What Is Reverse Domain Name Hijacking — How to Protect Your Domain

Key Takeaways

1. Reverse domain name hijacking is when a trademark owner tries to wrongly claim a domain through legal action like a UDRP complaint.
2. It differs from domain hijacking, where hackers steal domains using technical attacks.
3. Signs include threatening emails, cease-and-desist letters, suspicious login attempts, or a UDRP case filed against you.
4. You can protect your domain by trademarking it, enabling privacy and security features, keeping proof of ownership, renewing it on time, and using it in good faith.

In 2009, Urban Logic, Inc. filed a UDRP case against Urban Logic, Peter Holland for the domain name urbanlogic.com. But before we complete this story, here’s a quick summary of what UDRP means.

UDRP stands for Uniform Domain-Name Dispute Resolution Policy. It’s ICANN’s (Internet Corporation for Assigned Names and Numbers) way of settling domain name disputes between a complainant (the person submitting the claim) and a respondent (the person receiving the claim, usually a registrant). So, whenever registrants or business owners have complaints about a domain name, ICANN can resolve it quickly by checking compliance with UDRP policies.

Now, back to the story.

Prior to this time, Urban Logic Inc. had registered a trademark for the domain name and secured other variants of the .com domain. However, the court ruled in favor of Peter Holland because he acquired the domain eight years before Urban Logic Inc. got trademarked. This is a case of reverse domain name hijacking (RDNH).

In this article, we’ll discuss how reverse domain name hijacking works, the signs, consequences and proactive measures to safeguard your domain name. Let’s get started!

First…

What Is Reverse Domain Name Hijacking (RDNH)?

Reverse domain name hijacking (or reverse cybersquatting) occurs when a trademark owner attempts to hijack a domain name from a registrant using legal means. The trademark owner can either file a lawsuit or a UDRP complaint claiming trademark infringement.

Often, complainants make RDNH attempts after premium domain names, i.e., exact matches or two-word domains with high market value.

How Does It Work?

At first, the complainant contacts the registrant, claiming ownership of the domain name. If the registrant doesn’t comply, the complainant escalates the issue by filing a UDRP complaint or lawsuit alleging that the domain infringes on their trademark.

According to the UDRP laws, a registrant will lose rights to a domain if:

• it was registered and used for malicious purposes;
• it is similar to the complainant’s trademarked name.

Initially, ICANN established these laws to prevent cybersquatters from hijacking a domain. However, the complainant exploits them to bully a domain owner into giving up the domain name — even when the owner has valid rights to use the domain.

If the UDRP panel finds that the complaint was filed in bad faith, it will be denied, and the domain will remain with the actual owner.

Under UDRP policies, a complainant is guilty of reverse domain name hijacking if: 

• the complaint was filed immediately after the complainant trademarked the domain name;
• the domain name was registered before it obtained trademarked rights;
• the complainant is forcefully trying to collect the domain from the actual owner after a failed negotiation;
• the complainant has no substantial proof that the registrant uses the domain in “bad faith;”
• the complainant filed the complaint to harass the domain owner or prevent them from exercising their rights.

Difference Between Domain Hijacking and Reverse Domain Hijacking

Domain hijacking is a process whereby a cybersquatter or hacker gains access to a domain name using illegitimate methods. This can be through:

• phishing scams;
• exploring vulnerabilities in the login process;
• fake DNS records;
• cache poisoning, etc. 

Usually, once the hackers gain access to the domain, they transfer it to a new registrar or change the registrant's account details.

Reverse domain hijacking, on the other hand, is an act in which an individual or company tries to seize a domain name from the rightful owner using legal means. The end goal is to gain rights to the registrant’s domain, either for business or malicious purposes.

Signs of Reverse Domain Name Hijacking

Here are some telltale signs that someone is attempting to reverse-hijack your domain name:

You Notice an Unusual Activity Around Your Domain

The trademark owner may use domain-watching tools, like Whoisology or Domain Tools, to track your domain activity. They may also resort to illegitimate methods, like phishing scams, to hijack your domain account. So, whenever you suspect anything unusual in your domain account, it simply means someone is trying to gain information or access to your domain. For example, getting an attempted login into your registrar account from an unverified location indicates that someone is trying to access your domain account.

You Receive a Warning Email from the Trademark Owner 

This is a common tactic used by RDN hijackers to bully domain owners and make them surrender their domains out of fear. Here, the hijacker sends a threatening email claiming that you’re infringing their trademark. This may come with a cease-and-desist letter demanding that you transfer the domain ownership or face legal actions. Sometimes, they may also request a monetary settlement to avoid filing a formal complaint.

This brings us to the next…

You Receive a Cease and Desist Letter 

A cease and desist letter is a court order sent on behalf of the trademark owner requesting that you stop using a domain name or face legal consequences. 

In this case, you receive a cease and desist letter from the hijacker demanding that you transfer or delete the domain. They may also threaten to file a lawsuit if you refuse. So, once you get a letter insinuating that you take these measures on your domain, it's a red flag.

You Receive an Offer to Buy Your Domain 

Another tactic the hijacker can use is to send unsolicited inquiries about selling your domain name, even when it's not listed for sale. Usually, this is followed by unfavorable terms and conditions for the transaction, like asking you to transfer the domain name before payment or agree to a lowball price. And if you don’t respond, they may follow up with a cease and desist letter to pressure you into giving up the domain name. 

Lastly… 

You Discover a UDRP Claim Has Been Filed Against You 

This goes without saying. The moment you receive a UDRP claim (or lawsuit) filed against your domain name, it’s a clear sign that someone is attempting to reverse-hijack it. The person may accuse you of trademark infringement or claim you use the domain name in bad faith. Once this happens, contact your domain registrar and lawyer immediately.

