This is not exactly what Jerry and his friends were talking about on that old ‘Seinfeld’ episode. This is about what happens when an organization loses control of their Domain Name by letting it expire. The natural inclination is to think, “Who would be that careless?” You would be surprised. And we’re not just talking about ‘Jim’s Hardware’ or ‘Kathy’s Knick-Knacks.’
Major organizations that have let one or more of their domain names expire:
Google Argentina
Foursquare
The Dallas Cowboys
Microsoft
Regions Bank
Yatra
Clydesdale Bank
Yorkshire Bank
Sitemeter
Marketo
Sorenson Communications
Parker Hannifin
Microsoft? Really? Yes, there are a few surprising names on that list: You would think they would be on top of their domains, but even for the high and mighty, things fall through the cracks. Their lapse is old – from 1999, but when they forgot to renew their Hotmail domain it caused major email disruptions and associated problems for years. Did they learn? Eventually, one would suppose, but they failed to renew hotmail.uk just 4 years later in 2003.
Most domains expire through carelessness - no matter the type or size of the company. Some expire simply because the responsible party forgot to renew. Also, domain renewals can be lost during mergers and acquisitions. Back in 2007 Parker Hannifin purchased Rectus and its subsidiary Tema. While it attended to the Rectus domain, tema.com was overlooked and it expired – eventually fetching $128,938 at auction, according to DomainGang.
What happens when domain is expired?
It’s not just your website that suffers. As soon as a domain expires, the domain and every service connected to it becomes inoperable. Think about how your business depends on email. If your domain is ‘https://mybusiness.com’ and your email scheme is ‘sally@mybusiness.com,’ your email will stop working immediately. That is not a situation that boosts confidence among your clientele.
If somebody else purchases your old domain, any emails sent to your expired domain will go to the new domain owner, thereby allowing them to pick through your client base – and any other information you would prefer to keep private.
What are the risks of expired domains?
Losing control of a domain can have a devastating effect on Cybersecurity. One big tool in the cyber criminal’s tool belt is feeding on expired domains, and crooks can do a lot of things with one. The variety of attack tactics range from buying an expired domain, then ‘spoofing’ (copying) the website to lure unsuspecting customers into entering their credit information with an alarm page that says “Please verify your payment information”, to replacing formerly innocent links with malicious ones to infect the site visitor’s computer or network.
They may send fake invoices in phishing campaigns containing malicious links or attachments, or even use the domain to set up fraudulent mail servers which they can use to obtain access to social media accounts, web services or Software as a Service (SaaS) accounts.
Cyber criminals rely on the domain owner’s reputation to lend legitimacy and trust to their various attack methods, which is why they act quickly – because all of these tactics cause damage to a company’s reputation, which decreases public trust.
Such events are not uncommon: just about every reputable member of the Charlotte IT community has had clients’ networks invaded through these means – from the top Managed Services Provider (MSP) company like ITFirm.com, to the dime-a-dozen Break/Fix ‘IT guys’. The best security cannot prevent an end-user clicking on a malicious link and releasing malware into the system, but any worthy MSP is aware that these attacks can and WILL happen and have already arranged solutions that stem the attack and clean up the damage quickly.
The smart money is on using an MSP that performs true Vendor Relationship Management.
What is the role of vendor management?
There are nine different types of Vendor Management. Simplicable explains the differences HERE. The Vendor Management that a Managed IT Services firm provides is usually involved only in matters concerning electronic communications and the third-party vendors involved (not coffee service or janitorial types of vendors).
For example, if there is a problem with your VoIP (Voice over Internet Protocol) phone system, or your internet provider, it is possible to get into ‘blame game’ – the VoiP provider blames the internet provider or the IT vendor and vice versa - we step in and sort through the issues directly with each involved vendor. Since we speak their technological lingo, they can’t try to pull the wool over our eyes, so we get to the bottom of it without you juggling frustrating and time-consuming phone calls.
This is a high-value service that ITFirm.com has offered since we first opened our doors. Among other vendor-based solutions, we monitor and handle expiration dates and renewals for any client that agrees to let us do that – it’s a little different than more directly ‘network-centric’ services like the internet, so not all clients want to have us do it. However, we have had clients who allowed their domains to expire (to disastrous results), and when that has happened, they typically want us take over responsibility.
Frequently Asked Questions
Who is the owner responsible for a domain name?
A: The responsible party/domain owner is the person/organization listed as the domain’s registrant/owner - that first registered the domain name.
How long after a domain is expired can I buy it?
A: According to Domain.com, some top-tier domains can enter ‘Redemption’ wherein it is up for sale the day after it expires, but the industry standard tends to be 30 to 45 days. It depends on the agreement with the registrar and the Domain Registration Provider.
What are Domain Registration Providers?
A: They are companies that allow you to purchase and register domain names. All registrars are accredited by the Internet Corporation for Assigned Names and Numbers (ICANN). GoDaddy is a well-known domain registration provider.
Do I need domain expiration protection?
A: When you look at the companies, like Microsoft, who have let domains expire, Domain Expiration Protection (DEP) is certainly advisable. In the event of expiration, the DEP provider ensures that for one year, the site remains registered to the original registrant, and cannot be purchased by a third party. That gives a domain owner plenty of time to renew.
How secure is your network?
As a longstanding, reputable member of the Charlotte IT Support community, ITFirm.com offers a FREE, no-risk network and security assessment. We perform a non-intrusive scan that allows us to deliver a comprehensive report of the state of your system and its vulnerabilities that is yours to keep. There are no strings attached, and you are under no obligation to ever use our IT Services.
The two best defenses are next-generation Cybersecurity to protect your data from theft, and a top-notch Managed Services Provider to ensure continued reliability and defenses against newly emerging threats.
We put our 100% Money Back Guarantee in writing, so there is no risk in trying us out. Because we do not require a ‘hard’ contract, our clients can fire us at any time with 30 days’ notice. We have to be good.
Among the Managed IT services we provide:
IT HelpDesk Service
Onsite IT Support
Cybersecurity
Cloud migration and management
Email migration services
Backup and disaster recovery
VoIP phone systems
IT disposition and recycling
Office moves
White label services (IT to IT)
Planning an Office Move?
Contact us today! We have the experience to ensure a seamless transition. After the move, your employees will arrive at the new location to find their IT infrastructure ready and open for business!
For more information on office moves, or to receive your FREE no-risk network and Cybersecurity assessment, just fill out the form on this page or call us at:
704-565-9705
