The Dangers of Abandoned Domain Names

Many people will have a domain name they once owned that eventually lost its value and was discarded. Most of those folks won’t have given much thought to it after declining to renew it with their web hosting provider, and 9 times out of 10 it’s true that nothing more will come of it. However, cyber security experts are now letting people know that an abandoned domain name can allow cybercriminals to gain access to email addresses of the company or individual that previously owned it.

Here at 4GoodHosting, we’re not unlike any other Canadian web hosting provider in the way we claim domain names for clients across hundreds of different industries. Many of whom will have that same domain name for themselves to this day, but some will have abandoned one or more because they found something better or simply because the domain name wasn’t required anymore for whatever reason.

Here’s what happens when a domain name expires. It goes into a reserved state for a certain time, during which time the the recent owner has the ability to reclaim it. If and when that time expires, it becomes available for re-registration for whomever at no additional costs, identity or ownership verification. Now while it is true that SEO professionals and spam trap operators are good at keeping track of abandoned domain names for various purposes, many of them will not know they are a potential security risk. So let’s discuss this here today.

Insider Access Information

Look no further for a pressing concern than the fact that the new owner of the domain name can take control of the email addresses of the former owner. The email services can then be configured to receive any number of email correspondences that are sensitive in nature. These accounts can then be used to reset passwords to online services requiring sensitive info like personal details, financial details, client-legal privileged information, and a lot more.

Recently this has been more in the new because of research performed on domain names abandoned by law-firms in Australia that were cast off as a result of different mergers and acquisitions between companies. These law firms had stored and processed massive amounts of confidential data, and when the domain names were abandoned they still left breadcrumbs that could possibly lead the new owners of those domains to sensitive information.

The possibility of this being VERY problematic should be easy to understand. Email is an essential service in every business, and is a company lost control of their email lists it could be devastating, especially considering sensitive information and documents are often exchanged over emails between clients, colleagues, vendors and service providers due to the simple convenience of doing so.

The study Down Under found that an average of nearly a thousand ‘.au’ domain names (country code TLD for Australia) become expired every day, and we can assume that number is considerably larger here in North America. Further, the list of expiring domain names is typically published in a simple CSV file format and accessible to whoever would like to see it, giving access to anyone who wants to see the domain names that have expired.

Communications storied in the cloud are especially at risk. IIf all the messages aren’t deleted from these cloud platforms, they may remain accessible for the new owner of the domain and then you now have the potential for a leak of sensitive info.

Of further concern is the fact that if that email address has been used to sign up for an account on social media platforms like Facebook, Twitter, or LinkedIn, etc. then the domain’s new owner can reset the passwords and gain access to those accounts.

To avoid this scenario, Companies should ensure that the domain name remains valid for an indefinite period even if it has been abandoned. All the notifications that may contain confidential information should be unsubscribed from the emails.

In addition, disconnecting or closing the accounts that are created using business emails is recommended. Enable two-factor authentication for all the online services that allows it as well, and be sure to do this as soon as possible and leave it in place indefinitely. This is good advice not only for businesses or venture that make use of multiple domains and have moved on from plenty in the past, but it’s good advice for anyone in today’s day and age of cyber threats.

You may also like: