Why letting your unused domain names expire can be risky

From time to time I have had clients inadvertently forget or fail to renew their domain name(s).

After some encouragement, the client renews and all is well. It is important to keep on top of maintaining your domain name(s) even if you no longer have them in active use.

Here is a timely post from AUDA (.au domain administration) on the subject of expiring domain names. Worth a read and food for thought.


If you’re running a business, you might find that you hold domain names you no longer need –  perhaps due to a re-brand, restructure or changes to your product.

While it may be tempting to save a few dollars and just let the names expire, doing so can pose a risk to your business.

What’s the risk of letting your names expire?

Expired domain names can pose reputational and information security risks to your business – this goes for all domain names you’ve registered, not just your .au ones.

Once a domain name expires and is purged from the registry, it can be registered on a first-come, first served basis to any registrant who meets the relevant eligibility criteria.

A new registrant of your abandoned name could potentially use that domain name to pose as your company, aiming to defraud your customers and putting your reputation at serious risk.

However, the more complex risk is a new registrant using your abandoned domain name to access private information about you, your company or its customers.

Chances are if you’ve used a domain name for your business, you and your employees have used email addresses tied to that domain name to communicate with customers, banks, utilities, government agencies and set up accounts with the various online services you needed to operate your business.

The registrant of that domain name can intercept information sent to email accounts attached to that old domain name, potentially giving them access to extremely sensitive information.

(Read this blog post from Iron Bastion for more on the risks of abandoning your domains).

Once you lose control of a domain name, it can be difficult to get it back – especially if the new registrant is eligible to hold it.

What can you do to minimise the risk?

Renewing your domains, even if you’re not actively using them, is the best way to manage this risk. You’re probably thinking “Of course auDA would say that” but it’s the safest way to ensure that the registrant of a domain name you no longer use has your best interests at heart.

How long you maintain a domain name will depend on the circumstances of your business and your assessment of the risk – the ACSC recommends you renew your old domain names indefinitely.

While you don’t have to actively ‘use’ a .au domain you’ve registered (although you do need to remain eligible to hold it), we’d recommend you take the kind of active approach to managing your old names just as you would your current domain names.

Moving a business to a new phase can be exciting, don’t put your hard work at risk by letting an unused domain name fall into the wrong hands


Here is the link to the original page:

Why letting your unused domain names expire can be risky