Home / Blogs

Beware of Abandoned Domain Names in this Turbulent Time and as the Global Economy Changes

The outbreak of COVID-19 has caused worldwide disruption—for whole nations and their economies. Unfortunately, there will be some side effects for businesses.

  • A number of brands will disappear from the streets and shelves, as businesses that fail to weather the storm will have to fold.
  • Companies that do survive will likely focus more on their core markets, pulling brands out of higher risk, less profitable markets.
  • As vulnerable businesses look to stay afloat, and stable brands look for a bargain, there’ll likely be an increase in mergers and acquisitions.

It’s with this retraction or convergence of brands where cyber criminals will take advantage. An unfortunate truth is that, whenever disaster hits, cyber criminals are ready to capitalize on the emerging crisis to make fast money, and COVID-19 is no exception.

There is much evidence suggesting an increase in cyberattacks during the COVID-19 pandemic—and the method of particular concern for folding, contracting, or merging brands is that of abandoned domain names.

The reason for this is that abandoned corporate domain names carry a footprint of digital activity that can be leveraged as an attack vector. The domain name, together with its domain name system (DNS), are the foundation of any business and brand, enabling websites, email, virtual private network (VPN) access, and possibly even voice-over IP. Herein lies the risk.

According to a recent article published by CSO Online, researchers attempted to understand the impact of letting an old domain expire by re-registering merged or acquired companies’ expired domains and setting up email servers. Soon after doing so, the researchers began receiving an influx of emails, including confidential information like bank correspondences, invoices, sensitive legal documents, and LinkedIn® updates.

This shows that, without actually hacking into a company’s systems, a re-registered domain name not only gives the new registrant instant access to emails, but also the ability to reset passwords to accounts—including management or financial portals, databases, and social media. This can expose a business to phishing attacks, data leaks, social engineering, and more.

It’s also possible to reinstate an old web shop to take new orders and payments without actually fulfilling them, and take over email marketing accounts to conduct phishing campaigns. Many users reuse old passwords, and just one compromised account can lead to further breaches on other accounts.

So what’s the solution for brands in a state of change following COVID-19? How do you protect the assets of a brand axed due to budget cuts, or those of a company just acquired? Companies face a dilemma—do they retain and renew every single domain name just to be safe, or downsize their portfolio at a time when budgets are tight?

The first option of retaining or renewing every domain may seem like the safest option, but doesn’t help you fulfill the directive to reduce your budget. CSC’s holistic, four-step digital optimization framework is designed to review a client’s digital assets, including auditing (so you know what you own), and rationalizing the domain name portfolio for better management and return on investment.

Undertaking digital optimization alone is a challenge with which many companies struggle. In the case of a merger or acquisition, this challenge is compounded when different departments take over existing accounts, or employees leave the company, taking their knowledge (and passwords) with them. When a company isn’t aware of the full extent of its digital footprint, it risks abandoning the domains that matter, and therefore increases the risk of cyberattacks.

CSC’s methodology makes the whole process easier, and enables us to overcome one of the biggest challenges: identifying the most vital domains a company owns. CSC Security Center®—our proprietary tool based on advanced algorithms—helps identify the most vital domains, removing the guesswork from the process, and ensures that critical domains and those with a digital footprint are never abandoned.

Our digital optimization approach looks at a client’s trademark rights, the markets in which they operate, and even goes as far as to consider the ability to recover domains from third parties.

By Ken Linscott, Product Director, Domains and Security at CSC

Filed Under


I always thought it was prudent to Todd Knarr  –  Jul 19, 2020 7:11 PM

I always thought it was prudent to build in a buffer for abandoning a domain name. When registering, pay 2 years extra in advance for domain registration and DNS service and maintain that 2-year buffer so that when you decide to abandon the domain you have 2 years control of it at no cost. Use the first year to redirect Web sites and email to the correct domain. Then, for the last year, don’t just continue to redirect. Remove all records except those for email so Web sites get an explicit NXDOMAIN error, and send email to a system that rejects all attempts as undeliverable to alert users to the situation. By the time that last year’s up you should be able to be pretty confident nobody will be mistakenly going to the abandoned domain anymore.

Thanks for your comments Todd. Yes, building Ken Linscott  –  Jul 21, 2020 4:51 PM

Thanks for your comments Todd. Yes, building in some sort of buffer might be advisable particularly in the case of campaign URLs. When you buy a previously owned domain name there is nothing to stop you doing anything you want with it and some queries will persist from its history, NXD being one of them. So it is about minimizing this risk and balancing that with the cost to maintain. I agree that you would expect to see the digital footprint fade over time if not in use.

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet



IPv4 Markets

Sponsored byIPv4.Global


Sponsored byVerisign

Brand Protection

Sponsored byCSC

New TLDs

Sponsored byRadix

Domain Names

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API


Sponsored byDNIB.com