Many domain names owned by high net worth individuals, family offices and small businesses are left to expire because they are forgotten about, or are no longer needed. Usually, there is not much of a concern letting them expire because it is believed that there is little to no value in maintaining an unused domain name.
What many forget to realize is that expired domain names are valuable to fraudsters and hackers. If a domain name was once used for personal or business reasons, it most likely would have been used to communicate, via email, with colleagues, vendors, and other business partners. All that a fraudster or hacker needs to do is register the expired domain name, set up an email server and wait for email to flow in.
This poses an enormous problem that most haven’t considered. A fraudster or hacker could potentially see the emails that many of these individuals, family offices or businesses once received. Many of those emails may be innocuous, but others could contain extremely sensitive content. Having access to these domains and the emails could increase the chance of attacks against their former owners. Attack types can range from extortion, to gaining access to websites that host sensitive content, or even financial information and accounts.