There was no server failure, routing error or cyber-attack – nevertheless; people visiting the domain ebay.de on August 27, 2004, were greeted by a fragmented website for the online auction house. This event made August 27 especially noteworthy in cybercrime history. Not because of some form of human advancement or new development in the digital age. Rather, it was the first time there was an attempted robbery of a well-known domain.
19 year-old causes eBay Chaos
The culprit of the two-day disruption when pulling up the German eBay website was neither an anonymous hacker from the Darknet nor criminal blackmailers. To many people’s surprise, it ended up being a 19-year-old German student who came across instructions on how to transfer domains and decided to test his newfound knowledge on ebay.de.
And after a chain of misunderstandings and misconduct, the attempt succeeded: The registry Denic decided to comply with a request to change everything; from the IP address to the owner of the domain. This was a request accepted on a whim, surprising even the student at its origin. In the statement given to authorities, the young man commented on how even he was stunned to find his name under the ownership records for the domain.
The 19-year-old also tried to transfer such domains as web.de, amazon.de and google.de, with no luck. However, google.com did see a change in ownership just a few years later, shockingly enough for just 12 dollars!
A Domain Millionaire for 60 Seconds
When looking up the price of google.com through the usual means, it is believed to have a net worth anywhere between 360,000,000 and 420,000,000 dollars. There are few domains in the world, if any that have estimated higher values. This is mainly due to the search engine being the most looked up site on record. Ex-Google employee, Sanmay Ved had a short lived experience of owning this multi-million dollar domain on September 29, 2015.
At about 1:30 am local time on the U.S. East Coast, Mr. Ved clicked through Google's in-house domain purchase service seeing if he could attain the main domain of his former employer: google.com. To his surprise, the domain was for sale. Ved gladly paid the requested purchase price of $12 and completed the purchase successfully. He remained owner of the most visited site in the web for only a minute, when the alarm bells rang at Google. They then cancelled the transfer almost immediately.
Unlike the adolescent ebay.de thief more than ten years earlier, Ved did not have to fear repercussions from his purchase. On the contrary, Google offered him $ 6,006.13 for the discovery of the unspecified vulnerability. When Ved graciously declined, the company doubled the amount and donated it to a charity.
Other major corporations have also already lost important domains temporarily in a similar fashion. Often it was human error - such as in Microsoft’s case. Despite the registry sending various ownership expiration notices for the extension of the domain hotmail.co.uk in 2003, an unknown buyer secured the web address and informed the company. After some back and forth, the U.S. software company eventually regained ownership of its domain. But the settlement that the two parties agreed on has never been made public.
Some companies and domain owners have had far less luck when it comes to real domain thefts with real criminal intent.
A Multi-Million Dollar Business in the Shadows: Domain Theft
Typically it is very rare that domain registries such as Denic migrate domains without asking questions or that large corporations forget to extend the ownership terms of their domains. Therefore, criminals with actual dubious intentions must be much more deceptive in order to seize registered domains: they rely on phishing, identity theft or social engineering.
By using personal data or accessing the domain owner’s personal information, the attackers persuade the domain registrar to overwrite the domain in question with themselves or with third parties. Then, the criminals have unrestricted access to the domain and can use or resell them at will.
The domain thieves prefer to target smaller victims with often unused but potentially valuable domains. They work off the assumption that there will be less resistance along with delays in the discovering of fraud in these types of situations.
There are two well-documented examples of this kind of criminal action:
- In May 2016, Michael Lee lost his ownership of the high profile domain MLA.com, which he acquired in 1997. The domain was valued at 47,000 dollars due to its 3-letter nature, money Lee was going to use for his retirement. The Russian domain thieves’ responsible for falsifying ownership and then selling the domain were never caught.
- Chinese hackers acquired the domain ShadesDaddy.com in February 2015. The site was originally used by a small private business for selling their own glasses. After the theft, hackers redirected the site’s traffic to their own, where they offered fake eyewear products. This ruined the previous owner’s reputation, while making the thieves a good sum of money.
How to protect yourself against domain fraud
Anyone wishing to protect themselves against the potential of a financially devastating domain theft should adequately secure the e-mail account used for the registration. Some domain name registrars also offer additional security mechanisms such as domain locking or registry locking. Last but not least, remember to always renew your domain registration in time! Though these may seem like small and insignificant steps, criminals will have a much harder time stealing your domain if you are diligent about following through on these.