Understanding the Risk
Letting a domain name expire can cause significant reputational damage to your business as they are often picked up by cyber criminals who aim to pose as you and defraud your customers, employees and even your suppliers.
The risk varies depending on the actual use of the domain name. The Australian Cyber Security Centre recently wrote on the follies of abandoning domain names so we thought that we’d share our expert advise on the matter.
Using a Red Amber Green (RAG) analysis we have outlined the severity of risk of expiring domain names, based on the domain names history and use:
- Red Domain names should under no circumstances be expired because in the wrong hands can cause significant damage to your business (competitors, cyber-criminals etc).
- Orange Domain names represent some reputational risk if expired, but would not impact your core business.
- Green Domain name are unlikely to damage your business if expired, but caution is still recommended and consequences understood.
Domain Name Expiry Business Risks – RAG
|Domain Name Type||Expiry Operational Risks||Expiry Business Risks|
|core business domains||
|branded parked domains||
|product domain names||
|unbranded parked domains||
Expiring domain names from mergers and acquisitions
Abandoning your domains from acquired companies is a risky business. It is important to have a full understanding of the historic use of the domain name, any residual services that may still be associated with the domain name and also the traffic the brand may generate.
Normally we see M&A acquired domain name portfolio rationalised several year after the consolidation project and in one extreme example, an expired domain name for a large lender contained DNS records that when expired brought down some important internal services functions for the subsidiary brand.
Check out our article on domain names in mergers and acquisitions to find out more about this topic.
A summary of the general risks of expiring domain names
- The website goes down as well as all client portals and your customers ability to transact or do business with you online.
- All associated email goes down that stops your staff’s ability to communicate internally or externally.
- All online services and applications associated with the domain name go offline.
- All DNS records cease to function.
- Even if renewed, services could take 24 – 72 hours to reboot depending on the DNS TTL and other technical factors.
- If a competitor picks up the domain name, they could either attempt to keep it or delay its return in order to hurt your competitive position.
- If a cybersquatter picks up the domain name, they could try to sell it to you for an inflated price.
- If a cybercriminal picks up the domain name, they could try to intercept all associated company emails and steal confidential company or client information. They could also try to de-fraud your customers.
Once you lose control of a domain name, it can be difficult to get it back – especially if the new registrant is eligible to hold it. So the best advice for domain name managers is to err on the side of caution and hang on to your domain names.
We also recommend a domain name management service, when all domain names are automatically renewed that takes the risk of important domain names expiring.
Brandsec is a corporate domain name management and brand protection company that look after many of Australia, New Zealand and Asia’s top publicly listed brands. We provide monitoring and enforcement services, DNS, SSL Management, domain name brokerage and dispute management and brand security consultation services.