How to return a domain name when it was stolen

This happens on many sites, and recently on the forum for webmasters Webrankinfo.com a victim of hijacking. The regulars of the forum were surprised that a parking page in English appeared on it. The domain was deposited with OBX and now has Godaddy as its registrar.

How to assign a domain name

The technique involves cracking the email address password of an administrative contact. It is simplified if this email is a Gmail, Hotmail or similar account.
A hacker installs a filter based on the words "domain," "dns," etc. When an email contains these words, it is redirected to another email address, probably a temporary one, leaving the rightful owner unaware of the emails that go through the account.

The hacker then demands a change of registrar. It looks like Godaddy has a hacker preference, probably because he allows a free transfer.

Note that only the registrar changes, not the owner, since in this case a payment is made that helps to identify the culprit of the theft.

The hacker, exchanging messages with the victim shows this, allows him to believe that he will be able to regain control of the domain only after long legal proceedings and demands from him several hundred dollars for his return. Then it is clear that paying a thief money is not just immoral, but useless.

How not to steal a domain name

If a hacker did not accidentally select your email, the task becomes more difficult for him if contact letters are hidden in whois. And even impossible with a plot in the FR.

When opening an email account, you should avoid browsing websites.
It's not that Gmail researchers claimed to have hacked 8,000 Hotmail accounts every day in 2003.

You should also avoid using an email account as a contact, which provides the ability to redirect email messages through a filter and thus hide from the owner what is happening with his account (which allows Gmail).

Also avoid using an address displayed on the site or easily guessed, for example, the name of the site associated with the service name, for example, monsite@gmail.com or monsite@hotmail.com, as contact letters.

You should never stay in your email account and load a web page. This rule usually applies to any service that requires a password.

Do not install the GreaseMonkey plugin, which allows you to run scripts directly in the browser.

Using webmail (server-based management) will make hacking easier. Using Thunderbird software in Safe Mode (SSH) would be safer.

You can also use a personal POP account, which most hostels and registrars offer.

How to return a stolen domain

The case of David Airey showed that it can take several days, but it is quite possible to regain the stolen domain, the owner of which we remain.

1. Create a free account on the registrar, where the domain is now, Godaddy in our example (you may have to pay the bill).
2. Download and fill out a paper form Cancel change (cancel change). Sign the form.
3. Provide a copy of your ID or driver's license.
4. Scan and email attachments.

This document allows you to cancel the transfer of registration data and restore the original registration number. Note that this will be longer if the transfer is completed than if it is in progress.

If the hacker managed to become the owner of the domain, a longer procedure will be required at ICANN.

Receiving a stolen email account

This is done through a claim against the hoster, but will be done more easily by taking certain precautions. On a piece of paper, note the following information:

• Account creation date.
• Addresses of the most important correspondents.
• Names of private characters created in your account.
• Similar information about your other accounts with the same authority .

And if your account is on Gmail, remember to check the IP address at the bottom of the page often, which should always be yours: change your password otherwise.

Further information

• ICANN transfers polity. It is possible to cancel the transfer.