Happy Halloween! As the nights draw in, it’s spooky season. This time of year, we often tell a scary story about supernatural creatures, but in domain management, the nightmares aren’t just imaginary. Learning about real-life digital horror stories helps us celebrate the season, while drawing insights from each tale to strengthen our own strategies.
October’s also Cyber Security Month. By securing your domains, EBRAND ensures you aren’t the star of next year’s scary stories in cybersecurity. That being said, let’s get into it.
1. Domain expiry: a revenue slasher
Scary movies often have us shouting at our screens, begging the characters not to investigate mysterious noises in the basement. Here, the domain management equivalent occurs when businesses miss their renewals.
Even established authorities and global corporations let crucial domains slip through their fingers. Google accidentally sold Google.com for a single minute in 2015, and had to buy it back for thousands of dollars. As recently as 2023, a lapsed domain/unexpected registry left a URL on American license plates redirecting to a Filipino online casino.
The lesson is this: ignore mysterious noises in the basement all you like, but whatever you do, don’t ignore your domain renewals.
2. The domain whose days were numbered
A scary story isn’t always gory. Sometimes, victims suffer from the Kafkaesque horrors of bureaucracy, as is the case in poor domain management. If you run a website, you need to stay on top of changing legislation, regulations, and geo-political developments, or your domain’s days could be numbered.
Such was the case of the official Brexit campaign website, Leave.eu. Domains using the .eu extension must be owned by a registrant in the European Union, so when the EU lost the UK as a member state, the Leave campaign lost its domain. All in all, the UK lost around tens of thousands of .eu domains, leaving a stark warning about the dangers of digital regulations. Keep an eye out for geo-political developments that jeopardize your domains, or better still, trust a domain management specialist.
3. Haunted WHOIS data
Websites rely on WHOIS data, whether their admins know it or not. When unfortunate businesses neglect their WHOIS, it falls out of date, leaving the website vulnerable to nasty surprises. ICANN conducts impromptu checks on WHOIS data, along with other registries, to maintain the Internet’s integrity, and outdated domains face unflinching consequences. After failing an unexpected WHOIS check, businesses lose their domains, and their website and mail traffic goes down without warning. Banish outdated WHOIS by performing regular data reviews and keep your website safe this Halloween.
4: Digital doppelgängers usurp your domains
Doppelgängers appear unexpectedly in a scary story, waving back from the mirror, or taking over the hero’s life. Similarly, if you’re not careful, opportunist third parties register domains to usurp your brand and your business. Teams spend countless months and finances launching international expansions, then realize that someone’s registered their domain with their target country extension.
Scammers also monitor trademarking authorities, registering key domains as soon as brands file for intellectual property. Businesses often need to register their domains before their trademarks and patents in order to dispel digital doppelgängers.
5. Day of the DDoS
This Cyber Security Month, our CTO Anouar Adlani stressed the importance of securing your domains, as well as your website. Cybercriminals coordinate hordes of devices in an overwhelming botnet to overload your server, or spoof requests to shut your website down. Google recently reported the largest DDoS attack in recorded history, peaking at 398 million requests per second.
With new DDoS techniques emerging with every attack, including the recent HTTP/2 “rapid reset” attack used against Google, firms must reinforce their infrastructure to avoid another scary story. Businesses should follow domain management best practices like choosing resilient Anycast DNS.
6. Attack from above: A scary story from the registry
Hijacking conjures all the paranoia and uncertainty of a horror film, and you wouldn’t expect it at an online business. However, domain hijacks wreak horrifying results on a company’s online presence and communication, when surprise attacks send ecommerce grinding to a halt. Hijackers bypass website security, attacking businesses via their connection to their domain registrar.
These attacks affect businesses of all shapes and sizes. In 2015, a domain hijack redirected a large computer company’s visitors to a webcam stream of a man sitting in his bedroom, just one among several scary stories.
7. The SSL from hell
A floating padlock on screen. Plummeting SEO. Disappearing revenue. While they’re not exactly typical tropes from a scary story, these three symptoms all occur when businesses let their SSL expire. The SSL, or Secure Sockets Layer, encrypts the transfer of confidential information across a website, so when businesses let them lapse, they lose customer trust, and valuable ecommerce.
8: Attack from inside: rogue roles
Disorganized domain management turns website downtime into a murder mystery. In a worst-case scenario, businesses struggle to figure out how many domains they even own, let alone who’s in charge of them. Domain management complicates itself as businesses evolve and rogue admins register domains in their own names, with personal email addresses. In one particularly scary story, a company changed domain manager and had to spend $300,000 to extricate their assets from the ex-employee. Take control of your story, and use strategies like domain consolidation and registry locks to secure your business.
Conclusions: Protecting your domains from scary stories
A scary story keeps us entertained at Halloween, but it also warns us about the perils of carelessness and complacency. Managed renewals keep your domains safe and sustainable, while registry locks and AnyCast networks protect you from hijacks and DDoS attacks. Let’s celebrate the season by chasing the ghosts and gremlins out of our technical infrastructure, shoring up our online presence with effective Corporate Domain Management measures.