• This field is for validation purposes and should be left unchanged.

Crimes Against Websites: The Case of the Domain Disappearance

Posted on October 26, 2018

The story you are about to read is (somewhat) true, but the names have been changed to protect the privacy of the websites involved.

It was a quiet weekday morning in our agency office, just like any other. We were settling into our emails when suddenly, the phone rang. It was one of our clients, and their website had vanished sometime during the night.

In panicked tones, they explained that their website had last seen been the night before, as they checked a few emails before leaving the office around 6pm. But when they arrived at work this morning, their site was simply gone, no matter how many times they refreshed the page. The homepage was so unrecognizable that the site could only be identified by its URL.

Immediately we knew what we were dealing with: The client’s domain name had expired, and they had to get it back. At any moment, some unscrupulous person could snatch it up to hold it for ransom. More than 12 hours had passed before the client reported it missing, and time was running out. We knew we had to act fast.

We needed to retrace the website’s last steps – had there been signs that this would happen? Someone in the company should have received warnings that the expiration date was near – perhaps that person held the clues we needed to reclaim that domain, before it was too late. So who in the company had the login and registration information for the domain name?

We instructed the client’s search party to comb through their emails for clues, but the staff were in a strange disagreement about which one of them had been responsible for the domain name and it’s renewal. It had been a year, and everyone’s memory was fuzzy.

The marketing director pointed at the CEO, asserting that they would have made the initial purchase and then received all subsequent notices about the domain’s status. However, the CEO claimed to have no recollection of this – they recalled approving the final name, but they would have relegated the responsibility for managing the domain to the marketing director. We were troubled by the inconsistencies in their stories, however, a thorough search of both email accounts failed to produce any evidence that either one had prior knowledge of the impending expiration.

But when the staff expanded the search, what they did find was curious: A renewal notice email, sent to the company’s generic info@company.com email address, 12 days before the website’s disappearance. When we asked who was responsible for checking that email account, the clients went silent.

This seemed suspicious. Was it a simple oversight? Or was there something more sinister at play?

We pressed them again – if this was the right email account, who would have used it to create the login info for the domain? No answer.

Finally, the administrative assistant spoke up – what if the original message had been deleted by accident? They quickly searched through the trash, and there it was: The missing username and password needed to reclaim the domain.

Finally equipped with the necessary information, we swiftly returned the website to it’s rightful domain, and the business resumed its normal online operations. The client’s domain was safe for another year.

To this day, the person responsible for checking the company’s info@company.com email account has never been identified.

Do you have a tip about an endangered website? Or do you need any assistance with managing your domain, or with web hosting in general? Help is available. Call Torx at (804) 577-8679 or contact us through the form below.