Don’t get scalped !

Your website and email addresses related are based on… a domain name (e.g. orange.fr, sncf.com, etc)

However, we are often more interested in the content (the site) than in the support (the domain name), that we sometimes forget to renew it.

« Who manages this name in our company, the webmaster, the computer scientist, the e-shop manager, the digital com’ officer? »

And when you want to renew this domain name – which is still possible after its expiration, during the grace and redemption periods – you realize that you don’t have the login and password to connect to the hosting company’s platform, especially if the employee who had them and managed the renewals left your company without anyone asking him where the identifiers are stored, and no one else in the company has centralized these identifiers, along with a portfolio of your domain names, in a secure location.

Then come the unscrupulous Internet operators who reserve your domain name (thanks to an automatic watch) and sell it to you at a high price.

Indelicate but legal. Your domain name having fallen into the public domain because of you.

Another type of abandonment: this time you voluntarily abandon your domain name, because your company has changed its name for example.

Again, an internet reseller (called a “scalper“), who has spotted the high traffic that your domain name and related business activity was generating, believes that it is a potential mine of commercial and/or confidential information. He re-registers your expired domain name – web hosts and registries will not verify his identity or rights to your name.

Indelicate and illegal.

As the new owner of the domain name, the scalper controls all the incoming and outgoing emails of the former owner of the name, thus accessing a lot of confidential content, personal data of customers, suppliers… He can even create a new email address to get new information.

Moreover, since old email addresses are often connected to social networks and business platforms, the scalper will be able to update network pages and access platform data at will – unless you have implemented two-factor authentication, which is a strong authentication method whereby the user can access a computer resource after presenting two separate proofs of identity. In many cases, this takes the form of a text message sent to the user asking them to confirm that it is they who are trying to log in.

→ The solution: plan months before the voluntary abandonment of your name, have the DNS deactivated by your IT/webmaster… and have the zone file of the name purged of all your technical data.

Do not hesitate to contact us, also assists you in protecting your domain names.

– Sylvie BOYER, paralegal at Mark & Law

Source:

• « Piratage : Quelles sont les précautions à prendre avant d’abandonner un nom de domaine ? », Raphaël TESSIER and Sophie AUDOUSSE, eBrands, article in French, accessible by clicking here.