I have recently (today as a matter of fact) had to deal with an issue that I have NEVER heard of... "Spoofing."

As though SPAM were not enough now we seem to have a new issue to deal with. Everyone knows that you can go to any domain registry and do a "whois" and get all of the information you need to contact the owner of a domain. BUT what I have just learned (the hard way I might add) is that there are people who actually get your information and then try to transfer YOUR domain into THEIR name!

Let me explain. Today I was sitting at my computer working and all of a sudden I received 4 emails from InterNIC asking me to respond to a domain transfer for my http://High-Expectations.com domain. For the life of me I could not figure out WHAT they were talking about. I have been with the same web host since I started my website(s) and have no intention of transferring.

I picked up the phone and called my web host. Nick (whom I speak to all the time) called InterNIC and the problem was taken care of... until about midnight and then all of a sudden I got all of the emails from InterNIC again! So I picked up the phone and called to find out what was going on.

After talking to a wonderful lady at Network Solutions I have learned a new term... "SPOOFING"... what does that mean? Well apparently these thieves not only steal your email addresses but they use them to try and steal your domains. And they don't just try to do it once! The individual who tried to transfer my domain to his ownership did it several times... not once but SEVERAL times all within the last 48 hours.

They use your information, such as your email address to request changes to your domain and web host. Luckily I was able to find someone to help and after about 20 minutes on the phone it seems to have been taken care of (hopefully)... the last email I received (after speaking to the right person) had all of the correct information.

So what is the solution to this problem? One solution I learned about this morning was having your web host use an encrypted password. I now have ALL of my domains encrypted. What does this do? If someone tries to "spoof" my domains again they HAVE to have the password to do it. I am sure that if they are smart enough to steal my address and almost steal my domain then they can hack a password but at least I will sleep a little better tonight knowing that I have done all that I can to prevent them from succeeding!

Take a moment and check with your web host to see if they have some type of security measure in to prevent this type of nightmare from happening. If they don't... ask them why? Also make sure you read your email! If ANYTHING comes in from InterNIC make sure that all of YOUR information is there before you respond. If it isn't then make sure you contact your web host and if necessary InterNIC themselves. DO NOT IGNORE IT!!

In closing I would like to think that the individual who was doing this to my domain will be caught. I am assured they will investigate it BUT the contact email address he was using to steal my domain was a HotMail account and since these accounts are here today and gone tomorrow the chances are slim to none that he will be caught.

Imagine if this happened to one of the bigger companies online. As a Founding Member of IAPO http://www.iaponline.org I honestly believe that if the nonsense doesn't stop soon congress will surely take a second and maybe third look at regulating the Internet.

----------
Beverly Bates is the publisher of BizTalk-Online! Ezine. You can subscribe to BizTalk-Online! by sending an email to mailto:online1@high-expectations.com?subject=subscribe or by visiting: http://www.High-Expectations.com/online/