How to protect yourself from domain hijacking -- so scammers can't steal your domain name: Internet ScamBusters #53
A few things before we get started with this month's scams -- which you *really* ought to know about... and very likely don't.
First, we wanted to welcome all our new subscribers -- and say "thank you" to all the subscribers who have been with us over the years. We appreciate you!
Second, we got the best feedback we've gotten in a long time on last month's issue. If you haven't yet seen this issue, you might want to check it out at:
Finally, a bit of Nigerian fee scam humor. A friend wrote this reply to the scam. (BTW, we STRONGLY recommend you don't respond to these emails. Nonetheless, a bit of humor seemed like a good idea before we delve into today's serious subject.
I am Meegonnascamu, son of Abeechu, the late chief of the Republic of Swindlu, and I would love to work with you on this scam. Please send me your complete banking details so we can begin to work together.
OK. Time to get started...
Domain Hijacking: A Dirty Business
There's a frightening new batch of scams going around now that can damage your reputation as domain "squatters" steal your domain name.
There are a number of ways the "game" is played. The first is entirely legal, if more than a little questionable. In this version, the name of a city or geographic area is grabbed by a domain squatter and pointed to... "sites that you wouldn't want your children visiting."
(We chose that term to avoid getting caught in a lot of spam filters for the use of the word "p-o-rn.")
A prominent notice is placed on the sites, offering them for sale at prices that range from $2500 to as much as $500,000!
The idea here is that city officials will feel that enough damage is being done to the reputations of their towns that they'll pay to keep them from being associated with that type of material.
It's obviously safe to say that it's not appropriate to pop those kinds of images into people's faces while they're looking for info on a completely different topic.
That's where the pressure on the cities comes from, and why this is such a disgusting scheme.
In essence, the domain squatter says: "Pay us, or continue to watch as your city's reputation suffers."
Many would call this blackmail...
The second variation on the theme is not always legal. When someone takes a trademarked name (or variation of the spelling of one) or a famous person's name, and does the same thing.
For trademarks or close variations, there's a specific procedure for addressing the problem. (See the resource section at the end of this issue.)
For the names of famous people, there MAY be a remedy. But, it can be tricky -- and expensive.
For example, if someone named John Jones registered WalterCronkite.com and pointed it to one of "those" sites, Walter Cronkite could probably force the domain away from him.
However, if someone named Steve Cronkite registered Cronkite.com and did the same thing, Walter Cronkite would have no recourse. It would be very hard to demonstrate that Steve registered the domain in bad faith. And if Steve's son's name is Walter, the same is true for WalterCronkite.com.
If you feel that your name is likely to be typed into a browser when people are looking for information on you, you should consider getting both the .com and .net versions of the domain if they're available.
It will cost you a few bucks to prevent the problem. Fixing it, assuming you win, will cost you hundreds -- if not thousands -- of dollars.
And there's no guarantee you'll win.
A third version is a bit more benign. It's common among members of affiliate programs.
In this version names very close to, or even including, the trademark are registered. The sites are created to drive traffic to the affiliates' URL at the main site.
This may or may not be acceptable to the affiliate program owner. If it is, it's a good technique for getting traffic. If not, it could get you into hot water. Check with the owner of the trademark before doing this.
Less benign is an alternative version of this technique where someone grabs domain names that are close to the trademark of a competitor and uses them to grab competitor type-in traffic. This is often done by finding out the most common misspellings of the real domain name or trademark.
Watch for people doing this with your domain.
Here's the worst version of this -- and it can hit anyone if they have enough traffic and don't pay close attention to when their domain registrations expire.
In this situation, someone grabs expired domain names and points them to "those" kinds of sites. This is a "no lose" for the hijacker, as they will profit from the traffic even if the previous owner doesn't pay the requested ransom for the domain.
The more traffic the URL gets, the greater the clickthrough value to the hijacker. This means more potential damage to the original owner -- and a higher ransom to get it back.
In effect, your own popularity is your worst enemy in this case.
The solution to this one is simple -- and very important: Don't let your domain names expire!
If you find yourself a victim of domain hijacking, there is hope for correcting the problem.
For a more formal explanation of the legal aspects of this problem, visit
For specific information on the UDRP (Uniform Domain Name Dispute Resolution Policy), the procedure for taking domain names that are being used in violation of a trademark, see
For information on taking action under the Anti-Cybersquatting Act (A US law that provides for damages in addition to the less severe penalties of the UDRP) see
If you have a famous name or trademark, the best defense is to make sure that you register the main variations in both the .com and .net form. The .org is probably only necessary if you are heavily involved with charitable activities.
Protect yourself. Scammers come up with new schemes all the time...
So, keep your eyes open.