting and domain theft attorney can help you understand how to gain the leverage against that person to get control of the domain name back.

If a hacker steals your domain name, hacks into your registrant account, gains control and you don’t know who it is that’s engaged in domain theft, then you’ve got a much more challenging proposition. They may or may not change the domain WHOIS information in the backend of the system. Even if they do change the domain WHOIS information, they might provide false WHOIS information or use a domain name proxy service to hide their identity. In those instances, the first thing a domain dispute attorney is going to do is understand what trademark rights you may have in the domain name.

So, let’s take a look at that narrow issue because that’s where you’re going to find a lot of the leverage to recover a stolen domain name. It’s in your trademark rights. If you have the exclusive right to use your domain name because it is also your company name, your brand name, the name of your product or service, then that is going to be added leverage under cybersquatting law.

What I mean by that is, that if your company name is the domain name and the person who has stolen your domain name re-points the website to some other commercial service, to some other commercial website, or tries to compel you to buy the domain name back from them, they essentially extort a purchase price to say you can have your domain name back if you pay X.

Then, you’re going to have to take a look at cybersquatting law principles and your attorney is going to take a look at it and say, “OK, if you have trademark rights and they’re using the domain name adverse to those trademark rights, then you can use the Anti-Cybersquatting Consumer Protection Act as leverage, which provides up to $100,000 in statutory damages plus attorney’s fees against the person who stole your domain name. You might be able to use the Uniform Domain Name Dispute Resolution Policy, or UDRP, as added leverage.

Now, the best thing, of course, is to prevent domain theft in the first instance. Protecting your domain name assets is critical. If you’re doing business off of the Internet, if your website is generating revenue, you need to treat that domain name with the respect it deserves. You need to protect it the same way you protect your most valuable assets as a company.

There are lots of ways to do that. Number one, you need to control the registrant account with the domain name registrar so that only you or select people have access to the account. You need to change the password regularly to that account. You need to use a domain registration service that is going to provide you added layers of security. Some services, such as Moniker, won’t make a significant change to your domain name absent a phone call first, so they won’t transfer your domain out of Moniker or take other adverse actions unless they actually call the designated person by phone.

So, you want to prevent domain theft and stolen domain names from occurring to you and your company. But if it does happen to you and your domain name is stolen, contact a domain dispute attorney right away. The more time that goes by, the worse your situation is going to be.

My name is domain dispute attorney, Enrico Schaefer. Have a great day.

You’ve been listening to Cybersquatting Law Radio.  Whether you are filing or defending a claim of cybersquatting under the Uniform Domain Name Dispute Resolution Policy (UDRP) or Anticybersquatting Consumer Protection Act (ACPA), we have a cybersquatting and domain dispute attorney ready to answer your questions.

Welcome to Cybersquatting Law Radio, my name is Cybersquatting and Trademark Attorney Enrico Schaefer and I specialize in domain name protection.  We get calls every single day from clients who say, “Someone stole my domain name.”, so you need to understand how to prevent domain theft.

If you are a small company or a business that is starting to get going on the internet, oftentimes, your domain name – the www.your company.com – is an overlooked asset.  Too often, small business and companies do too little to protect their domain name assets, so let’s talk a little bit about that.

How do you prevent domain theft if you’re a start-up company, a growing company, or a small business that’s just getting into the web space and just starting to roll out your web presence?  The key is to control your domain registrant account with your registrar.

So, what is a registrar? The registrar is the company that you use to register your domain name, such as Godaddy or Network Solutions or Moniker. It’s the company that you went to to buy your domain name.  As part of that process, you create an account with, say, Godaddy, and then after you’ve created an account, you’ve uploaded your name, you’ve created a password and you’ve provided an email address and login information, then they’ll go through and process your order for your domain name.  If successful, you will now control that domain name.  More importantly, you control that domain name through your login at that registrar, Moniker, Godaddy, etc.

Therefore, whoever can log in to your registrar is also the person who can move your domain name to a different account and who can change the login information to prevent you from having access to your domain name.  This is the primary way that domain names are stolen.  Someone gains access to the registrant account.  So, the first tip I have for you is that if you really want to prevent domain theft, control your registrant account.

Now, how does that happen?  How does a company lose access to their registrant account?  Well, many times, it’s the person in the IT department who’s just a kid who registered your domain name or it’s a spouse or brother-in-law or a business partner.  Oftentimes, clients will tell us they have no idea what our login information is to our registrant account because that person no longer works for the company.  That employee no longer works for the company.  That consultant no longer works for the company.  We no longer use that web developer who registered out domain name.  So, preventing domain theft is all about knowing who is the person who has access to the registrant account.  So, stolen domain names sometimes aren’t stolen at all, they’re lost.  That you’ve lost control of the interface that allows you to say, where is that domain name DNS going to point in order to make your website live.  Who gets control of the email addresses at the domain name – yourname @ your company.com – these types of things.  So, if you want to prevent domain theft, don’t allow just anyone to register your domain name.  If someone out there, if a third party, an employee, a partner, a consultant or web developer has registered your domain name, you should immediately ask for the login information to that account and you should create a new login and password for that account that only you and only a few other people at your small business or your company have access too.  And you should change the login password frequently.  Most companies do a lot of business online and many of them really bet the farm on their website.  Shouldn’t you protect your most valuable internet asset, your domain name, from domain theft?  I think you should. And I’m Cybersquatting Law Attorney Enrico Schaefer; we’ll see you next time.

