Canceled domain names are an underestimated security risk. No, this is not a disguised sales story to stay within the churn rate . This story is about shortcomings in the foundation of our internet use. In this article I will tell you about the risks of canceled domain names, show examples of how things can go wrong, and finally give some practical tips.
Week 41 (this year from 8 to 14 October) is dominated by the national Safety Weekevery year . Traditionally, the week has focused on entrepreneurs, with the aim of raising awareness of the theme of “prevention”. This year’s Security Week focuses on internet crime at companies .
Register, use, cancel
The registration of domain names is based on first come, first serve . In short, who comes first, who first serves. Somewhere there will come a time when you want to give up your domain name. For example, because you stop your business and you no longer want to pay for the domain name every year. Once a domain name has been canceled, it will be quarantined. Depending on the domain extension, this can take a few days. After that the domain name is available again. Cyber criminals can then also register and (re) use your old domain name. And in that (re) use there is a danger.
(Re) use of your domain name
Make an action plan in 2 days
The Content Strategy training offers you a practical approach to creating content for your organization.Knowing more?If you have used e-mail via your domain name in recent years, it is not inconceivable that the e-mail address will still be in the address books of others. With many e-mail programs this happens automatically. This e-mail can easily be captured by the new ‘owner’ of the domain name with a catch-all (e-mail address where all e-mail addressed to the domain name arrives). For example, confidential correspondence may fall into the wrong hands. By simply registering canceled domain names of the police, ethical hacker Wouter Slotboom managed to get hold of some confidential reports in 2017 .
Another way in which your domain name can be (re) used is by forwarding the domain name to another website. How this can go wrong, ketchup manufacturer Heinz noticed in 2015, after canceling the domain name of a campaign website. The QR code on the package was linked to a canceled domain name. The result: the QR code on many products redirected users to a porn website.
As you notice, the ‘possibilities’ are endless. Because capturing e-mail or forwarding a domain name does not stop. Cyber criminals can take on a complete identity by extracting and continuing a website (or webshop) from archives.
Another problem is the use of login accounts. There have been quite a few digital break-ins in recent years where data has been leaked. Cyber criminals can find out which e-mail addresses were used where, and then gain access via a password reset.
Via Have I Been Pwned and Gotcha? You can check whether your e-mail address has been leaked during known digital burglaries.
There is no right or wrong when it comes to canceling domain names. It is good to think twice before canceling a domain name.
- Document on which website you use login accounts, and adjust them if you cancel the domain name.
- Where possible, use a 2FA (two-step verification ) with login accounts.
- Are you canceling a domain name? Then send a message to all your contacts with your new e-mail address.
- Replace the website with a placeholder with a message that the website is no longer active. Or ensure that the domain name is forwarded to your new website.
- Set a catch-all so that all e-mail is captured. Forward this e-mail to your new e-mail address, and set up an automatic reply with cover letter that your old e-mail address is no longer active.
- Study the internet traffic to your website. In particular, referral links (other sites that link to you) you should approach possible.
- Only cancel the domain name if you no longer have any activity on the domain name.
Share your experience
I hope that by reading this article you have gained a better picture of the risks of terminated domain names. Do you have a question, comment or do you want to share your experience? Then respond below this article!Online course: improve your SEO with Google Analytics
What about the ranking of your website on Google? Do you use the correct search terms? Discover during this online course how your SEO is doing and how you can use Google Analytics to improve the findability of your website. You also learn how to measure results and make them transparent. Became curious? Register quickly for this 1-hour online course. read more