Consequences of Reverse Domain Name Hijacking

Reverse domain name hijacking has severe consequences for the trademark owner and domain registrant.

For the trademark owner:

If the UDRP panel discovers that the complaint was made with malicious intent, they’ll tag the case as reverse domain name hijacking. This can cause reputational damage, as the proceedings are made public via the UDRP website. Also, countries like the US and Canada permit the registrant to sue the complainant for damages.

For the registrant:

If the registrant is unable to prove domain ownership, the URDP will demand instant domain transfer to the trademark owner. Sometimes, this also requires monetary compensation for damages. When this happens, the registrant incurs financial loss, a tarnished reputation, and, worse, business disruption.

How to Protect Your Domain from Reverse Domain Name Hijacking

Now that you know the signs and consequences of RDNH, here are some proactive measures to prevent falling for this scam:

Trademark Your Domain Name

The most familiar claim RDN hijackers make is trademark infringement. If you fail to trademark your domain name after registering it, you risk losing it based on these claims.

To avoid this, trademark your domain name in your country or internationally – especially if it aligns with your business name. This gives you strong legal grounds to defend your domain name if anyone accuses you of cybersquatting or trademark infringement.

For example, if you own a premium domain name, register it as a trademark with the relevant trademark authorities in your location. Some popular ones are:

• European Union Intellectual Property Office (EUIPO) for users in Europe;
• US Patent and Trademark Office (USPTO) for users in the US;  
• The Canadian Intellectual Property Office (CIPO) for users in Canada. 

Enable Domain Privacy Protection

Before filing a complaint, the trademark holder might contact you to negotiate a sale. This person will most likely get your contact details from the WHOIS database – a public record of all domain name registrants and IP addresses. This directory contains your phone number, email address, and domain expiry date.

Using domain privacy protection is an excellent way to keep your information private on the WHOIS database. This redacts your contact details from the public and prevents people with malicious intent from contacting you.

So, whenever there’s a legal action on your account, for instance, a case of RDNH, PP LLC will be the first point of contact, not you. You can read more about our two-tier privacy and how we help to protect your domain.

Keep Track of All Your Business Activities Online

Another trick these unscrupulous complainants use is to claim that you’re using the domain in “bad faith.” They go as far as digging into your website history on Wayback Machine to find any implicating evidence to strengthen their case.

That said, keep a record of all your domain activities, including evidence of payment for registration and renewals, business correspondence, website updates, and other vital receipts that prove you’ve used the domain in “good faith.” These records can help establish your domain ownership and usage.

Enforce Security Best Practices

This is another proactive approach to safeguard your domain from reverse hijacking attempts. By implementing security best practices, you can reduce the possibility of losing your domain to a reverse cybersquatter. Here are some helpful tips: 

• conduct regular security audits for your domain to identify vulnerabilities that can be exploited;
• use a complex combination for your password and enable two-factor authentication (2FA) to limit access to your account;
• activate domain lock on your domain. This prevents unauthorized alterations or transfer of your domain;
• monitor your DNS record regularly to ensure there are no irregular changes. To protect your DNS records, you can also implement DNSSEC.

Tip: Opt for a domain registrar that offers advanced security features, including the ones listed here. For example, Trustname users can access all these features at no extra cost, including a free SSL certificate, premium DNS, DNSSEC, and two-tier domain privacy protection.

Be on the Lookout for Potential Threats

After registering your domain — especially if you own a premium domain— actively monitor your domain account for threats from (reverse) cybersquatters. Enable notifications on your domain account so that you’ll receive first-hand alerts when anyone tries to access your domain account. Also, check your SPAM box for suspicious emails from trademark owners interested in your domain name. In case you get a cease and desist letter, a lawsuit, or an attempt to coerce you into selling your domain, contact a domain name lawyer immediately.

Use a Generic Domain Name

Next, always use or include a generic term in your domain name. For example, instead of using unique phrases, opt for a general term that describes/includes your product, service, or niche. For example, you can add service-related keywords like bestwidgets.com. This approach makes it less likely for anyone to claim copyright infringement and reduces the risk of reverse domain name hijacking.

Tip: Before you register a domain name, do thorough research to ensure you’re not buying a trademarked name.

Renew Your Domain Name Before It Expires

The easiest way for anyone to acquire your domain is to wait for it to expire and become available on the domain marketplace. Once this happens, the chances of returning it are (very) slim. To avoid this, set up auto-renewal on your domain account to renew your domain before it expires. Or better, register your domain in advance (up to ten years) to prevent it from expiring accidentally.

Use Your Domain in “Good Faith”

Lastly and most importantly, use your domain for the proper purposes. As you’ve read in this piece, RDN hijackers try to find loopholes in your domain history that incriminate you. That said, desist from illegal or unethical activities that may affect you in the long run. If you’re in a sensitive or “gray-area” niche, opt for domain registrars with abuse-friendly policies.

How Trustname Helps to Protect Your Domain From Reverse Hijacking

The success of your online business stems from choosing the right domain name and registrar.

This isn’t a brag, but most of Trustname’s customers rave about our commitment to providing a secure environment for their domains. Because of this, we earned the name: “bullet-proof” registrar.

When you register or transfer your domain name to us, you enjoy free access to all our robust domain management tools and security features such as DNSSEC, SSL certificate, domain lock, 2FA, and many more. Our proprietary two-tier domain privacy protection also adds an extra layer of security to protect you from trademark owners looking to hijack your domain name.

What’s more? If you’re in a sensitive or “grey-area” industry, we have an abuse-proof policy that protects you from abuse reports. Unlike other registrars, we don’t delist or restrict your domain name. Instead, we will only take action on your domain after running checks on your account to prove you’re not doing anything illegal.