With the passing of the Protection of Personal Information Act (POPI), businesses can face lawsuits if they do not take reasonable steps to protect customer data stored on their domain from this form of cyber attack.
“A domain should always be renewed on time. If a domain expires or enters a redemption period, it is often very difficult and expensive to redeem. If the domain is eventually deleted from the registry, after the redemption period, it becomes available again. Anyone can legally claim it,” says Thomas Vollrath, head of local hosting company, 1-grid.
A hijacked domain is a worst-case scenario for a business with a website. Possible fallouts include lost revenue, reputation damage and financial penalties for failing to protect customer data. Not to mention the loss of the URL customers type in to find your business. “Think of it as brandjacking,” says Vollrath.
Here are tips on what you can do to prevent your domain from getting hijacked:
“Aside from the loss of business and brand damage incurred by a domain hijacking, attackers often go on to stage elaborate phishing campaigns and other scams targeting your business and its customers,” says Vollrath. Some hold domains ransom, demanding money for their return - or, depending on the value of the domain, sell it for a lucrative sum.
With a focus on SMBs in South Africa, there are web security packages, domain, web and email hosting, a website building tool, SSL certificates, website design and online marketing expertise available. “SMBs are vital to the growth of our economy – but they need real and affordable online expertise, support and tools to keep their data secure and their sales growing,” says Vollrath.