Search engine optimisation from Blogstorm

How secure is your domain?

by Patrick Altoft on December 24, 2007

Most of you probably think your domains are safe. After all, it isn’t every day that somebody would steal a domain. Even if domains could be stolen hackers are more likely to try and grab ebay.com than your blog, right?

I’ve just finished reading this shocking story about how David had a filter installed in his Gmail account using an XSS vulnerability. The filter forwarded certain emails, including important ones from his registrar, to a hacker. The hacker was then able to take control of his domain and steal it.

David now has lost his domain and has to take court action to recover it. Since David is in the UK and the new registrar, Godaddy, is in the US I’m guessing this won’t be too easy.

The one saving grace in all this is that David still has his Feedburner subscribers, if he didn’t use Feedburner they would be lost as well.

How secure is your domain?

You can get our blog posts delivered for free by email every day - simply add your email address to the box below or alternatively grab the RSS feed.

Read some similar posts

Published in: Blogging delicious | digg | reddit | StumbleUpon | Google Bookmarks | Sphinn

{ 10 comments… read them below or add one }

1 David Airey 24/12/2007 at 11:57 am

Hi Patrick,

Thanks for helping bring this situation to light. I’m of the opinion that there are many other GMail users who currently have these malicious filters applied to their accounts.

It seems they’ve been around a while, but it took something like this to make me aware of it.

I hope you have a great xmas.

2 Sucker 24/12/2007 at 2:00 pm

Wow that really sucks! He’s having the worst luck with Google this year.

3 James 24/12/2007 at 5:13 pm

I never use Gmail or any other web service for important stuff, Web Services are good for day to day stuff but not for you important information. (Hmmm… I wonder why all those web apps are not catching the corporate market?)

4 Chris Bloczynski 24/12/2007 at 5:15 pm

Yikes! After reading Davids story, I looked at the filter settings for my Gmail account and there were two filters that I don’t remember ever setting. There’s no sign of any trouble, but I’m sure going on a password changing rampage this afternoon. Thanks for the heads up!

5 Andrew Mason 24/12/2007 at 6:52 pm

I have also attended a few seminars where I have heard black hat SEO people talk about ICANN complaints where domain whois information is incorrect. A common one is where a commercial domain is registered to an individual. ICANN can investigate these and drop domains if they are found incorrect.

In short, ensure your Whois info is correct and check the linked email account!

6 Jeremy Luebke 25/12/2007 at 2:38 am

Wow that sucks.

I am assuming that the filters can be seen and deleted in the Gmail settings correct?

Of course you have to look for them, but I think I will start checking periodically from now on.

7 Sammy Ashouri 25/12/2007 at 9:40 am

Scary as hell to get domains stolen. I try to monitor mine everyday to make sure.

8 Sid 25/12/2007 at 11:42 am

Jeez! I did not of that!!! thanks for the info bro

9 Edward 26/12/2007 at 9:42 am

That sucks! I can’t stand crooks. People sit around with nothing better to do then come up with ways to rob people. I hope everything works out for David.

10 Wordpress SEO 31/12/2007 at 3:08 am

What a horror story!

The other issue with domains and emails is more banal but even more dangerous.

Quite a few registrar notices (especially GoDaddy) go into spam folders.

So the spam onslaught will cost people thousands of domains as they just don’t see their domain names. I’m moving to an offline checking system (no longer counting on the registrars).

I hope David gets his domain back (and soon!).

Leave a Comment (get an avatar from Gravatar first)

You can use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>