The internet remains one of the most indispensable marketing tools for businesses, and a domain name is a valuable intellectual property. However, domains are susceptible to being altered with malicious intent. Domain hijacking is one of the most relevant examples for this in our digital world. This article will help you understand what domain hijacking is and will take you through the different steps that should be taken to help you to protect yourself from the crime.

What is a ‘domain name’?

A domain name refers to a website address purchased from a Domain Registrar or from a hosting provider which provides the purchaser access to settings that control the domain usually for a fee. It allows businesses to uniquely distinguish their website source from other website sources. For example, ‘etheringtons.com.au’ is the domain name of Etheringtons Solicitors and allows our clients and broader community to easily identify our website and our services.

Domain names in Australia can be registered through the .au Domain Administration Registry. Before you can register the domain name that will appear on your website, you must ensure that:

  • Your domain name is available (meaning it is unique and not currently owned by another person or business); and
  • You have a valid Australian Company Number (ACN) or valid Australian Business Number (ABN).

What is domain hijacking?

Domain hijacking, also known as domain theft, is the act of changing the registration of a domain name without the permission of its rightful owner. This unauthorised type of cyber-attack causes web-addresses of organisations to be stolen without that organisation’s consent, predominantly through identity theft measures or phishing emails.

This allows the hijacker to alter account information and redirect online traffic to their own websites, which often are linked with the sale of counterfeit goods or black market operations. Therefore, losing access to your domain can be extremely detrimental to a business, especially those that run predominately e-commerce operations, as a domain name forms an important aspect of intangible property.

Recovering a hijacked domain name

If you are concerned that your domain name has been illegally hijacked, there are a number of actions you can take. These include:

  • Confirming if the domain name was hijacked: if your domain name does not open to your website, it is easy to assume that somebody has hijacked the domain name. However, there are a number of reasons why a website may not appear, such as the domain owner failing to renew the domain name before expiry, or technical issues with the website hosting.
  • Check your computer for malware, viruses and update security credentials.
  • Getting in touch with your domain registrar: For example, the .au Domain Administration Registry can be contacted online through a general inquiry form.
  • Checking the WHOIS records on the domain to determine who owns the domain name and if ownership has changed.
  • Seeking legal advice and contacting a dispute resolution provider: Solicitors can launch a complaint on your behalf with the AU Dispute Resolution Policy (AUDRP) or Uniform Dispute Resolution Policy. These are specialised bodies which are tailored to handle domain disputes and complaints in a cheaper and more efficient way than litigation.

What steps can you take to protect yourself and your business?

There are a few precautionary steps that you can take to prevent your domain name from being susceptible to hijacking or other illegal activity. These include:

  • Registering the domain name for an extended period and setting renewal reminders;
  • Increasing the security by locking the domain name so it cannot be transferred without a password. For example, the AusRegistry or database for domains ending in .com.au, has a security measure called .auLOCKDOWN which allows owners to lock their domain name records and prevent unauthorised changes; and
  • Always using multi factor authentication to protect your accounts.

How Etheringtons Solicitors can help

A solicitor at Etheringtons Solicitors can provide clarification of the relevant law in relation to your individual circumstances. If you need further advice or assistance with domain hijacking or other business law matters, please contact one of our experienced solicitors on (02) 9963 9800 or via our contact form.