If you own a business, you probably also own a website. But what would you do if someone stole it? You probably don’t think this could ever happen to you. Blogger Jordan Reid didn’t think it could happen to her either – but it did.
It started when Reid received a YouTube notification that someone had signed in to her account using a different device. She thought nothing of it at the time. She assumed instead she had just signed in on a mobile device or that her husband had used her account. Then Reid received an email from someone who said they were interested in purchasing her website. Again, she disregarded the notice, this time assuming it was spam.
Someone Stole My Website!
Then a friend of a friend told her he saw a listing for her website, RamshackleGlam, on an auction website. Reid didn’t immediately consider this to be a huge problem either. That is until she discovered that the ownership of her website had actually been transferred to someone else without her knowledge.
In a recent Mashable post, Reid explained why this theft was such a huge deal to her and her business:
“If you have a business that depends on a URL, you understand why this was such upsetting news: With control over my website’s domain name, a hacker would be able to take the site down, or redirect it elsewhere. Further, it was later verified that the hacker had control over all of the site’s content, as well; he could have just rerouted everything I’ve ever written to any location he wanted.”
Getting control of her site back wasn’t as easy as she thought it would be, either. She first tried going through her hosting and domain providers, but her attempts were not successful. She even got in touch with the FBI, since the theft qualified as an international cyber crime issue. The FBI opened an investigation and it is still ongoing.
She eventually got her website back by dealing directly with the seller. She asked the family friend who originally found the listing for her site to get in touch with the seller to negotiate a sale. They reached an agreement, and Reid authorized a wire transfer not knowing for sure whether she would actually get her site back. When she gained control of the site again, she cancelled the payment. And finally the nightmare was over.
So Reid did get her site back within a few days, but not without considerable drama. Of course, she would have preferred to avoid this situation altogether. So she offers some tips for website owners who want to avoid the same thing happening to them.
Reid warns business owners should choose a strong password and change it often. She also recommends using a separate computer, if possible, in case family members accidentally click bad links. Turn off your computer and other devices when not in use. Utilize anti-virus software and purchase CyberRisk insurance.
Your website is likely a very important part of your business. So website theft can be an absolutely devastating blow. It might not seem very likely that this could happen to you. But knowing how to avoid this situation can keep you from losing everything you’ve built online.
Thief Photo via Shutterstock
Aira Bongco
This is scary. It is like there is a possibility that the website that you worked so hard for can be taken from you in an instant. But if you managed to establish your authority. All it takes is a simple announcement that your site is stolen in social media and you can now lead people to your new site.
The simple announcement directing users to a new site is all well and good, but I can imagine it offers little comfort for them losing their authority site (including all the links they built up, SEO, etc), with nothing to prevent it from happening again once a new site goes up.
Annie Pilon
Yes, social media has definitely allowed people to build up networks that you can direct to a new site if necessary. But websites still take so much work to build up, as Ebele mentioned. It would be such a devastating blow to so many business owners to have their main site stolen!
Wow, I didn’t know that could happen – that one’s site could be stolen. But I guess if there are hackers who can do a whole gamut of things, stealing a site is a distinct possibility.
The fact that Reid found it hard to get her site back even when she involved her hosting/domain providers, is worrying. Does that mean they didn’t believe it was her site? Or were their hands tied by something else (protocol, laws, or incompetence)?
Annie Pilon
It is definitely scary! It’s my understanding that they did believe it was her site but wouldn’t/couldn’t do anything about it. She goes a little more into that in the Mashable post linked above.
It’s bewildering that they couldn’t or wouldn’t do anything about it. Makes me wonder the message that that’s sending out to would-be hackers.
Will read the Mashable post. Thanks.
To be clear, if a hacker steals your domain, he immediately has ALL your data, simply by altering the DNS records to point to his server. This just happened to a client of ours – who does not host with us – and fortunately for him, he was able to get it back as well. Due diligence on your part is to have multiple layers of log ins server-wide, and if this isn’t possible change hosting providers! An even more important step is to back up your data regularly – and not on the same server. There is absolutely nothing you can do about lost SEO. Our client? He has now signed up for our back up/restore service – although he still refuses to change his hosting provider 🙂
Annie Pilon
Thanks for all the great tips!
Annie, glad I could help.
Jay
It was whoever built the site in the first place. You can’t just get randomly hacked and jacked like that. If that was the case it would have been stolen again after the cancelled payment right? She was the victim of a bum needing money not internet terrorists…
Jay, I’m sorry to say, but yes you can get randomly hacked/jacked. In our client’s case, the domain registrar was the one to be hacked, losing not only our client’s website but many others. Since we built his site, I can attest 100% that we did not steal it 🙂
Jay
Ok I understand what you are saying John. In my case my domain registrations are 100% secured and insured and no one has access to my DNS info other than me. The last time I was hacked on site I shut down my entire network and simply swapped out a back up copy of my site with updated passwords. For a DNS theft I really don’t know what to say. Based on my setup and provider this info would be very difficult to get to if it’s even possible. I know people on the same network who will try to say they were hacked or make up some excuse to get more money from a client. That’s what I probably should have said my mistake.
Angela
It was a person who worked for me. He is all over Canada using my web sight and working my quoted jobs. I had him in my life for years but it was business. His name is Reid. I will give you What was my website.
It’s good that you use a quality registrar with updated protocols. I see you are also in the minority when it comes to protection in that you back up your data – the vast majority of sites online do not, which could be a very costly decision for them. And sadly you’re right, there are some unscrupulous web services providers out there, one of the reasons I got into this business was to prove that there are more ethical than unethical providers to deal with.
Jay
John I agree. And after talking to quite a few of my colleagues I am finding that this is not too uncommon in general. I literally had no idea. I will definitely be sending people to check this out.
Dejan
That is why you hire a professional to deal with your server and the website. Contracted work of course. The lesson here is, don’t ignore messages concerning your business, don’t share your passwords, have a backup ready, use 2-step validations everywhere. If you don’t know how to protect your investment, hire someone who does.