Domain hijacking is the process by which internet domain names are stolen from the rightful registrant. Domain theft is an aggressive form of domain hijacking that usually involves an illegal act. In most cases, identity theft is used to trick the domain registrar into allowing the hijacker to change the registration information to steal control of a domain from the legitimate owner. – says Wikipedia.
Domain theft or Domain Hijaking, is what we have seen for years. The most surprising fact is, it was never interpreted to be a theft! There were no Rules or Regulations that abide people to Lawful actions under the state.
And the worst part – It’s easy and there are lots of Tutorials on how to do it over the web.
I still wonder, whether the day would come that Internet Corporation for Assigned Names and Numbers (ICANN) would actively control domain name theft. Earlier, ICANN was busy expanding its authority over the Internet while, at the same time, neglecting important duties assigned to it, one of which would be to require registrars to do a better job preventing domain name theft. Sadly, neither the large no. of cases, nor plans to prevent domain name thefts have been successfully implemented in the nearly two years that have passed.
There is still abundant evidence that there are inadequate procedures in place to ward off domain name theft. Web bandits steal domain names by presenting fake requests to domain name registrars, who, upon receiving the request, transfer the domain name registration over to the individual named on the form. Acting quickly, web bandits attempt to sell domain names to unsuspecting third parties. This scam works for two reasons:  some domain names have a definite upward value in the secondary market for domain names, and  many domain name registrars do not have adequate security measures in place to preclude most domain name thefts. What is more, registrars occasionally compound the serious effects of domain name theft by engaging in their own specious advertising that appears to mimic the former practice of long distance telephone service providers who illegally slammed (stole) customers from one company to enroll the customer elsewhere. What is ICANN doing about this? Literally Nothing.
A long pending Case is back in news– The $160,000 domain name P2P.com that was stolen in 2006 by a guy named Daniel Gonclaves (a computer tech from New Jersey). Taking his intentions from a theft to a Big Crime, Gonclaves then sold the domain on eBay for $110,000 to famous basketball player Mark Madsen. Gonclaves claimed he had purchased the domain for $1,500 from its owners Albert and Lesli Angel.
After that, initially, case was dropped, and Now waking again from the ashes – The New Jersey District Attorney and State Police Cybercrimes Unit determined the domain’s theft was an indictable offense and arrested Gonclaves.
Gonclaves was charged with three counts of felony theft: identity, computer, and “theft by unlawful taking or deception.” Each count carries a maximum 10-year prison sentence. Gonclaves posted a $60,000 bond and was freed from police custody, but he faces at least two cases where New Jersey prosecutors seek a felony conviction.
Now ICANN and Government have passed a Better-bill, which awaits final review, thereafter, making Domain Hijacking Domain name a serious Crime.