Protect expiring domain names from malicious purposes

  • Cyber criminals may obtain expired domain names to exploit its credibility.

  • Domain names can be protected through business continuity and risk management programs.

Imagine a world where your name may expire if you don’t pay renewal fees! Inconceivable with respect to people, name expiration in the computer world is a commonplace. Similar to people addressing each other by easily memorizable names, computers on the Internet can also be identified using easily memorizable domain names, such as Thousands of domain names expire daily due to organizations failing to renew them.

To initially obtain a domain name, an organization submits a domain registration request to an accredited entity, a domain registrar. The domain registrar confirms availability of the domain name with special registries, and if unused, the domain name is registered to the requesting organization. The registration period may range between 1-10 years. Prior to its expiration date, the domain name may be renewed by the organization. If the organization forgets or chooses not to do so, the domain name expires and is released back to the registry.

Cyber criminals may seek expired domain names

Expired domain names become available for registration by other organizations. Some organizations could have a legitimate interest in the domain name for the purpose of offering goods and services. Occasionally, a domain name could be of interest to cyber criminals who aim to exploit the credibility that has been built around that domain. If a domain name is particularly desirable, cyber criminals closely monitor its expiration date with the goal of snatching the domain name should the current owner fail to renew the name. Most common targets include domain names formerly used for legitimate customer-facing business websites. In these instances, cyber criminals repurpose the domain name to set up a website that serves malware or fraudulent content, making the website appear as if the original company was still in the business of operating it. Furthermore, expired domains could also be registered by spammers to take advantage of the domain name’s reputation.

The expired domain name presents a significant business risk with the possibility of disruption of business functions and loss of customer confidence. Therefore, organizations should treat domain names as critical assets and take measures to protect their value. Various cyber threats involving domain names should be considered and addressed when developing and implementing business continuity and risk management programs.

Jennia Hizver Consulting Practice Security Researcher and Consultant AT&T About Jennia