Domain Risks
      Back to home
      1. Knowledge Base
      2. Service, Domain, and Certificate Risks
      3. Domain Risks

      KYND Domain discovery and domains related risks

      How KYND finds, connects and adds domains to your organisation profile.

      An Internet Domain is a part of the Internet that an organisation or individual has registered for itself to use. An example would be mycompany.com or mycompany.co.uk. Organisations or individuals never permanently own a particular domain name. They are registered for a period of time and the registration has to be renewed at regular intervals.

      Our Domain Discovery process begins by examining the registration details of the seed domain (or domains) provided for your organisation and then connecting other domains that have been registered using similar details.

      We use historical WHOIS databases to identify additional domains registered by the same organisation or the same people within the organisation. We intentionally cast a wide net to give you the most information possible. 

      If you find a domain has been registered to an individual's email address, KYND advises that you update the email to a non-individual email (such as NetworkAdmin@mycompany.com)to prevent loss of control over the domains and online operations of the business. This is because c and individuals tend to be more prone to social engineering cyber attacks.

      Where the domain's registrant details have been kept private, we recommend verifying if the contact email in the registration record is owned by the company (i.e. @mycompany.com rather than @hotmail.com).

      These actions make sure that the company has control over any maintenance and payments for that domain (i.e. information won’t be shared with a person who is no longer contracted by the company). This also prevents accidentally losing the domain if updates aren’t directed to the company, or payment by an individual fails. It also prevents critical emails, updates, alerts and information sent by the registrar being sent to absent or ex-employees

      New or parked domains registered to your organisation can also be a key target for cyber criminals, who can use them to send spoof emails or as opportunities for attacks but you can prevent it by setting SPF and DMARC on for no-sending domains. Find out more about SPF & DMARC here