Understanding the Risk

Letting a domain name expire can cause significant reputational damage to your business as they are often picked up by cyber criminals who aim to pose as you and defraud your customers, employees and even your suppliers.

The risk varies depending on the actual use of the domain name.  The Australian Cyber Security Centre recently wrote on the follies of abandoning domain names so we thought that we’d share our expert advise on the matter.

Using a Red Amber Green (RAG) analysis we have outlined the severity of risk of expiring domain names, based on the domain names history and use:

  • Red Domain names should under no circumstances be expired because in the wrong hands can cause significant damage to your business (competitors, cyber-criminals etc).
  • Orange Domain names represent some reputational risk if expired, but would not impact your core business.
  • Green Domain name are unlikely to damage your business if expired, but caution is still recommended and consequences understood.

Domain Name Expiry Business Risks – RAG

Domain Name Type Expiry Operational Risks Expiry Business Risks
 core business domains
  •  Operational black-out: website.
  •  Applications and email go down.
  •  All e-commerce ceases.
  •  Email business authentication go down.
  •  All sub-domains go down.
  •  If renewed could take 24 – 72 hrs to  restore services.
  • Major security threat.
  • Domain name could be renewed by competitor denying or delaying your use.
  • Domain name could be renewed by cyber-criminals.
  • Access to critical systems and data.
  • Access to confidential information.
  • Loss of customers.
  • Loss of revenue.
  • Loss of reputation / trust.
 branded parked domains
  • Major security threat: branded domain names can be used to trick customers
  • Historic domain names, whether the brand is currently in use or not, should always be renewed
  • Domain name could be renewed by competitor.
  • Domain name could be renewed by cyber-criminal.
  • Loss of customers.
  • Loss of revenue.
  • Loss of reputation / trust.
product domain names
  • All related services go down (email, ecommerce)
  • average security threat.
  • Domain name could be renewed by competitor.
  • Domain name could be renewed by cyber-criminal.
  • Loss of traffic.
unbranded parked domains
  • Minor security threat if never used in any way.
  • Ensure no services exist
  • Competitors may register to deny your future use.

Expiring domain names from mergers and acquisitions

Abandoning your domains from acquired companies is a risky business.  It is important to have a full understanding of the historic use of the domain name, any residual services that may still be associated with the domain name and also the traffic the brand may generate.

Normally we see M&A acquired domain name portfolio rationalised several year after the consolidation project and in one extreme example, an expired domain name for a large lender contained DNS records that when expired brought down some important internal services functions for the subsidiary brand.

Check out our article on domain names in mergers and acquisitions to find out more about this topic.

A summary of the general risks of expiring domain names

  • The website goes down as well as all client portals and your customers ability to transact or do business with you online.
  • All associated email goes down that stops your staff’s ability to communicate internally or externally.
  • All online services and applications associated with the domain name go offline.
  • All DNS records cease to function.
  • Even if renewed, services could take 24 – 72 hours to reboot depending on the DNS TTL and other technical factors.
  • If a competitor picks up the domain name, they could either attempt to keep it or delay its return in order to hurt your competitive position.
  • If a cybersquatter picks up the domain name, they could try to sell it to you for an inflated price.
  • If a cybercriminal picks up the domain name, they could try to intercept all associated company emails and steal confidential company or client information.  They could also try to de-fraud your customers.

Once you lose control of a domain name, it can be difficult to get it back – especially if the new registrant is eligible to hold it.  So the best advice for domain name managers is to err on the side of caution and hang on to your domain names.

We also recommend a domain name management service, when all domain names are automatically renewed that takes the risk of important domain names expiring.

About brandsec

Brandsec is a corporate domain name management and brand protection company that look after many of Australia, New Zealand and Asia’s top publicly listed brands.  We provide monitoring and enforcement services, DNS, SSL Management, domain name brokerage and dispute management and brand security consultation services.

Contact us today for a free consultation.




Contact Us

Contact us today and we will endeavour to answer your query as soon as possible

Send us a Message

1 Step 1

Contact Information

Go to Top