You’ve been listening to Cybersquatting Law Radio.  Whether you are filing or defending a claim of cybersquatting under the Uniform Domain Name Dispute Resolution Policy (UDRP) or Anticybersquatting Consumer Protection Act (ACPA), we have a cybersquatting and domain dispute attorney ready to answer your questions.

A stolen domain name can cost you big time.  Whoever controls the domain registrant information and login can point the DNS to whatever website they choose.  The person who has stolen your domain name can shut down your website instantaneously.

For many companies, domain theft can cost them tens, hundreds of thousands or millions of dollars in lost revenue.

Our domain name dispute attorneys can help you protect your domain name assets.  Contact us for more information.

It appears that the person or persons who for a while succeeded in stealing direction.com are also active hackers. A google alert recently notified me about this incident where apparently www.persionwhois.com was defaced. www.zone-h.com

This post was authored by Direction Group ApS, the prior owner of preventdomaintheft.com.

Preventdomaintheft.com was formerly owned by Bjorn Kassoe Andersen.  In October, 2011, Mr. Andersen sold the domain and website to Traverse Legal, a law firm specializing in internet law and assisting clients on domain theft issues.

Here is a new option to report a domain name stolen and to check if a domain you are interested in has been reported stolen: http://www.domaintheft.org/

This post was authored by Direction Group ApS, the prior owner of preventdomaintheft.com.

Preventdomaintheft.com was formerly owned by Bjorn Kassoe Andersen.  In October, 2011, Mr. Andersen sold the domain and website to Traverse Legal, a law firm specializing in internet law and assisting clients on domain theft issues.

It appears that the person or persons who for a while took over direction.com are also hackers. A Google search recently made me aware of a defacement of persianwhois.com (captured by h-zone.net). It appears that sillworks4@gmail.com is operated by a hacker or hacker group called OurQuest – and for some reason the city of Shiraz is mentioned. Here is a screen dump of the defacement:

The text at the bottom is written in Iranian slang. It says something like: “What you are up to is queer and childish, you should rather go for the money.”

This post was authored by Direction Group ApS, the prior owner of preventdomaintheft.com.

Preventdomaintheft.com was formerly owned by Bjorn Kassoe Andersen.  In October, 2011, Mr. Andersen sold the domain and website to Traverse Legal, a law firm specializing in internet law and assisting clients on domain theft issues.

It looks as if social engineering – that is: tricking people – is the easiest way for someone to steal a domain name. From the owner of sweet.com I received an email sent from sillworks4@gmail.com in which the sender pretends to be the legitimate owner of the domain and tries to trick the ISP to set up a forward in order to gain control over the domain.

I assume this was the method used also when our domain – direction.com – was stolen in late 2006 by someone operating also from sillworks4@gmail.com (and stillworks20@gmail.com). Here is how the email reads:

Hello Dear,

Thanks for nice services and support,

I’m tried many time to set mail forwarding for my email account, but page will not load after click on Submit button for set mail forwarding!!!

domain: SWEET.com

Tried to set: xxx@SWEET.COM forward to sillworks4@gmail.com So, Please check it and try to set this mail forwarding….and send me note when you have done it.

[the name of the administrator of sweet.com]

Thanks Again

This post was authored by Direction Group ApS, the prior owner of preventdomaintheft.com.

Preventdomaintheft.com was formerly owned by Bjorn Kassoe Andersen.  In October, 2011, Mr. Andersen sold the domain and website to Traverse Legal, a law firm specializing in internet law and assisting clients on domain theft issues.

The other day I got a call from a local Danish police officer. This was nine months after I reported to the Danish National IT Crime Investigation Unit (NITEC) that our domain, direction.com, had been stolen. The local officer to whom the case had been referred was kind of sorry to say that he would not investigate the theft and that we would have to recover any losses through civil proceedings.

I explained to him that my counterpart was unknown so it would difficult to initiate proceedings – and that we luckily had recovered the domain through arbitration. In the end he said that his decision mainly had to do with the fact that IT crimes in Denmark are referred to local police authorities and that he did not have the necessary resources and tools to investigate the case. So the costs of him investigating the case would not be justified by the possible benefit.

I told him that my main reason for reporting the theft was to obtain peace of mind and to at least do something, and also that I knew that local police cannot do much when crime goes global – and that my hope is that there some day will be adequate resources for some kind of police force that is able to track IT crimes across boarders. As of now, criminals are far ahead of law enforcement … good for them, bad for the rest of us …

This post was authored by Direction Group ApS, the prior owner of preventdomaintheft.com.

Preventdomaintheft.com was formerly owned by Bjorn Kassoe Andersen.  In October, 2011, Mr. Andersen sold the domain and website to Traverse Legal, a law firm specializing in internet law and assisting clients on domain theft issues.

On feb. 1, New York Times had a good article describing the development of the domain name industry – and the economic incentive for stealing domain names.

This post was authored by Direction Group ApS, the prior owner of preventdomaintheft.com. 

Preventdomaintheft.com was formerly owned by Bjorn Kassoe Andersen.  In October, 2011, Mr. Andersen sold the domain and website to Traverse Legal, a law firm specializing in internet law and assisting clients on domain theft issues.

Recently I was interviewed about how our domain was stolen and how we got it back. You can hear the interview as a podcast from VTalkRadio.

This post was authored by Direction Group ApS, the prior owner of preventdomaintheft.com.

Preventdomaintheft.com was formerly owned by Bjorn Kassoe Andersen.  In October, 2011, Mr. Andersen sold the domain and website to Traverse Legal, a law firm specializing in internet law and assisting clients on domain theft issues.