How Your Online Brand Can Be Hijacked Overnight And What To Do About It

How Your Online Brand Can Be Hijacked Overnight And What To Do About It

Let me ask you a question. What do you think, is the cornerstone your brand online? Website design, Your voice, Your product quality and all the other things we talk about here? Well yes, they are of course important and play a part in the make up of your brand but the foundation of all online brands is…

The Domain Name

Photo credit: Sameer Vasta, via Flickr. Some rights reserved.

How credible can Amazon be when every aspect of your marketing from web site to emails and communications said “Amazon” but their web site domain name is “”? The answer is none. Zero. Instead, they’d look like spammers or people out to steal identities.

It’s the same for small businesses with an online presence. Chances are, you took time choosing the right domain. You spent money and time developing the website, then there are business cards printed, ads run, articles or guest blog posts written that all lead back to your domain. Many of these things send you traffic over time and cannot be stopped even if you wanted it to. We all invest a lot in our web sites so imagine how you’d feel if your domain is hijacked from right under your nose.

It happens. In fact, domain theft is on the rise. There are a variety of ways this is done. The common story is, someone gains control of your domain administrator’s email address. This allows the thief to transfer the domain to their own account. When the transfer is complete, it is pretty much a done deal and a big hassle to get back – that’s if you’re lucky.

At that point, the thief can point the domain to their own web sites and steal everything. Your traffic, your good name, your online presence. It’s devastating.

What can you do about it

Be vigilant. Monitor your own domain names. You can get a free account over at and setup alerts to notify you whenever a change is detected with your domain. Remember, you may not get change notification emails from your own registrar if your email is hijacked so using a third party monitoring tool and having those alerts sent to an alternative address is a good idea.

Watch out for emails that disguise themselves as your registrar. It’s better to log in to your registrar directly instead of clicking links in those emails.

Consider private registration for your bread and butter domains.

Lock your domains. While this alone won’t do the trick when the admin account is compromised but it can help in other types of attempts.

Protect your email accounts. If you use Gmail, turn on two-factor authentication. Make sure you connect to your email accounts securely when using email clients like Outlook, Mail or Thunderbird. Change passwords regularly and it goes without saying, be sure the passwords are different from others and difficult to guess.

When you have a domain online that represents your brand, you have to get serious about this stuff. There’s too much riding on it not to.

Lynette Chandler
Latest posts by Lynette Chandler (see all)